Explore the Secrets of SAP Digital Access Licensing

  • Buy Link or Shortcode: {j2store}143|cart{/j2store}
  • member rating overall impact: N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: Licensing
  • Parent Category Link: /licensing
  • SAP’s licensing rules surrounding use and indirect access are vague, making it extremely difficult to purchase with confidence and remain compliant.
  • SAP has released nine document-type licenses that can be used in digital access licensing scenarios, but this model has its own challenges.
  • Whether you decide to remain “as is” or proactively change licensing over to the document model, either option can be costly and confusing.
  • Indirect static read can be a cause of noncompliance when data is exported but the processing capability of SAP ERP is used in real time.

Our Advice

Critical Insight

  • Examine all indirect access possibilities. Understanding how in-house or third-party applications may be accessing and utilizing the SAP digital core is critical to be able to correctly address issues.
  • Know what’s in your contract. Each customer agreement is different, and older agreements may provide both benefits and challenges when evaluating your SAP license position.
  • Understand the intricacies of document licensing. While it may seem digital access licensing will solve compliance concerns, there are still questions to address and challenges SAP must resolve.

Impact and Result

  • Conduct an internal analysis to examine where digital access licensing may be needed to mitigate risk, as SAP will be speaking with all customers in due course. Indirect access can be a costly audit settlement.
  • Conduct an analysis to remove inactive and duplicate users, as multiple logins may exist and could end up costing the organization license fees when audited.
  • Adopt a cyclical approach to reviewing your SAP licensing and create a reference document to track your software needs, planned licensing, and purchase negotiation points.
  • Learn the SAP way of conducting business, which includes a best-in-class sales structure and unique contracts and license use policies, combined with a hyper-aggressive compliance function. Conducting business with SAP is not a typical vendor experience, and you will need different tools to emerge successfully from a commercial transaction.

Explore the Secrets of SAP Digital Access Licensing Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to find out why you need to understand and document your SAP digital access licensing strategy, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Understand, assess, and decide on digital access licensing

Begin your SAP digital access licensing journey by evaluating licensing changes and options, and then make contractual changes to ensure compliance.

  • Explore the Secrets of SAP Digital Access Licensing – Phase 1: Understand, Assess, and Decide on Digital Access Licensing
  • SAP License Summary and Analysis Tool
  • SAP Digital Access Licensing Pricing Tool
[infographic]

Network Segmentation

  • Buy Link or Shortcode: {j2store}503|cart{/j2store}
  • member rating overall impact: N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: Network Management
  • Parent Category Link: /network-management
  • Many legacy networks were built for full connectivity and overlooked potential security ramifications.
  • Malware, ransomware, and bad actors are proliferating. It is not a matter of if you will be compromised but how can the damage be minimized.
  • Cyber insurance will detective control, not a preventative one. Prerequisite audits will look for appropriate segmentation.

Our Advice

Critical Insight

  • Lateral movement amplifies damage. Contain movement within the network through segmentation.
  • Good segmentation is a balance between security and manageability. If solutions are too complex, they won’t be updated or maintained.
  • Network services and users change over time, so must your segmentation strategy. Networks are not static; your segmentation must maintain pace.

Impact and Result

  • Create a common understanding of what is to be built, for whom, and why.
  • Define what services will be offered and how they will be governed.
  • Understand which assets that you already have can jump start the project.

Network Segmentation Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Network Segmentation Deck – A deck to help you minimize risk by controlling traffic flows within the network.

Map out appropriate network segmentation to minimize risk in your network.

  • Network Segmentation Storyboard
[infographic]

Further reading

Network Segmentation

Protect your network by controlling the conversations within it.

Executive Summary

Info-Tech Insight

Lateral movement amplifies damage

From a security perspective, bad actors often use the tactic of “land and expand.” Once a network is breached, if east/west or lateral movement is not restricted, an attacker can spread quickly within a network from a small compromise.

Good segmentation is a balance between security and manageability

The ease of management in a network is usually inversely proportional to the amount of segmentation in that network. Highly segmented networks have a lot of potential complications and management overhead. In practice, this often leads to administrators being confused or implementing shortcuts that circumvent the very security that was intended with the segmentation in the first place.

Network services and users change over time, so must your segmentation strategy

Network segmentation projects should not be viewed as singular or “one and done.” Services and users on a network are constantly evolving; the network segmentation strategy must adapt with these changes. Be sure to monitor and audit segmentation deployments and change or update them as required to maintain a proper risk posture.

Executive Summary

Your Challenge

Common Obstacles

Info-Tech’s Approach

Networks are meant to facilitate communication, and when devices on a network cannot communicate, it is generally seen as an issue. The simplest answer to this is to design flat, permissive networks. With the proliferation of malware, ransomware, and advanced persistent threats (ATPs) a flat or permissive network is an invitation for bad actors to deliver more damage at an increased pace.

Cyber insurance may be viewed as a simpler mitigation than network reconfiguration or redesign, but this is not a preventative solution, and the audits done before policies are issued will flag flat networks as a concern.

Network segmentation is not a “bolt on” fix. To properly implement a minimum viable product for segmentation you must, at a minimum:

  • Understand the endpoints and their appropriate traffic flows.
  • Understand the technologies available to implement segmentation.

Implementing appropriate segmentation often involves elements of (if not a full) network redesign.

To ensure the best results in a timely fashion, Info-Tech recommends a methodology that consists of:

  • Understand the network (or subset thereof) and prioritizing segmentation based on risk.
  • Align the appropriate segmentation methodology for each surfaced segment to be addressed.
  • Monitor the segmented environment for compliance and design efficacy, adding to and modifying existing as required.

Info-Tech Insight

The aim of networking is communication, but unfettered communication can be a liability. Appropriate segmentation in networks, blocking communications where they are not required or desired, restricts lateral movement within the network, allowing for better risk mitigation and management.

Network segmentation

Compartmentalization of risk:

Segmentation is the practice of compartmentalizing network traffic for the purposes of mitigating or reducing risk. Segmentation methodologies can generally be grouped into three broad categories:

1. Physical Segmentation

The most common implementation of physical segmentation is to build parallel networks with separate hardware for each network segment. This is sometimes referred to as “air gapping.”

2. Static Virtual Segmentation

Static virtual segmentation is the configuration practice of using technologies such as virtual LANs (VLANs) to assign ports or connections statically to a network segment.

3. Dynamic Virtual Segmentation

Dynamic virtual segmentation assigns a connection to a network segment based on the device or user of the connection. This can be done through such means as software defined networking (SDN), 802.1x, or traffic inspection and profiling.

Common triggers for network segmentation projects

1. Remediate Audit Findings

Many security audits (potentially required for or affecting premiums of cyber insurance) will highlight the potential issues of non-segmented networks.

2. Protect Vulnerable Technology Assets

Whether separating IT and OT or segmenting off IoT/IIoT devices, keeping vulnerable assets separated from potential attack vectors is good practice.

3. Minimize Potential for Lateral Movement

Any organization that has experienced a cyber attack will realize the value in segmenting the network to slow a bad actor’s movement through technology assets.

How do you execute on network segmentation?

The image contains a screenshot of the network segmentation process. The process includes: identify risk, design segmentation, and operate and optimize.

Identify risks by understanding access across the network

Gain visibility

Create policy

Prioritize change

"Security, after all, is a risk business. As companies don't secure everything, everywhere, security resilience allows them to focus their security resources on the pieces of the business that add the most value to an organization, and ensure that value is protected."

– Helen Patton,

CISO, Cisco Security Business Group, qtd. In PR News, 2022

Discover the data flows within the network. This should include all users on the network and the environments they are required to access as well as access across environments.

Examine the discovered flows and define how they should be treated.

Change takes time. Use a risk assessment to prioritize changes within the network architecture.

Understand the network space

A space is made up of both services and users.

Before starting to consider segmentation solutions, define whether this exercise is aimed at addressing segmentation globally or at a local level. Not all use cases are global and many can be addressed locally.

When examining a network space for potential segmentation we must include:

  • Services offered on the network
  • Users of the network

To keep the space a consumable size, both of these areas should be approached in the abstract. To abstract, users and services should be logically grouped and generalized.

Groupings in the users and services categories may be different across organizations, but the common thread will be to contain the amount of groupings to a manageable size.

Service Groupings

  • Are the applications all components of a larger service or environment?
  • Do the applications serve data of a similar sensitivity?
  • Are there services that feed data and don’t interact with users (IoT, OT, sensors)?

User Groupings

  • Do users have similar security profiles?
  • Do users use a similar set of applications?
  • Are users in the same area of your organization chart?
  • Have you considered access by external parties?

Info-Tech Insight

The more granular you are in the definition of the network space, the more granular you can be in your segmentation. The unfortunate corollary to this is that the difficulty of managing your end solution grows with the granularity of your segmentation.

Create appropriate policy

Understand which assets to protect and how.

Context is key in your ability to create appropriate policy. Building on the definition of the network space that has been created, context in the form of the appropriateness of communications across the space and the vulnerabilities of items within the space can be layered on.

To decide where and how segmentation might be appropriate, we must first examine the needs of communication on the network and their associated risk. Once defined, we can assess how permissive or restrictive we should be with that communication.

The minimum viable product for this exercise is to define the communication channel possibilities, then designate each possibility as one of the following:

  • Permissive – we should freely allow this traffic
  • Restricted – we should allow some of the traffic and/or control it
  • Rejected – we should not allow this traffic

Appropriate Communications

  • Should a particular group of users have access to a given service?
  • Are there external users involved in any grouping?

Potential Vulnerabilities

  • Are the systems in question continually patched/updated?
  • Are the services exposed designed with the appropriate security?

Prioritize the potential segmentation

Use risk as a guide to prioritize segmentation.

For most organizations, the primary reason for network segmentation is to improve security posture. It follows that the prioritization of initiatives and/or projects to implement segmentation should be based on risk.

When examining risk, an organization needs to consider both:

  • Impact and likelihood of visibility risk in respect to any given asset, data, or user
  • The organization’s level of risk tolerance

The assets or users that are associated with risk levels higher than the tolerance of the organization should be prioritized to be addressed.

Service Risks

  • If this service was affected by an adverse event, what would the impact on the organization be?

User Risks

  • Are the users in question FTEs as opposed to contractors or outsourced resources?
  • Is a particular user group more susceptible to compromise than others?

Info-Tech Insight

Be sure to keep this exercise relative so that a clear ranking occurs. If it turns out that everything is a priority, then nothing is a priority. When ranking things relative to others in the exercise, we ensure clear “winners” and “losers.”

Assess risk and prioritize action

1-3 hours

  1. Define a list of users and services that define the network space to be addressed. If the lists are too long, use an exercise like affinity diagramming to appropriately group them into a smaller subset.
  2. Create a matrix from the lists (put users and services along the rows and columns). In the intersecting points, label how the traffic should be treated (e.g. Permissive, Restricted, Rejected).
  3. Examine the matrix and assess the intersections for risk using the lens of impact and likelihood of an adverse event. Label the intersections for risk level with one of green (low impact/likelihood), yellow (medium impact/likelihood), or red (high impact/likelihood).
  4. Find commonalities within the medium/high areas and list the users or services as priorities to be addressed.
Input Output
  • Network, application, and security documentation
  • A prioritized list of areas to address with segmentation
Materials Participants
  • Whiteboard/Flip Charts

OR

  • Excel spreadsheet
  • Network Team
  • Application Team
  • Security Team
  • Data Team

Design segmentation

Segmentation comes in many flavors; decide which is right for the specific circumstance.

Methodology

Access control

"Learning to choose is hard. Learning to choose well is harder. And learning to choose well in a world of unlimited possibilities is harder still, perhaps too hard."

― Barry Schwartz, The Paradox of Choice: Why More Is Less

What is the best method to segment the particular user group, service, or environment in question?

How can data or user access move safely and securely between network segments?

Decide on which methods work for your circumstances

You always have options…

There are multiple lenses to look through when making the decision of what the correct segmentation method might be for any given user group or service. A potential subset could include:

  • Effort to deploy
  • Cost of the solution
  • Skills required to operate
  • Granularity of the segmentation
  • Adaptability of the solution
  • Level of automation in the solution

Info-Tech Insight

Network segmentation within an organization is rarely a one-size-fits-all proposition. Be sure to look at each situation that has been identified to need segmentation and align it with an appropriate solution. The overall number of solutions deployed has to maintain a balance between that appropriateness and the effort to manage multiple environments.

Framework to examine segmentation methods

To assess we need to understand.

To assess when technologies or methodologies are appropriate for a segmentation use case, we need to understand what those options are. We will be examining potential segmentation methods and concepts within the following framework:

WHAT

A description of the segmentation technology, method, or concept.

WHY

Why would this be used over other choices and/or in what circumstances?

HOW

A high-level overview of how this option could or would be deployed.

Notional assessments will be displayed in a sidebar to give an idea of Effort, Cost, Skills, Granularity, Adaptability, and Automation.

Implement

Notional level of effort to implement on a standard network
Cost

Relative cost of implementing this segmentation strategy
Maintain

Notional level of time and skills needed to maintain
Granularity

How granular this type of segmentation is in general
Adaptability

The ability of the solution to be easily modified or changed
Automation

The level of automation inherent in the solution

Air gap

… And never the twain shall meet.

– Rudyard Kipling, “The Ballad of East and West.”

WHAT

Air gapping is a strategy to protect portions of a network by segmenting those portions and running them on completely separate hardware from the primary network. In an air gap scenario, the segmented network cannot have connectivity to outside networks. This difference makes air gapping a very specific implementation of parallel networks (which are still segmented and run on separate hardware but can be connected through a control point).

WHY

Air gap is a traditional choice when environments need to be very secure. Examples where air gaps exist(ed) are:

  • Operational technology (OT) networks
  • Military networks
  • Critical infrastructure

HOW

Most networks are not overprovisioned to a level that physical segmentation can be done without purchasing new equipment. The major steps required for constructing an air gap include:

  • Design segmentation
  • Purchase and install new hardware
  • Cable to new hardware

The image contains a screenshot that demonstrates pie graphs with the notional assessments: Effort, Cost, Skills, Granularity, and Automation.

Info-Tech Insight

An air gapped network is the ultimate in segmentation and security … as long as the network does not require connectivity. It is unfortunately rare in today’s world that a network will stand on its own without any need for external connectivity.

VLAN

Do what you can, with what you’ve got…

– Theodore Roosevelt

WHAT

Virtual local area networks (VLANs) are a standard feature on today’s firewalls, routers, and manageable switches. This configuration option allows for network traffic to be segmented into separate virtual networks (broadcast domains) on existing hardware. This segmentation is done at layer 2 of the OSI model. All traffic will share the same hardware but be partitioned based on “tags” that the local device applies to the traffic. Because of these tags, traffic is handled separately at layer 2 of the OSI model, but traffic can pass between segments at layer 3 (e.g. IP layer).

WHY

VLANs are commonly used because most existing deployments already have the technology available without extra licensing. VLANs are also potentially used as foundational components in more complex segmentation strategies such as static or dynamic overlays.

HOW

VLANs allow for segmentation of a device at the port level. VLAN strategies are generally on a location level (e.g. most VLAN deployments are local to a site, though the same structure may be used among sites). To deploy VLANs you must:

  • Define VLAN segments
  • Assign ports appropriately

The image contains a screenshot that demonstrates pie graphs with the notional assessments: Effort, Cost, Skills, Granularity, and Automation.

Info-Tech Insight

VLANs are tried and true segmentation workhorses. The fact that they are already included in modern manageable solutions means that there is very little reason to not have some level of segmentation within a network.

Micro-segmentation

Everyone is against micromanaging, but macro managing means you’re working on the big picture but don’t understand the details.

– Henry Mintzberg

WHAT

Micro-segmentation is used to secure and control network traffic between workloads. This is a foundational technology when implementing zero trust or least-privileged access network designs. Segmentation is done at or directly adjacent to the workload (on the system or its direct network connectivity) through firewall or similar policy controls. The controls are set to only allow the network communication required to execute the workload and is limited to appropriate endpoints. This restrictive design restricts all traffic (including east-west) and reduces the attack surface.

WHY

Micro-segmentation is primarily used:

  • In server-to-server communication.
  • When lateral movement by bad actors is identified as a concern.

HOW

Micro-segmentation can be deployed at different places within the connectivity depending on the technologies used:

  • Workload/server (e.g. server firewall)
  • VM network overlay (e.g. VMware NSX)
  • Network port (e.g. ACL, firewall, ACI)
  • Cloud native (e.g. Azure Firewall)

Info-Tech Insight

Micro-segmentation is necessary in the data center to limit lateral movement. Just be sure to be thorough in defining required communication as this technology works on allowlists, not traditional blocklists.

Static overlay

Adaptability is key.

– Marc Andreessen

WHAT

Static overlays are a form of virtual segmentation that allows multiple network segments to exist on the same device. Most of these solutions will also allow for these segments to expand across multiple devices or sites, creating overlay virtual networks on top of the existing physical networks. The static nature of the solution is because the ports that participate in the overlays are statically assigned and configured. Connectivity between devices and sites is done through encapsulation and may have a dynamic component of the control plane handled through routing protocols.

WHY

Static overlays are commonly deployed when the need is to segment different use cases or areas of the organization consistently across sites while allowing easy access within the segments between sites. This could be representative of segmenting a department like Finance or extending a layer 2 segment across data centers.

HOW

Static overlays are can segment and potentially extend a layer 2 or layer 3 network. These solutions could be executed with technologies such as:

  • VXLAN (Virtual eXtensible LAN)
  • MPLS (Multi Protocol Label Switching)
  • VRF (Virtual Routing & Forwarding)

The image contains a screenshot that demonstrates pie graphs with the notional assessments: Effort, Cost, Skills, Granularity, and Automation.

Info-Tech Insight

Static overlays are commonly deployed by telecommunications providers when building out their service offerings due to the multitenancy requirements of the network.

Dynamic overlay

Never tell people how to do things. Tell them what to do and they will surprise you with their ingenuity.

– George S. Patton

WHAT

A dynamic overlay segmentation solution has the ability to make security or traffic decisions based on policy. Rather than designing and hardcoding the network architecture, the policy is architected and the network makes decisions based on that policy. Differing levels of control exist in this space, but the underlying commonality is that the segmentation would be considered “software defined” (SDN).

WHY

Dynamic overlay solutions provide the most flexibility of the presented solutions. Some use cases such as BYOD or IoT devices may not be easily identified or controlled through static means. As a general rule of thumb, the less static the network is, the more dynamic your segmentation solution must be.

HOW

Policy is generally applied at the network ingress. When applying policy, which policy to be applied can be identified through different methodologies such as:

  • Authentication (e.g. 802.1x)
  • Device agents
  • Device profiling

The image contains a screenshot that demonstrates pie graphs with the notional assessments: Effort, Cost, Skills, Granularity, and Automation.

Info-Tech Insight

Dynamic overlays allow for more flexibility through its policy-based configurations. These solutions can provide the highest value when positioned where we have less control of the points within a network (e.g. BYOD scenarios).

Define how your segments will communicate

No segment is an island…

Network segmentation allows for protection of devices, users, or data through the act of separating the physical or virtual networks they are on. Counter to this protective stance, especially in today’s networks, these devices, users, or data tend to need to interact with each other outside of the neat lines we draw for them. Proper network segmentation has to allow for the transfer of assets between networks in a safe and secure manner.

Info-Tech Insight

The solutions used to facilitate the controlled communication between segments has to consider the friction to the users. If too much friction is introduced, people will try to find a way around the controls, potentially negating the security that is intended with the solution.

Potential access methods

A ship in harbor is safe, but that is not what ships are built for.

– John A. Shedd

Firewall

Two-way controlled communication

Firewalls are tried and true control points used to join networks. This solution will allow, at minimum, port-level control with some potential for deeper inspection and control beyond that.

  • Traditionally firewalls are sized to handle internet-bound (North-South) traffic. When being used between segments, (East-West) loads are usually much higher, necessitating a more powerful device.

Jump Box

A place between worlds

Also sometimes referred to as a “Bastion Host,” a jump box is a special-purpose computer/server that has been hardened and resides on multiple segments of a network. Administrators or users can log into this box and use it to securely use the tools installed to act on other segments of the network.
  • Jump box security is of utmost importance. Special care should be taken in hardening, configuration, and application installed to ensure that users cannot use the box to tunnel or traverse between the segments outside of well-defined and controlled circumstances.

Protocol Gateway

Command-level control

A protocol gateway is a specific and special subset of a firewall. Whereas a firewall is a security generalist, a protocol gateway is designed to understand and have rule-level control over the commands passing through it within defined protocols. This granularity, for example, allows for control and filtering to only allow defined OT commands to be passed to a secure SCADA network.
  • Protocol gateways are generally specific feature sets of a firewall and traditionally target OT network security as their core use case.

Network Pump

One-way data extraction

A network pump is a concept designed to allow data to be transferred from a secure network to a less secure network while still protecting against covert channels such as using the ACK within a transfer to transmit data. A network pump will consist of trusted processes and schedulers that allow for data to pass but control channels to be sufficiently modified so as to not allow security concerns.
  • Network pumps would generally be deployed in the most security demanding of environments and are generally not “off the shelf” products.

Operate and optimize

Security is not static. Monitor and iterate on policies within the environment.

Monitor

Iterate

Two in three businesses (68%) allow more employee data access than necessary.

GetApp's 2022 Data Security Survey Report

Are the segmentation efforts resulting in the expected traffic changes? Are there any anomalies that need investigation?

Using the output from the monitoring stage, refine and optimize the design by iterating on the process.

Monitor for efficacy, compliance, and the unknown

Monitor to ensure your intended results and to identify new potential risks.

Monitoring network segments

A combination of passive and active monitoring is required to ensure that:

  • The rules that have been deployed are working as expected.
  • Appropriate proof of compliance is in place for auditing and insurance purposes.
  • Environments are being monitored for unexpected traffic.

Active monitoring goes beyond the traditional gathering of information for alerts and dashboards and moves into the space of synthetic users and anomaly detection. Using these strategies helps to ensure that security is enforced appropriately and responses to issues are timely.

"We discovered in our research that insider threats are not viewed as seriously as external threats, like a cyberattack. But when companies had an insider threat, in general, they were much more costly than external incidents. This was largely because the insider that is smart has the skills to hide the crime, for months, for years, sometimes forever."

– Dr. Larry Ponemon, Chairman Ponemon Institute, at SecureWorld Boston

Info-Tech Insight

Using solutions like network detection and response (NDR) will allow for monitoring to take advantage of advanced analytical techniques like artificial intelligence (AI) and machine learning (ML). These technologies can help identify anomalies that a human might miss.

Monitoring options

It’s not what you look at that matters, it’s what you see.

– Henry David Thoreau

Traditional

Monitor cumulative change in a variable

Traditional network monitoring is a minimum viable product. With this solution variables can be monitored to give some level of validation that the segmentation solution is operating as expected. Potential areas to monitor include traffic volumes, access-list (ACL) matches, and firewall packet drops.
  • This is expected baseline monitoring. Without at least this level of visibility, it is hard to validate the solutions in place

Rules Based

Inspect traffic to find a match against a library of signatures

Rules-based systems will monitor traffic against a library of signatures and alert on any matches. These solutions are good at identifying the “known” issues on the network. Examples of these systems include security incident and event management (SIEM) and intrusion detection/prevention systems (IDS/IPS).
  • These solutions are optimally used when there are known signatures to validate traffic against.
  • They can identify known attacks and breaches.

Anomaly Detection

Use computer intelligence to compare against baseline

Anomaly detection systems are designed to baseline the network traffic then compare current traffic against that to find anomalies using technologies like Bayesian regression analysis or artificial intelligence and machine learning (AI/ML). This strategy can be useful in analyzing large volumes of traffic and identifying the “unknown unknowns.”
  • Computers can analyze large volumes of data much faster than a human. This allows these solutions to validate traffic in (near) real-time and alert on things that are out of the ordinary and would not be easily visible to a human.

Synthetic Data

Mimic potential traffic flows to monitor network reaction

Rather than wait for a bad actor to find a hole in the defenses, synthetic data can be used to mimic real-world traffic to validate configuration and segmentation. This often takes the form of real user monitoring tools, penetration testing, or red teaming.
  • Active monitoring or testing allows a proactive stance as opposed to a reactive one.

Gather feedback, assess the situation, and iterate

Take input from operating the environment and use that to optimize the process and the outcome.

Optimize through iteration

Output from monitoring must be fed back into the process of maintaining and optimizing segmentation. Network segmentation should be viewed as an ongoing process as opposed to a singular structured project.

Monitoring can and will highlight where and when the segmentation design is successful and when new traffic flows arise. If these inputs are not fed back through the process, designs will become stagnant and admins or users will attempt to find ways to circumvent solutions for ease of use.

"I think it's very important to have a feedback loop, where you're constantly thinking about what you've done and how you could be doing it better. I think that's the single best piece of advice: constantly think about how you could be doing things better and questioning yourself."

– Elon Musk, qtd. in Mashable, 2012

Info-Tech Insight

The network environment will not stay static; flows will change as often as required for the business to succeed. Take insights from monitoring the environment and integrate them into an iterative process that will maintain relevance and usability in your segmentation.

Bibliography

Andreessen, Marc. “Adaptability is key.” BrainyQuote, n.d.
Barry Schwartz. The Paradox of Choice: Why More Is Less. Harper Perennial, 18 Jan. 2005.
Capers, Zach. “GetApp’s 2022 Data Security Report—Seven Startling Statistics.” GetApp,
19 Sept. 2022.
Cisco Systems, Inc. “Cybersecurity resilience emerges as top priority as 62 percent of companies say security incidents impacted business operations.” PR Newswire, 6 Dec. 2022.
“Dynamic Network Segmentation: A Must-Have for Digital Businesses in the Age of Zero Trust.” Forescout Whitepaper, 2021. Accessed Nov. 2022.
Eaves, Johnothan. “Segmentation Strategy - An ISE Prescriptive Guide.” Cisco Community,
26 Oct. 2020. Accessed Nov. 2022.
Kambic, Dan, and Jason Fricke. “Network Segmentation: Concepts and Practices.” Carnegie Mellon University SEI Blog, 19 Oct. 2020. Accessed Nov. 2022.
Kang, Myong H., et al. “A Network Pump.” IEEE Transactions on Software Engineering, vol. 22 no. 5, May 1996.
Kipling, Rudyard. “The Ballad of East and West.” Ballads and Barrack-Room Ballads, 1892.
Mintzberg, Henry. “Everyone is against micro managing but macro managing means you're working at the big picture but don't know the details.” AZ Quotes, n.d.
Murphy, Greg. “A Reimagined Purdue Model For Industrial Security Is Possible.” Forbes Magazine, 18 Jan. 2022. Accessed Oct. 2022.
Patton, George S. “Never tell people how to do things. Tell them what to do and they will surprise you with their ingenuity.” BrainyQuote, n.d.
Ponemon, Larry. “We discovered in our research […].” SecureWorld Boston, n.d.
Roosevelt, Theodore. “Do what you can, with what you've got, where you are.” Theodore Roosevelt Center, n.d.
Sahoo, Narendra. “How Does Implementing Network Segmentation Benefit Businesses?” Vista Infosec Blog. April 2021. Accessed Nov. 2022.
“Security Outcomes Report Volume 3.” Cisco Secure, Dec 2022.
Shedd, John A. “A ship in harbor is safe, but that is not what ships are built for.” Salt from My Attic, 1928, via Quote Investigator, 9 Dec. 2023.
Singleton, Camille, et al. “X-Force Threat Intelligence Index 2022” IBM, 17 Feb. 2022.
Accessed Nov. 2022.
Stone, Mark. “What is network segmentation? NS best practices, requirements explained.” AT&T Cyber Security, March 2021. Accessed Nov. 2022.
“The State of Breach and Attack Simulation and the Need for Continuous Security Validation: A Study of US and UK Organizations.” Ponemon Institute, Nov. 2020. Accessed Nov. 2022.
Thoreau, Henry David. “It’s not what you look at that matters, it’s what you see.” BrainyQuote, n.d.
Ulanoff, Lance. “Elon Musk: Secrets of a Highly Effective Entrepreneur.” Mashable, 13 April 2012.
“What Is Microsegmenation?” Palo Alto, Accessed Nov. 2022.
“What is Network Segmentation? Introduction to Network Segmentation.” Sunny Valley Networks, n.d.

Implement Infrastructure Shared Services

  • Buy Link or Shortcode: {j2store}456|cart{/j2store}
  • member rating overall impact: N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: Operations Management
  • Parent Category Link: /i-and-o-process-management
  • Organizations have service duplications for unique needs. These duplications increase business expenditure.
  • Lack of collaboration between business units to share their services increases business cost and reduces business units’ faith to implement shared services.
  • Transitioning infrastructure to shared services is challenging for many organizations. It requires an accurate planning and efficient communication between participating business units.

Our Advice

Critical Insight

  • Identify your current process, tool, and people capabilities before implementing shared services. Understand the financial compensations prior to implementation and assess if your organization is ready for transitioning to shared services model.
  • Do not implement shared services when the nature of the services differs greatly between business units.

Impact and Result

  • Understand benefits of shared services for the business and determine whether transitioning to shared services would benefit the organization.
  • Identify the best implementation plan based on goals, needs, and services.
  • Build a shared-services process to manage the plan and ensure its success.

Implement Infrastructure Shared Services Research & Tools

Start here – Read the Executive Brief

Read our concise Executive Brief to find out why you should implement shared services, review Info-Tech’s methodology, and understand the ways we can support you in completing this project.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Conduct gap analysis

Identify benefits of shared services to your organization and define implementation challenges.

  • Implement Infrastructure Shared Services – Phase 1: Conduct Gap Analysis
  • Shared Services Implementation Executive Presentation
  • Shared Services Implementation Business Case Template
  • Shared Services Implementation Assessment Tool

2. Choose the right path

Identify your process and staff capabilities and discover which services will be transitioned to shared services plan. It will also help you to figure out the best model to choose.

  • Implement Infrastructure Shared Services – Phase 2: Choose the Right Path
  • Sample Enterprise Services

3. Plan the transition

Discuss an actionable plan to implement shared services to track the project. Walk through a communication plan to document the goals, progress, and expectations with customer stakeholders.

  • Implement Infrastructure Shared Services – Phase 3: Plan the Transition
  • Shared Services Implementation Roadmap Tool
  • Shared Services Implementation Customer Communication Plan
[infographic]

Workshop: Implement Infrastructure Shared Services

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Identify Challenges

The Purpose

Establish the need for change.

Key Benefits Achieved

Set a clear understanding about benefits of shared services to your organization.

Activities

1.1 Identify your organization’s main drivers for using a shared services model.

1.2 Define if it is beneficial to implement shared services.

Outputs

Shared services mission

Shared services goals

2 Assess Your Capabilities

The Purpose

Become aware of challenges to implement shared services and your capabilities for such transition.

Key Benefits Achieved

Discover the primary challenges for transitioning to shared services, eliminate resistance factors, and identify your business potentials for implementation.

Activities

2.1 Identify your organization’s resistance to implement shared services.

2.2 Assess process and people capabilities.

Outputs

Shared Services Business Case

Shared Services Assessment

3 Define the Model

The Purpose

Determine the shared services model.

Key Benefits Achieved

Identify the core services to be shared and the best model that fits your organization.

Activities

3.1 Define core services that will be moved to shared services.

3.2 Assess different models of shared services and pick the one that satisfies your goals and needs.

Outputs

List of services to be transferred to shared services

Shared services model

4 Implement and Communicate

The Purpose

Define and communicate the tasks to be delivered.

Key Benefits Achieved

Confidently approach key stakeholders to make the project a reality.

Activities

4.1 Define the roadmap for implementing shared services.

4.2 Make a plan to communicate changes.

Outputs

List of initiatives to reach the target state, strategy risks, and their timelines

Draft of a communication plan

Map Technical Skills for a Changing Infrastructure & Operations Organization

  • Buy Link or Shortcode: {j2store}333|cart{/j2store}
  • member rating overall impact: 10.0/10 Overall Impact
  • member rating average dollars saved: 5 Average Days Saved
  • member rating average days saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
  • Parent Category Name: Strategy and Organizational Design
  • Parent Category Link: /strategy-and-organizational-design
  • Infrastructure & Operations is changing rapidly. It’s a constant challenge to find the right skills to support the next new technology while at the same time maintaining the skills in house that allow you to support your existing platforms.
  • A lack of clarity around required skills makes finding the right skills difficult, and it’s not clear whether you should train, hire, contract, or outsource to address gaps.
  • You need to keep up with changes and new strategy while continuing to support your existing environment.

Our Advice

Critical Insight

  • Take a strategic approach to acquiring skills – looking only as far as the needs of the next project will lead to a constant skills shortage with no plan for it to be addressed.
  • Begin by identifying your future state. Identify needed skills in the organization to support planned projects and initiatives, and to mitigate skills-related risks.

Impact and Result

  • Leverage your infrastructure roadmap and cloud strategy to identify needed skills in your future state environment.
  • Decide how you’ll acquire needed skills based on the characteristics of need for each skill.
  • Communicate the change and create a plan of action for the skills transformation.

Map Technical Skills for a Changing Infrastructure & Operations Organization Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to find out why you should map technical skills for a changing Infrastructure & Operations organization, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Identify skills needs for the future state environment

Identify what skills are needed based on where the organization is going.

  • Map Technical Skills for a Changing Infrastructure & Operations Organization – Phase 1: Identify Skills Needs for Your Future State Environment
  • Future State Playbook
  • IT/Cloud Solutions Architect
  • IT/Cloud Engineer
  • IT/Cloud Administrator
  • IT/Cloud Demand Billing & Accounting Analyst

2. Acquire needed skills

Ground skills acquisition decisions in the characteristics of need.

  • Map Technical Skills for a Changing Infrastructure & Operations Organization – Phase 2: Acquire Needed Skills
  • Technical Skills Map

3. Maximize the value of the skills map

Get stakeholder buy-in; leverage the skills map in other processes.

  • Map Technical Skills for a Changing Infrastructure & Operations Organization – Phase 3: Maximize the Value of Your Skills Map
  • Technical Skills Map Communication Deck Template
[infographic]

Workshop: Map Technical Skills for a Changing Infrastructure & Operations Organization

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Review Initiatives and Skills-Related Risks

The Purpose

Identify process and skills changes required by the future state of your environment.

Key Benefits Achieved

Set foundation for alignment between strategy-defined technology initiatives and needed skills.

Activities

1.1 Review the list of initiatives and projects with the group.

1.2 Identify how key support, operational, and deployment processes will change through planned initiatives.

1.3 Identify skills-related risks and pain points.

Outputs

Future State Playbook

2 Identify Needed Skills and Roles

The Purpose

Identify process and skills changes required by the future state of your environment.

Key Benefits Achieved

Set foundation for alignment between strategy-defined technology initiatives and needed skills.

Activities

2.1 Identify skills required to support the new environment.

2.2 Map required skills to roles.

Outputs

IT/Cloud Architect Role Description

IT/Cloud Engineer Role Description

IT/Cloud Administrator Role Description

3 Create a Plan to Acquire Needed Skills

The Purpose

Create a skills acquisition strategy based on the characteristics of need.

Key Benefits Achieved

Optimal skills acquisition strategy defined.

Activities

3.1 Modify impact scoring scale for key skills decision factors.

3.2 Apply impact scoring scales to needed skills

3.3 Decide whether to train, hire, contract, or outsource to acquire needed skills.

Outputs

Technical Skills Map

4 Develop a Communication Plan

The Purpose

Create an effective communication plan for different stakeholders across the organization.

Identify opportunities to leverage the skills map elsewhere.

Key Benefits Achieved

Create a concise, clear, consistent, and relevant change message for stakeholders across the organization.

Activities

4.1 Review skills decisions and decide how you will acquire skills in each role.

4.2 Update roles descriptions.

4.3 Create a change message.

4.4 Identify opportunities to leverage the skills map in other processes.

Outputs

Technical Skills Map Communication Deck

IT Metrics and Dashboards During a Pandemic

  • Buy Link or Shortcode: {j2store}118|cart{/j2store}
  • member rating overall impact: N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: Performance Measurement
  • Parent Category Link: /performance-measurement

The ways you measure success as a business are based on the typical business environment, but during a crisis like a pandemic, the business environment is rapidly changing or significantly different.

  • How do you assess the scope of the risk?
  • How do you quickly align your team to manage new risks?
  • How do you remain flexible enough to adapt to a rapidly changing situation?

Our Advice

Critical Insight

Measure what you have the data for and focus on managing the impacts to your employees, customers, and suppliers. Be willing to make decisions based on imperfect data. Don’t forget to keep an eye on the long-term objectives and remember that how you act now can reflect on your business for years to come.

Impact and Result

Use Info-Tech’s approach to:

  • Quickly assess the risk and identify critical items to manage.
  • Communicate what your decisions are based on so teams can either quickly align or challenge conclusions made from the data.
  • Quickly adjust your measures based on new information or changing circumstances.
  • Use the tools you already have and keep it simple.

IT Metrics and Dashboards During a Pandemic Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to find out how to develop your temporary crisis dashboard.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Consider your organizational goals

Identify the short-term goals for your organization and reconsider your long-term objectives.

  • Crisis Temporary Measures Dashboard Tool

2. Build a temporary data collection and dashboard method

Determine your tool for data collection and your data requirements and collect initial data.

3. Implement a cadence for review and action

Determine the appropriate cadence for reviewing the dashboard and action planning.

[infographic]

Make Your IT Governance Adaptable

  • Buy Link or Shortcode: {j2store}359|cart{/j2store}
  • member rating overall impact: 8.0/10 Overall Impact
  • member rating average dollars saved: $123,499 Average $ Saved
  • member rating average days saved: 10 Average Days Saved
  • Parent Category Name: IT Governance, Risk & Compliance
  • Parent Category Link: /it-governance-risk-and-compliance
  • People don’t understand the value of governance, seeing it as a hindrance to productivity and efficiency.
  • Governance is delegated to people and practices that don’t have the ability or authority to make these decisions.
  • Decisions are made within committees that don’t meet frequently enough to support business velocity.
  • It is difficult to allocate time and resources to build or execute governance effectively.

Our Advice

Critical Insight

  • IT governance applies not just to the IT department but to all uses of information and technology.
  • IT governance works against you if it no longer aligns with or supports your organizational direction, goals, and work practices.
  • Governance doesn’t have to be bureaucratic or control based.
  • Your governance model should be able to adapt to changes in the organization’s strategy and goals, your industry, and your ways of working.
  • Governance can be embedded and automated into your practices.

Impact and Result

  • You will produce more value from IT by developing a governance framework optimized for your current needs and context, with the ability to adapt as your needs shift.
  • You will create the foundation and ability to delegate and empower governance to enable agile delivery.
  • You will identify areas where governance does not require manual oversight and can be embedded into the way you work.

Make Your IT Governance Adaptable Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Make Your IT Governance Adaptable Deck – A document that walks you through how to design and implement governance that fits the context of your organization and can adapt to change.

Our dynamic, flexible, and embedded approach to governance will help drive organizational success. The three-phase methodology will help you identify your governance needs, select and refine your governance model, and embed and automate governance decisions.

  • Make Your IT Governance Adaptable – Phases 1-3

2. Adaptive and Controlled Governance Model Templates and Workbook – Documents that gather context information about your organization to identify the best approach for governance.

Use these templates and workbook to identify the criteria and design factors for your organization and the design triggers to maintain fit. Upon completion this will be your new governance framework model.

  • Controlled Governance Models Template
  • IT Governance Program Overview
  • Governance Workbook

3. Implementation Plan and Workbook – Tools that help you build and finalize your approach to implement your new or revised governance model.

Upon completion you will have a finalized implementation plan and a visual roadmap.

  • Governance Implementation Plan
  • Governance Roadmap Workbook

4. Governance Committee Charter Templates – Base charters that can be adapted for communication.

Customize these templates to create the committee charters or terms of reference for the committees developed in your governance model.

  • IT PMO Committee Charter
  • IT Risk Committee Charter for Controlled Governance
  • IT Steering Committee Charter for Controlled Governance
  • Program Governance Committee Charter
  • Architecture Review Board Charter
  • Data Governance Committee Charter
  • Digital Governance Committee Charter

5. Governance Automation Criteria Checklist and Worksheet – Tools that help you determine which governance decisions can be automated and work through the required logic and rules.

The checklist is a starting point for confirming which activities and decisions should be considered for automation or embedding. Use the worksheet to develop decision logic by defining the steps and information inputs involved in making decisions.

  • Governance Automation Criteria Checklist
  • Governance Automation Worksheet

Infographic

Workshop: Make Your IT Governance Adaptable

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Develop Your Guiding Star

The Purpose

Establish the context for your governance model.

Key Benefits Achieved

Core understanding of the context that will enable us to build an optimal model

Activities

1.1 Confirm mission, vision, and goals.

1.2 Define scope and principles.

1.3 Adjust for culture and finalize context.

Outputs

Governance principles

Governance context and goals

2 Define the Governance Model

The Purpose

To select and adapt a governance model based on your context.

Key Benefits Achieved

A selected and optimized governance model

Activities

2.1 Select and refine governance model.

2.2 Confirm and adjust the structure.

2.3 Review and adapt governance responsibilities and activities.

2.4 Validate governance mandates and membership.

Outputs

IT governance model and adjustment triggers

IT governance structure, responsibilities, membership, and cadence

Governance committee charters

3 Build Governance Process and Policy

The Purpose

Refine your governance practices and associate policies properly.

Key Benefits Achieved

A completed governance model that can be implemented with clear update triggers and review timing

Policy alignment with the right levels of authority

Activities

3.1 Update your governance process.

3.2 Align policies to mandate.

3.3 Adjust and confirm your model.

3.4 Identify and document update triggers and embed into review cycle.

Outputs

IT governance process and information flow

IT governance policies

Finalized governance model

4 Embed and Automate Governance

The Purpose

Identify options to automate and embed governance activities and decisions.

Key Benefits Achieved

Simply more consistent governance activities and automate them to enhance speed and support governance delegation and empowerment

Activities

4.1 Identify decisions and standards that can be automated. Develop decision logic.

4.2 Plan verification and validation approach.

4.3 Build implementation plan.

4.4 Develop communication strategy and messaging.

Outputs

Selected automation options, decision logic, and business rules

Implementation and communication plan

Further reading

Make Your IT Governance Adaptable

Governance isn't optional, so keep it simple and make it flexible.

Table of Contents

4 Analyst Perspective

5 Executive Summary

13 Governance Stages

14 Info-Tech’s IT Governance Thought Model

19 Info-Tech’s Approach

23 Insight Summary

30 Phase 1: Identify Your Governance Needs

54 Phase 2: Select and Refine Your Governance Model

76 Phase 3: Embed and Automate

94 Summary of Accomplishment

95 Additional Support

97 Contributors

98 Bibliography

Make Your IT Governance Adaptable

Governance isn't optional, so keep it simple and make it flexible.

EXECUTIVE BRIEF

Analyst Perspective

Governance will always be part of the fabric of your organization. Make it adaptable so it doesn’t constrain your success.

Photo of Valence Howden, Principal Research Director, Info-Tech Research Group

Far too often, the purpose of information and technology (I&T) governance is misunderstood. Instead of being seen as a way to align the organization’s vision to its investment in information and technology, it has become so synonymous with compliance and control that even mentioning the word “governance” elicits a negative reaction.

Success in modern digital organizations depends on their ability to adjust for velocity and uncertainty, requiring a dynamic and responsive approach to governance – one that is embedded and automated in your organization to enable new ways of working, innovation, and change.

Evolutionary theory describes adaptability as the way an organism adjusts to fit a new environment, or changes to its existing environment, to survive. Applied to organizations, adaptable governance is critical to the ability to survive and succeed.

If your governance doesn’t adjust to enable your changing business environment and customer needs, it will quickly become misaligned with your goals and drive you to failure.

It is critical that people build an approach to governance that is effective and relevant today while building in adaptability to keep it relevant tomorrow.

Valence Howden
Principal Research Director, Info-Tech Research Group

Executive Summary

Your Challenge

  • People don’t understand the value of governance, seeing it as a hindrance to productivity and efficiency.
  • Governance is delegated to people and practices that don’t have the ability or authority to make decisions.
  • Decisions are made within committees that don’t meet frequently enough to support business velocity.
  • It is difficult to allocate time and resources to build or execute governance effectively

Common Obstacles

  • You are unable to clearly communicate how governance adds value to your organization.
  • Your IT governance approach no longer aligns with or supports your organizational direction, goals, and work practices.
  • Governance is seen and performed as a bureaucratic control-based exercise.
  • Governance activities are not transparent.
  • The governance committee gets too deeply involved with project deep dives and daily management, derailing its effectiveness and ability to produce value.

Info-Tech’s Approach

  • Use Info-Tech’s IT governance models to identify a base model similar to the way you are organized. Confirm your current and future placement in governance execution.
  • Adjust the model based on industry needs, your principles, regulatory requirements, and your future direction.
  • Identify where to embed or automate decision making and compliance and what is required to do so effectively.
  • Implement your governance model for success.

Info-Tech Insight

IT governance must be embedded and automated, where possible, to effectively meet the needs and velocity of digital organizations and modern practices and to drive success and value.

What is governance?

IT governance is a critical and embedded practice that ensures that information and technology investments, risks, and resources are aligned in the best interests of the organization and produce business value.

Effective governance ensures that the right technology investments are made at the right time to support and enable your organization’s mission, vision, and goals.

5 KEY OUTCOMES OF GOOD GOVERNANCE
STRATEGIC ALIGNMENT

Technology investments and portfolios are aligned with the organization's strategic objectives.

RISK OPTIMIZATION

Organizational risks are understood and addressed to minimize impact and optimize opportunities.

VALUE DELIVERY

IT investments and initiatives deliver their expected benefits.

RESOURCE OPTIMIZATION

Resources (people, finances, time) are appropriately allocated across the organization to optimal organizational benefit.

PERFORMANCE MEASUREMENT

The performance of technology investments is monitored and used to determine future courses of action and to confirm achievement of success.

‹–EVALUATE–DIRECT–MONITOR–›

Why is this necessary?

  • Governance is not simply a committee or an activity that you perform at a specific point in time; it is a critical and continuously active practice that drives the success of your organization. It is part of your organization’s DNA and is just as unique, with some attributes common to all (IT governance elements), some specific to your family (industry refinements), and some specific to you (individual organization).
  • Your approach to governance needs to change over time in order to remain relevant and continue to enable value and success, but organizations rarely want to change governance once it’s in place.
  • To meet the speed and flow of practices like Lean, DevOps, and Agile, your IT governance needs to be done differently and become embedded into the way your organization works. You must adjust your governance model based on key moments of change – organizational triggers – to maintain the effectiveness of your model.

Info-Tech Insight

Build an optimal model quickly and implement the core elements using an iterative approach to ensure the changes provide the most value.

The Technology Value Trinity

Delivery of Business Value & Strategic Needs

  • DIGITAL & TECHNOLOGY STRATEGY
    The identification of objectives and initiatives necessary to achieve business goals.
  • IT OPERATING MODEL
    The model for how IT is organized to deliver on business needs and strategies.
  • INFORMATION & TECHNOLOGY GOVERNANCE
    The governance to ensure the organization and its customers get maximum value from the use of information and technology.

All three elements of the Technology Value Trinity work in harmony to deliver business value and meet strategic needs. As one changes, the others need to change as well.

  • Digital and IT Strategy tells you what you need to achieve to be successful.
  • IT Operating Model and Organizational Design is the alignment of resources to deliver on your strategy and priorities.
  • Information & Technology Governance is the confirmation that IT’s goals and strategy align with the business’ strategy. It is the mechanism by which you continuously prioritize work to ensure that what you deliver is in line with the strategy. This oversight involves evaluating, directing, and monitoring the delivery of outcomes to ensure that the use of resources results in achieving the organization’s goals.

Too often strategy, operating model and organizational design, and governance are considered separate practices. As a result, “strategic documents” end up being wish lists, and projects continue to be prioritized based on who shouts the loudest rather than on what is in the best interest of the organization.

Where information & technology governance fits within an organization

An infographic illustrating where Governance fits within an organization. The main section is titled 'Enterprise Governance and Strategy' and contains 'Value Outcomes', 'Mission and Vision', 'Goals and Objectives', and 'Guiding Principles'. These all feed into the highlighted 'Information & Technology Governance', which then contributes to 'IT Strategy', which lies outside the main section.

I&T governance hasn’t achieved its purpose

Governance is the means by which IT ensures that information and technology delivery and spend is aligned to business goals and delivers business outcomes. However, most CEOs continue to perceive IT as being poorly aligned to the business’ strategic goals, which indicates that governance is not implemented or executed properly.

For I&T governance to be effective you need a clear understanding of the things that drive your organization and its success. This understanding becomes your guiding star, which is critical for effective governance. It also requires participation by all parts of the organization, not just IT.

Info-Tech CIO/CEO Alignment Diagnostics (N=124)

43% of CEOs believe that business goals are going unsupported by IT.

60% of CEOs believe that improvement is required around IT’s understanding of business goals.

80% of CIOs/CEOs are misaligned on the target role for IT.

30% of business stakeholders are supporters (N=32,536) of their IT departments

Common causes of poor governance

Key causes of poor or misaligned governance

  1. Governance and its value to your organization is not well understood, often being confused or integrated with more granular management activities.
  2. Business executives fail to understand that IT governance is a function of the business and not the IT department.
  3. Poor past experiences have made “governance” a bad word in the organization. People see it as a constraint and barrier that must be circumvented to get work done.
  4. There is misalignment between accountability and authority throughout the organization, and the wrong people are involved in governance practices.
  5. There is an unwillingness to change a governance approach that has served the organization well in the past, leading to challenges when the organization starts to change practices and speed of delivery.
  6. There is a lack of data and data-related capabilities required to support good decision making and the automation of governance decisions.
  7. The goals and strategy of the organization are not known or understood, leaving nothing for IT governance to orient around.

Key symptoms of ineffective governance committees

  1. No actions or decisions are generated. The committee produces no value and makes no decisions after it meets. The lack of value output makes the usefulness of the committee questionable.
  2. Resources are overallocated. There is a lack of clear understanding of capacity and value in work to be done, leading to consistent underestimation of required resources and poor resource allocation.
  3. Decisions are changed outside of committee. Decisions made or initiatives approved by the committee are later changed when the proper decision makers are involved or the right information becomes available.
  4. Governance decisions conflict with organizational direction. This shows an obvious lack of alignment and behavioral disconnect that work against organizational success. It is often due to not accounting for where power really exists within the structure.
  5. Consistently poor outcomes are produced from governance direction. Committee members’ lack of business acumen, relevant data, or understanding of organizational goals results in decisions that fail to drive successful measured outcomes.

Mature your governance by transitioning from ad hoc to automated

Organizations should look to progress in their governance stages. Ad hoc and controlled governance practices tend to be more rigid, making these a poor fit for organizations requiring higher velocity delivery or using more agile and adaptive practices.

The goal as you progress through these stages is to delegate governance and empower teams based on your fit and culture, enabling teams where needed to make optimal decisions in real time, ensuring that they are aligned with the best interests of the organization.

Automate governance for optimal velocity while mitigating risks and driving value.

This puts your organization in the best position to be adaptive, able to react effectively to volatility and uncertainty.

A graph illustrating the transition from Ad Hoc to Automated. The y-axis is 'Process Integration' and x-axis is 'Trust & Empowerment'. 'Ad Hoc: Inconsistent Decision Making' lies close to the origin, ranking low on both axes' values. 'Controlled: Authoritarian, Highly Structured' ranks slightly higher on both axes. 'Agile: Distributed & Empowered' ranks 2nd highest on both axes. 'Automated: High Velocity, Embedded & Flexible' ranks highest on both axes.

Stages of governance

Adaptive
Data-Centric

ˆ


ˆ


ˆ


ˆ


ˆ
Traditional
(People- and Document-Centric)

4

 Automated Governance
  • Entrenched into organizational processes and product/service design
  • Empowered and fully delegated to maintain fit and drive organizational success and survival

3

 Agile Governance
  • Flexible enough to support different needs in the organization and respond quickly to change
  • Driven by principles and delegated throughout the company

2

 Controlled Governance
  • Focused on compliance and hierarchy-based authority
  • Levels of authority defined and often driven by regulatory requirements

1

 Ad Hoc Governance
  • Not well defined or understood within the organization
  • Occurs out of necessity but often not done by the right people or bodies

Make Governance Adaptable and Automated to Drive Success and Value

Governance adaptiveness ensures the success of digital organizations and modern practice implementation.

THE PROBLEM

  • The wrong people are making decisions.
  • Organizations don't understand what governance is or why it's done.
  • Governance scope and design is a bad fit, damaging the organization.
  • People think governance is optional.

THE SOLUTION

ESTABLISH YOUR GUIDING PRINCIPLES

Define and establish the guiding principle that drive your organization toward success.

  • Mission & Vision
  • Business Goals & Success Criteria
  • Operating Model & Work Practices
  • Governance Scope
  • Principles
SELECT AND REFINE YOUR MODEL

Use Info-Tech's IT Governance Models to identify a base model similar to the way you are organized. Confirm your current and future placement in governance execution.

IDENTIFY MODEL UPDATE TRIGGERS

Adjust the model based on industry needs, your principles, regulatory requirements, and future direction.

  • Principles
    Select principles that allow the organization to be adaptive while still ensuring the governance continues to stay on course with pursuing its guiding star.
  • Responsibilities
    Decide on the governance responsibilities related to Oversight Level, Strategic Alignment, Value Delivery, Risk Optimization, Resource Optimization, and Performance Management.
  • Structure
    Determine at which structured level governance is appropriate: Enterprise, Strategic, Tactical, or Operational.
  • Processes
    Establish processes that will enable governance to occur such as: Embed the processes required for successful governance.
  • Membership
    Identify the Responsibility & Accountability of those who should be involved in governance processes, policies, guidelines, and responsibilities.
  • Policies
    Confirm any governing policies that need to be adhered to and considered to manage risk.
DETERMINE AUTOMATION OPTIONS AND DECISION RULES

Identify where to embed or automate decision making and compliance and what is required to do so effectively.

STAGES OF GOVERNANCE

    Traditional (People- and document-centric)
  1. AD HOC GOVERNANCE
    Governance that is not well defined or understood within the organization. It occurs out of necessity but often not by the right people or bodies.
  2. CONTROLLED GOVERNANCE
    Governance focused on compliance and hierarchy-based, authority-driven control of decisions. Levels of Authority are defined and often driven by regulatory requirements.
    3. Adaptive (Data Centric)
  3. AGILE GOVERNANCE
    Governance that is flexible to support different needs and quick responses in the organization. Driven by principles and delegated throughout the company.
  4. AUTOMATED GOVERNANCE
    Governance that is entrenched and automated into the organizational processes and product/service design. Empowered and fully delegated governance to maintain fit and drive organizational success and survival.

KEY INSIGHT

Governance must actively adapt to changes in your organization, environment, and practices or it will drive you to failure.

Developing governance principles

Governance principles support the move from controlled to automated governance by providing guardrails that guide your decisions. They provide the ethical boundaries and cultural perspectives that contextualize your decisions and keep you in line with organizational values. Determining principles are global in nature.

CONTROLLED CHANGE ACTIONS AND RATIONALE AUTOMATED
Disentangle governance and management Move from governance focused on evaluating, directing, and monitoring strategic decisions around information and technology toward defining and automating rules and principles for decision making into processes and practices, empowering the organization and driving adaptiveness. Delegate and empower
Govern toward value Move from identifying the organization’s mission, goals, and key drivers toward orienting IT to align with those value outcomes and embedding value outcomes into design and delivery practices. Deliver to defined outcomes
Make risk-informed decisions Move from governance bodies using risk information to manually make informed decisions based on their defined risk tolerance toward having risk information and attestation baked into decision making across all aspects and layers of the IT organization – from design to sustainment. Embed risk decision making into processes and practices
Measure to drive improvement Move from static lagging metrics that validate that the work being done is meeting the organization’s needs and guide future decision making toward automated governance with more transparency driven by data-based decision making and real-time data insights. Trust through real-time reporting
Enforce standards and behavior Move from enforcing standards and behavior and managing exceptions to ensure that there are consistent outcomes and quality toward automating standards and behavioral policies and embedding adherence and changes in behavior into the organization’s natural way of working. Automate standards through automated decision rules, verification, and validation

Find your guiding star

MISSION AND VISION –› GOALS AND OBJECTIVES –› GUIDING PRINCIPLES –›

VALUE
Why your organization exists and what value it aims to provide. The purpose you build a strategy to achieve. What your organization needs be successful at to fulfill its mission. Key propositions and guardrails that define and guide expected organizational behavior and beliefs.

Your mission and vision define your goals and objectives. These are reinforced by your guiding principles, including ethical considerations, your culture, and expected behaviors. They provide the boundaries and guardrails for enabling adaptive governance, ensuring you continue to move in the right direction for organizational success.

To paraphrase Lewis Carroll, “If you don't know where you want to get to, it doesn't much matter which way you go.” Once you know what matters, where value resides, and which considerations are necessary to make decisions, you have consistent directional alignment that allows you to delegate empowered governance throughout the organization, taking you to the places you want to go.

Understand governance versus management

Don’t blur the lines between governance and management; each has a unique role to play. Confusing them results in wasted time and confusion around ownership.

Governance

I&T governance defines WHAT should be done and sets direction through prioritization and decision making, monitoring overall IT performance.

Governance aligns with the mission and vision of the organization to guide IT.

A cycle of processes split into two halves, 'Governance Processes' and 'Management Processes'. Beginning on the Management side, the processes are 'Plan', 'Build', 'Run', 'Monitor', then to the Governance side, 'Evaluate', 'Direct', 'Monitor', and back to the beginning.

Management

Management focuses on HOW to do things to achieve the WHAT. It is responsible for executing on, operating, and monitoring activities as determined by I&T governance.

Management makes decisions for implementation based on governance direction.

Data is critical to automating governance

Documents and subjective/non-transparent decisions do not create sufficient structure to allow for the true automation of governance. Data related to decisions and aggregated risk allow you to define decision logic and rules and algorithmically embed them into your organization.

People- and Document-Centric

Governance drives activities through specific actors (individuals/committees) and unstructured data in processes and documents that are manually executed, assessed, and revised. There are often constraints caused by gaps or lack of adequate and integrated information in support of good decisions.

Data-Centric

Governance actors provide principles, parameters, and decision logic that enable the creation of code, rulesets, and algorithms that leverage organizational data. Attestation is automatic – validated and managed within the process, product, or service.

Info-Tech’s Approach

Define your context and build your model

ESTABLISH YOUR GUIDING PRINCIPLES

Define and establish the guiding principle that drive your organization toward success.

  • Mission & Vision
  • Business Goals & Success Criteria
  • Operating Model & Work Practices
  • Governance Scope
  • Principles
SELECT AND REFINE YOUR MODEL

Use Info-Tech's IT Governance Models to identify a base model similar to the way you are organized. Confirm your current and future placement in governance execution.

MODEL UPDATE TRIGGERS

Adjust the model based on industry needs, your principles, regulatory requirements, and future direction.

  • Principles
    Select principles that allow the organization to be adaptive while still ensuring the governance continues to stay on course with pursuing its guiding star.
  • Responsibilities
    Decide on the governance responsibilities related to Oversight Level, Strategic Alignment, Value Delivery, Risk Optimization, Resource Optimization, and Performance Management.
  • Structure
    Determine at which structured level governance is appropriate: Enterprise, Strategic, Tactical, or Operational.
  • Processes
    Establish processes that will enable governance to occur such as: Embed the processes required for successful governance.
  • Membership
    Identify the Responsibility & Accountability of those who should be involved in governance processes, policies, guidelines, and responsibilities.
  • Policies
    Confirm any governing policies that need to be adhered to and considered to manage risk.
AUTOMATION OPTIONS AND DECISION RULES

Identify where to embed or automate decision making and compliance and what is required to do so effectively.

The Info-Tech Difference

Define your context and build your model

  1. Quickly identify the organizational needs driving governance and your guiding star.
  2. Select and refine a base governance model based on our templates.
  3. Define and document the key changes in your organization that will trigger a need to update or revise your governance.
  4. Determine where you might be able to automate aspects of your governance.
  5. Design your decision rules where appropriate to support automated and adaptive governance.

How to use this research

Where are you in your governance optimization journey?

MY GOVERNANCE IS AD HOC AND WE’RE STARTING FROM SCRATCH I NEED TO BUILD A NEW GOVERNANCE STRUCTURE OUR GOVERNANCE APPROACH IS INEFFECTIVE AND NEEDS IMPROVEMENT I NEED TO LOOK AT OPTIONS FOR AUTOMATING GOVERNANCE PRACTICES
Step 1.1: Define Your Governance Context Step 1.2: Structure Your IT Governance Phase 2: Select and Refine Your Model Phase 3: Embed and Automate

IT governance is about ensuring that the investment decisions made around information and technology drive the optimal organizational value, not about governing the IT department.

In this section we will clarify your organizational context for governance and define your guiding star to orient your governance design and inform your structure.

There is no need to start from scratch! Start with Info-Tech’s best-practice IT governance models and customize them based on your organizational context.

The research in this section will help you to select the right base model to work from and provide guidance on how to refine it.

Governance practices eventually stop being a good fit for a changing organization, and things that worked before become bottlenecks.

Governing roles and committees don’t adjust well, don’t have consistent practices, and lack the right information to make good decisions.

The research in this section will help you improve and realign your governance practices.

Once your governance is controlled and optimized you are ready to investigate opportunities to automate.

This phase of the blueprint will help you determine where it’s feasible to automate and embed governance, understand key governance automation practices, and develop governing business rules to move your journey forward.

Related Research:

If you are looking for details on specific associated practices, please see our related research:

  1. I need to establish data governance.
  2. I need to manage my project portfolio, from intake to confirmation of value.
  3. I need better risk information to support decision making.
  4. I need to ensure I am getting the expected outcomes and benefits from IT spend.
  5. I need to prioritize my product backlog or service portfolio.

Info-Tech’s methodology for building and embedding adaptive governance

1. Identify Your Governance Needs 2. Select and Refine Your Governance Model 3. Embed and Automate
Phase Steps
  1. Confirm Mission, Vision, and Goals
  2. Define Scope and Principles
  3. Adjust for Culture and Finalize Context
  1. Select and Refine Your Governance Model
  2. Identify and Document Your Governance Triggers
  3. Build Your Implementation Plan
  1. Identify Decisions to Embed and Automate
  2. Plan Validation and Verification
  3. Update Implementation Plan
Phase Outcomes
  • Governance context, guiding star, and principles
  • Completed governance model with associated decisions and policies
  • Implementation plan
  • List of automation options
  • Decision logic, rules, and rulesets
  • Validation and verification approach
  • Finalized implementation plan

Insight summary

Value

To remain valuable, I&T governance must actively adapt to changes in your organization, environment, and practices, or it will drive you to failure instead of success.

Focus

I&T governance does not focus on the IT department. Rather, its intent is to ensure your organization makes sound decisions around investment in and use of information and technology.

Maturity

Your governance approach progresses in stages from ad hoc to automated as your organization matures. Your stage depends on your organizational needs and ways of working.

Good governance

Good governance does not equate to control and does not stifle innovation.

Automation

Automating governance must be done in stages, based on your capabilities, level of maturity, and amount of usable data.

Strategy

Establish the least amount of governance required to allow you to achieve your goals.

Guiding star

If you don’t establish a guiding star to align the different stakeholders in your organization, governance practices will create conflict and confusion.

Blueprint deliverables

Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

Key Deliverable:
Governance Framework Model

The governance framework model provides the design of your new governance model and the organizational context to retain stakeholder alignment and organizational satisfaction with governance.

The model includes the structures, practices, and responsibilities to drive effective governance in your organization.

Sample of the key blueprint deliverable 'Governance Framework Model'.

Governance Implementation Plan

This roadmap lays out the changes required to implement the governance model, the cultural items that need to be addressed, and anticipated timing.

Sample of the blueprint deliverable 'Governance Implementation Plan'.

Governance Committee Charters

Develop a detail governance charter or term of reference for each governing body. Outline the mandate, responsibilities, membership, process, and associated policies for each.

Sample of the blueprint deliverable 'Governance Committee Charters'.

Blueprint benefits

IT Benefits

  • Stronger, traceable alignment of IT decisions and initiatives to business needs.
  • Improved ability for IT to meet the changing demands and velocity of the business.
  • Better support and enablement of innovation – removing constraints and barriers.
  • Optimized governance that supports and enables modern work practices.
  • Increased value generation from IT initiatives and optimal use of IT resources.
  • Designed adaptability to ensure you remain in alignment as your business and IT environments change.

Business Benefits

  • Clear transparent focus of IT initiatives on generating strategic business value.
  • Improved ability to measure the value and contribution of IT to business goals.
  • Alignment and integration of business/IT strategy.
  • Optimized development and use of IT capabilities to meet business needs.
  • Improved integration with corporate/enterprise governance.

Executive Brief Case Study

INDUSTRY Manufacturing
SOURCE Info-Tech analyst experience

Improving the governance approach and delegating decision making to support a change in business operation

Challenge

The large, multi-national organization has locations across the world but has two primary headquarters, in Europe and the United States.

Market shifts drove an organizational shift in strategy, leading to a change in operating models, a product focus, and new work approaches across the organization.

Much of the implementation and execution was done in isolation, and effectiveness was slowed by poor integration and conflicting activities that worked against each other.

The product owner role was not well defined.

Solution

After reviewing the organization’s challenges and governance approach, we redefined and realigned its organizational and regional goals and identified outcomes that needed to be driven into their strategies.

We also reviewed their span of control and integration requirements and properly defined decisions that could be made regionally versus globally, so that decisions could be made to support new work practices.

We defined the product and service owner roles and the decisions each needed to make.

Results

We saw an improvement in the alignment of organizational activities and the right people and bodies making decisions.

Work and practices were aimed at the same key outcomes and alignment between teams toward organizational goal improved.

Within one year, the success rate of the organization’s initiatives increased by 22%, and the percentage of product-related decisions made by product owners increased by 50%.

Info-Tech offers various levels of support to best suit your needs

DIY Toolkit

Guided Implementation

Workshop

Consulting
"Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

Diagnostics and consistent frameworks used throughout all four options

Guided Implementation

A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

A typical GI is between 5 and 8 calls over the course of 2 to 3 months.

What does a typical GI on this topic look like?

    Phase 1: Identify Your Governance Needs

  • Call #1: Confirm your organization’s mission and vision and review your strategy and goals.
  • Call #2: Identify considerations and governance needs. Develop your guiding star and governing principles.

    • Phase 2: Select and Refine Your Model

  • Call #3: Select your base model and optimize it to meet your governance needs.
  • Call #4: Define your adjustment triggers and develop your implementation plan.

    • Phase 3: Embed and Automate

  • Call #5: Identify decisions and standards you can automate and where to embed them.
  • Call #6: Confirm levels of authority and data requirements. Establish your approach and update the implementation plan.

Workshop Overview

Contact your account representative for more information.
workshops@infotech.com1-888-670-8889

Session 1 Session 2 Session 3 Session 4 Session 5
Activities
Develop Your Guiding Star

1.1 Confirm mission, vision, and goals

1.2 Define scope and principles

1.3 Adjust for culture and finalize context

Define the Governance Model

2.1 Select and refine governance model

2.2 Confirm and adjust the structure

2.3 Review and adapt governance responsibilities and activities

2.4 Validate governance mandates and membership

Build Governance Process and Policy

3.1 Update your governance process

3.2 Align policies to mandate

3.3 Adjust and confirm your governance model

3.4 Identify and document your update triggers

3.5 Embed triggers into review cycle

Embed and Automate Governance

4.1 Identify decisions and standards to automate

4.2 Plan verification and validation approach

4.3 Build implementation plan

4.4 Develop communication strategy and messaging

Next Steps and Wrap-Up

5.1 Complete in-progress outputs from previous four sessions

5.2 Set up review time for workshop outputs and to discuss next steps

Outcomes
  1. Governance context and goals
  2. Governance principles
  1. IT governance model and adjustment triggers
  2. IT governance structure, responsibilities, membership, and cadence
  3. Governance committee charters
  1. IT governance process and information flow
  2. IT governance policies
  3. Finalized governance model
  1. Selected automation options, decision logic, and business rules
  2. Implementation and communication plan
  1. Governance context and principles
  2. Finalized governance model and charters
  3. Finalized implementation plan

Make Your IT Governance Adaptable

Phase 1

Identify your Governance Needs

Phase 1

  • 1.1 Define Your Guiding Star
  • 1.2 Define Scope and Principles
  • 1.3 Adjust for Culture and Finalize Context
    •

Phase 2

  • 2.1 Choose and Adapt Your Model
  • 2.2. Identify and Document Your Governance Triggers
  • 2.3 Build Your Implementation Approach

Phase 3

  • 3.1 Identify Decisions to Embed and Automate
  • 3.2 Plan Validation and Verification
  • 3.3 Update Implementation Plan

This phase will walk you through the following activities:

Identify the organization’s goals, mission, and vision that will guide governance.

Define the scope of your governance model and the principles that will guide how it works.

Account for organizational attitudes, behaviors, and culture related to governance and finalize your context.

This phase involves the following participants:

  • Senior IT leadership
  • Governance leads

Step 1.1

Define Your Guiding Star

Activities
  • 1.1.1 Document and interpret your strategy, mission, and vision
  • 1.1.2 Document and interpret the business and IT goals and outcomes
  • 1.1.3 Identify your operating model and work processes

This step will walk you through the following activities:

Review your business and IT strategy, mission, and vision to ensure understanding of organizational direction.

Identify the business and IT goals that governance needs to align.

Confirm your operating model and any work practices that need to be accounted for in your model.

This step involves the following participants:

  • Senior IT leadership
  • Governance leads

Outcomes of this step

Identified guiding star outcomes to align governance outcomes with

Defined operating model type and work style that impact governance design

Identify Your Governance Needs

Step 1.1 – Define your Guiding Star Step 1.2 – Define Scope and Principles Step 1.3 – Adjust for Culture and Finalize Context

Govern by intent

Find the balance for your designed governance approach

Organic governance occurs during the formation of an organization and shifts with challenges, but it is rarely transparent and understood. It changes your culture in uncontrolled ways. Intentional governance is triggered by changes in organizational needs, working approaches, goals, and structures. It is deliberate and changes your culture to enable success.
Stock photo of a weight scale.

Info-Tech Insight

Your approach to governance needs to be designed, even if your execution of governance is adaptable and delegated.

What is your guiding star?

Your guiding star is a combination of your organization’s mission, vision, and strategy and the goals that have been defined to meet them.

It provides you with a consistent focal point around which I&T-related activities and projects orbit, like planets around a star.

It generates the gravity that governance uses to keep things from straying too far away from the goal of achieving relevant value.

  1. Mission & Vision
  2. Business Goals & Success Criteria
  3. Operating Model & Work Practices
  4. Governance Scope
  5. Principles

1.1.1 Document and interpret your strategy, mission, and vision

30 minutes

Input: Business strategy, IT strategy, Mission and vision statements

Output: Updated Governance Workbook, Documented strategic outcomes and organizational aims that governance needs to achieve

Materials: Whiteboard/flip charts, Governance Workbook

Participants: IT senior leadership

  1. Gather your available business, digital, and IT strategy, mission, and vision information and document everything in your Governance Workbook. It’s ok if you don’t have all of it.
  2. Review and your mission and vision as a group. Discuss and document key points, including:
    • Which activities do you perform as an organization that embody your vision?
    • What key decisions and behaviors are required to ensure that your mission and vision are achievable?
    • What do you require from leadership to enable you to govern effectively?
    • What are the implications of the mission and vision on how the organization needs to work? What are the implications on decisions around opportunities and risks?

Download the Governance Workbook

1.1.2 Document and interpret the business and IT goals and outcomes

60 minutes

Input: Business strategy, Business and IT goals and related initiatives

Output: Required success outcomes for goals, Links between IT and business goals that governance needs to align

Materials: Whiteboard/flip charts

Participants: IT senior leadership

  1. Document the business and IT goals that have been created to achieve the mission and vision.
  2. Discuss if there are any gaps between the goals and the mission and vision. Ask yourself – if we accomplish these goals will we have successfully achieved the mission?
  3. For each goal, define what successful achievement of the goal looks like. Starting with one goal or objective, ask:
    • How would I know I am on the right path and how will I know I have gotten there?
    • How would I know if I am not on the right path and what does a bad result look like?
    4. Document your success criteria.
  4. Brainstorm some examples of decisions that support or constrain the achievement of your goals.
  5. Repeat this exercise for your remaining goals.
  6. As a group, map IT goals to business goals.

What is your operating model and why is it important?

An IT operating model is a visual representation of the way your IT organization needs to be designed and the capabilities it requires to deliver on the business mission, strategic objectives, and technological ambitions.

The model is critical in the optimization and alignment of the IT organization’s structure in order to deliver the capabilities required to achieve business goals. It is a key determinant of how governance needs to be designed and where it is implemented.

Little visualizations of different operating models: 'Centralized', 'Decentralized', and 'Hybrid'.

1.1.3 Identify your operating model and work practices

60 minutes

Input: Organizational structure, Operating model (if available)

Output: Confirmed operating approach, Defined work practices

Materials: Whiteboard/flip charts

Participants: IT senior leadership

  1. Identify the way your organization functions:
    • How do we currently operate? Are we centralized, decentralized or a hybrid? Are we focused on delivering products and services? Do we provide service ourselves or do we use vendors for delivery?
    • Can we achieve our mission, goals, and strategies, if we continue to operate this way? What would we have to change in how we operate to be successful in the future?
  2. Identify your governance needs. Do we need to be more structured or more flexible to support our future ways of working?
    • If you operate in a more traditional way, consider whether you are implementing or moving toward more modern practices (e.g. Agile, DevOps, enterprise service management). Do you need to make more frequent but lower-risk decisions?
    • Is your organization ready to delegate governance culturally and in terms of business understanding? Is there enough available information to support adaptive decisions and actions?
  3. Document your operating style, expected changes in work style, and cultural readiness. You will need to consider the implications on design.

Step 1.2

Define Scope and Principles

Activities
  • 1.2.1 Determine the proper scope for your governance
  • 1.2.2 Confirm your determining governing principles
  • 1.2.3 Develop your specific governing principles

This step will walk you through the following activities:

Identify what is included and excluded within the scope of your governance.

Develop the determining and specific principles that provide guardrails for governance activities and decisions.

This step involves the following participants:

  • Senior IT leadership
  • Governance leads

Outcomes of this step

Documented governance scope and principles to apply

Identify Your Governance Needs

Step 1.1 – Define your Guiding Star Step 1.2 – Define Scope and Principles Step 1.3 – Adjust for Culture and Finalize Context

Define the context for governance

Based on the goals and principles you defined and the operating model you selected, confirm where oversight will be necessary and at what level. Focus on the necessity to expedite and clear barriers to the achievement of goals and on the ownership of risks and compliance. Some key considerations:

  • Where in the organization will you need to decide on work that needs to be done?
  • What type of work will you need to do?
  • In what areas could there be conflicts in prioritization/resource allocation to address?
  • Who is accountable for risks to the organization and its objectives?
  • Where are your regional or business-unit-specific concerns that require focused local attention?
  • Are we using more agile, rapid delivery methods to produce work?

Understand your governance scope

Your governance scope helps you define the boundaries of what your governance model and practices will cover. This includes key characteristics of your organization that impact what governance needs to address.

Sample Considerations

  • Organizational Span
    • The geographical area the organization operates within. Regional laws and requirements will affect governance delegation and standards/policy development.
  • Level of Regulation
    • Higher levels of regulation create more standards and controls for risk and compliance, impacting how authority can be delegated or automated.
  • Sourcing Model
    • Changing technology sourcing introduces additional vendor governance requirements and may impact compliance and audit.
  • Risk Posture
    • The appetite for risk organizationally, and in pockets, impacts the level of uncertainty you are willing to work within and impact decision-making authority positioning.
  • Size
    • The size of your organization impacts the approach to governance, practice implementation, and delegation of authority.
  • What Is Working Today?
    • Which elements of your current governance approach should be retained, and what are the biggest pain points that need to be addressed?
(Source: COBIT 2019)

1.2.1 Determine the proper scope for your governance

60 minutes

Input: Context information from Activity 1.1, Scoping areas

Output: Defined scope and span of control

Materials: Whiteboard/flip charts

Participants: IT senior leadership

  1. Determine the scope/span of control required for your governance by:
    • Reviewing your key IT capabilities. Identify the ones where the responsibilities and decisions require oversight to ensure they meet the needs of the organization.
    • Identify what works well or poorly in your current governance approach.
    • Discuss and document the level and type of knowledge and business understanding required.
    • Identify and document any regulations, standards, or laws that apply to your organization/industry and how broadly they have to be applied.
    • Identify the organization’s risk appetite, where known, and areas where acceptable thresholds of risk have been defined. Where are key risk and opportunity decisions made? Who owns risk in your organization?
    • Identify and document the perceived role of the IT group in your organization (e.g. support, innovator, partner) and sourcing model (e.g. insource, outsource).
    • Is there sufficient information and data available in your organization to support effective decision making?

How should your governance be structured?

Organizations often have too many governance bodies, creating friction without value. Where that isn’t the case, the bodies are often inefficient, with gaps or overlaps in accountability and authority. Structure your governance to optimize its effectiveness, designing with the intent to have the fewest number of governing bodies to be effective, but no less than is necessary.

Start with your operating model.

  • Understand what’s different about your governance based on whether your organization in centralized, distributed, or a different model (e.g. hybrid, product).
  • Identify and include governance structures that are mandatory due to regulation or industry.
  • Based on your context, identify how many of your governance activities should be performed together.

Determine whether your governance should be controlled or adaptive.

  • Do you have the capability to distribute governance and is your organization empowered enough culturally?
  • Do you have sufficient standards and data to leverage? Do you have the tools and capabilities?
  • Identify governance structures that are required due to regulation or industry.

Info-Tech Insight

Your approach to governance needs to be designed and structured, even if your execution of governance is adaptable and delegated.

Identify and Refine your Principles

Confirm your defining principles based on your selection of controlled or adaptive governance. Create specific principles to clarify boundaries or provide specific guidance for teams within the organization.

Controlled Adaptive
Disentangle governance and management Delegate and empower
Govern toward value Deliver to defined outcomes
Make risk-informed decisions Embed risk into decision making
Measure to drive improvement Trust though real-time reporting
Enforce standards and behavior Automate decision making though established standards

Determining Principle: Delegate and empower.

Specific Principle: Decisions should be made at the lowest reasonable level of the organization with clarity.

Rationale: To govern effectively with the velocity required to address business needs, governance needs to be executed deeper into the organization and organizational goals need to be clearly understood everywhere.

Implication: Decision making needs to be delegated throughout the organization, so information and data requirements need to be identified, decision-making approach and principles need to be shared, and authority needs to be delegated clearly.

1.2.2 Confirm your determining governance principles

30-45 minutes

Input: Governance Framework Model– Governance Principles

Output: Governance workbook - Finalized list of determining principles

Materials: Whiteboard/flip charts, Governance Workbook

Participants: IT senior leadership

  1. Review the IT governance principles in your Governance Workbook.
  2. Within your IT senior leadership team (or IT governance working group) assign one or two principles to teams of two to three participants. Have each team identify what this would mean for your organization. Answering the questions:
    • In what ways do our current governance practices support this?
    • What are some examples of changes that would need to be made to make this a reality?
    • How would applying this principle improve your governance?
  3. Have each team present their results and compile the findings and implications in the Governance Workbook to use for future communication of the change.

Specific governing principles

Specific governing principles are refined principles derived from a determining principle, when additional specificity and detail is necessary. It allows you to define an approach for specific behaviors and activities. Multiple specific principles may underpin the determining one.

A visualization of a staircase with stairs labelled, bottom to top, 'Determining Principle', 'Rationale', 'Implications', 'Specific Principles'.

Specific Principles – Related principles that may be required to ensure the implications of the determining principal are addressed within the organization. They may be specific to individual areas and may be addressed in policies.

Implications – The implications of this principle on the organization, specific to how and where governance is executed and the level of information and authority that would be necessary.

Rationale – The reason(s) driving the determining principle.

Determining Principle – A core overarching principle – a defining aspect of your governance model.

1.2.3 Develop your specific governing principles

30 minutes

Input: Updated determining principles

Output: List of specific principles linked to determining principles

Materials: Whiteboard/flip charts, Governance Workbook

Participants: IT senior leadership

  1. Confirm the determining principles for your governance model based on your previous discussions.
  2. Identify where to apply the principles. This is based on:
    1. Your governance scope (how much is within your span of control)
    2. The amount of data you have available
    3. Your cultural readiness for delegation
  3. Create specific principles to support the determining principles:
    1. Document the rationale driving the determining principles.
    2. Identify the implications.
    3. Create specific principles that will support the success in achieving the goals of each determining principle.
  4. Document all information on the “Governance guiding star” slide in the Governance Workbook.

Download the Governance Workbook

Step 1.3

Adjust for Culture and Finalize Context

Activities
  • 1.3.1 Identify and address the impact of attitude, behavior, and culture
  • 1.3.2 Finalize your context

This step will walk you through the following activities:

Identify your organizational attitude, behavior, and culture related to governance.

Identify positives that can be leveraged and develop means to address negatives.

Finalize the context that your model will leverage and align to.

This step involves the following participants:

  • Senior IT leadership
  • Governance leads

Outcomes of this step

Downloaded tool ready to select the base governance model for your organization

Identify Your Governance Needs

Step 1.1 – Define your Guiding Star Step 1.2 – Define Scope and Principles Step 1.3 – Adjust for Culture and Finalize Context

Understanding attitude, behavior, and culture

A

 ttitude

What people think and feel. It can be seen in their demeanor and how they react to change initiatives, colleagues, and users. This manifests in the belief that governance is a constraint that needs to be avoided or ignored – often with unintended consequences.

A stock photo of a lightbulb over a person's head and a blackboard behind them reading 'New Mindset - data-verified= New Results'.">

Any form of organizational change involves adjusting people’s attitudes to create buy-in and commitment.

You need to identify and address attitudes that can lead to negative behaviors and actions or that are counter-productive.

Understanding attitude, behavior, and culture

B

 ehavior

What people do. This is influenced by attitude and the culture of the organization. In governance, this manifests as people’s willingness to be governed, who pushes back, and who tries to bypass it.

A stock photo of someone walking up a set of stairs into the distant sunlight.

To implement change within IT, especially at a tactical and strategic level, organizational behavior needs to change.

This is relevant because people gravitate toward stability and will resist change in an active or passive way unless you can sell the need, value, and benefit of changing their behavior and way of working.

Understanding attitude, behavior, and culture

C

 ulture

The accepted and understood ways of working in an organization. The values and standards that people find normal and what would be tacitly identified to new resources. In governance terms, this is how decisions are really made and where responsibility really exists rather than what is identified formally.

A stock photo of a compass pointing to 'VALUES'.

The impact of the organizational or corporate “attitude” on employee behavior and attitude is often not fully understood.

Culture is an invisible element, which makes it difficult to identify, but it has a strong impact and must be addressed to successfully embed governance models. In the case of automating governance, cultural readiness for automation is a critical success factor.

1.3.1 Identify and address the impact of attitude, behavior, and culture

45 minutes

Input: Senior leadership knowledge

Output: Updated Governance Workbook

Materials: Governance Workbook

Participants: IT senior leadership

  1. Break into three groups. Each group will discuss and document the positive and negative aspects of one of attitude, behavior, or culture related to governance in your organization.
  2. Each group will present and explain their list to the group.
  3. Add any additional suggestions in each area that are identified by the other groups.
  4. Identify the positive elements of attitude, behavior, and culture that would help with changing or implementing your updated governance model.
  5. Identify any challenges that will need to be addressed for the change to be successful.
  6. As a group, brainstorm some mitigations or solutions to these challenges. Document them in the Governance Workbook to be incorporated into the implementation plan.

Download the Governance Workbook

Attitude, behavior, and culture

Evaluate the organization across the three contexts. The positive items represent opportunities for leveraging these characteristics with the implementation of the governance model, while the negative items must be considered and/or mitigated.

Attitude Behavior Culture
Positive
Negative
Mitigation

1.3.2 Finalize your governance context

30 minutes

Input: Documented governance principles and scope from previous exercises

Output: Finalized governance context in the Governance Workbook

Materials: Whiteboard/flip charts, Governance Workbook

Participants: IT senior leadership

  1. Use the information that has been gathered throughout this section to update and finalize your IT governance context.
  2. Document it in your Governance Workbook.

Download the Governance Workbook

Make Your IT Governance Adaptable

Phase 2

Select and Refine Your Governance Model

Phase 1

  • 1.1 Define Your Guiding Star
  • 1.2 Define Scope and Principles
  • 1.3 Adjust for Culture and Finalize Context

Phase 2

  • 2.1 Choose and Adapt Your Model
  • 2.2. Identify and Document Your Governance Triggers
  • 2.3 Build Your Implementation Approach
    •

Phase 3

  • 3.1 Identify Decisions to Embed and Automate
  • 3.2 Plan Validation and Verification
  • 3.3 Update Implementation Plan

This phase will walk you through the following activities:

Select a base governance model and refine it to suit your organization.

Identify scenarios and changes that will trigger updates to your governance model.

Build your implementation plan.

This phase involves the following participants:

  • Senior IT leadership
  • Governance resources

Step 2.1

Choose and Adapt Your Model

Activities
  • 2.1.1 Choose your base governance model
  • 2.1.2 Confirm and adjust the structure of your model
  • 2.1.3 Define the governance responsibilities
  • 2.1.4 Validate the governance mandates and membership
  • 2.1.5 Update your committee processes
  • 2.1.6 Adjust your associated policies
  • 2.1.7 Adjust and confirm your governance model

This step will walk you through the following activities:

Review and selecting your base governance model.

Adjust the structure, responsibilities, policies, mandate, and membership to best support your organization.

This step involves the following participants:

  • Senior IT leadership
  • Governance leads

Outcomes of this step

Downloaded tool ready to select the base governance model for your organization

Select and Refine Your Governance Model

Step 2.1 – Choose and Adapt Your Model Step 2.2 – Identify and Document Your Governance Triggers Step 2.3 – Build Implementation Approach

Your governance framework has six key components

GOVERNANCE FRAMEWORK

  • GUIDELINES
    The key behavioral factors that ground your governance framework
  • MEMBERSHIP
    Formalization of who has authority and accountability to make specific governance decisions
  • RESPONSIBILITIES
    The definition of which decisions and outcomes your governance structure and each governance body is accountable for
  • STRUCTURE
    Which governance bodies and roles are in place to articulate where decisions are made in the organization
  • PROCESS
    Identification of the how your governance will be executed, how decisions are made, and the inputs, outputs, and connections to related processes
  • POLICY
    Set of principles established to address risk and drive expected and required behavior

4 layers of governance bodies

There are traditionally 4 layers of governance in an enterprise, and organizations have governing bodies or individuals at each level

RESPONSIBILITIES AND TYPICAL MEMBERSHIP
ENTERPRISE Defines organizational goals. Directs or regulates the performance and behavior of the enterprise, ensuring it has the structure and capabilities to achieve its goals.

Membership: Business executives, Board

STRATEGIC Ensures IT initiatives, products, and services are aligned to organizational goals and strategy and provide expected value. Ensure adherence to key principles.

Membership: Business executives, CIO, CDO

TACTICAL Ensures key activities and planning are in place to execute strategic initiatives.

Membership: Authorized division leadership, related IT leadership

OPERATIONAL Ensures effective execution of day-to-day functions and practices to meet their key objectives.

Membership: Service/product owners, process owners, architecture leadership, directors, managers

2.1.1 Choose your base governance model

30 minutes

Input: Governance models templates

Output: Selected governance model

Materials: Whiteboard/flip charts

Participants: IT senior leadership

  1. Download Info-Tech’s base governance models (Controlled Governance Models Template and IT Governance Program Overview) and review them to find a template that most closely matches your context from Phase 1. You can start with a centralized, decentralized, or product/service hybrid IT organization. Remove unneeded models.
  2. If you do not have documented governance today, start with a controlled model as your foundation. Continue working through this phase if you have a documented governance framework you wish to optimize using our best practices or move to Phase 3 if you are looking to automate or embed your governance activities.

Controlled Governance Models Template

Adaptive Governance Models Template

2.1.2 Confirm and adjust the structure of your model

30-45 minutes

Input: Selected base governance model, Governance context/scope

Output: Updated governance bodies and relationships

Materials: Whiteboard/flip charts

Participants: IT senior leadership

  1. Validate your selected governance body structural model.
    • Are there any governing bodies you must maintain that should replace the ones listed? In part or in full?
    • Are there any missing bodies? Look at alternative committees for examples.
    • Document the adjustments.
  2. Are there any governing bodies that are not required?
    • Based on your size and needs, can they be done within one committee?
    • Is the capability or data not in place to perform the work?
    • Document the required changes.

There are five key areas of governance responsibility

A cyclical visualization of the five keys areas of governance responsibility, 'Strategic Alignment', 'Value Delivery', 'Risk Management', 'Resource Management', and 'Performance Measurement'.

STRATEGIC ALIGNMENT
Ensures that technology investments and portfolios are aligned with the organization’s needs.

VALUE DELIVERY
Reviews the outcomes of technology investments and portfolios to ensure benefits realization.

RISK MANAGEMENT
Defines and owns the risk thresholds and register to ensure that decisions made are in line with the posture of the organization.

RESOURCE MANAGEMENT
Ensures that people, financial knowledge, and technology resources are appropriately allocated across the organization.

PERFORMANCE MEASUREMENT
Monitors and directs the performance or technology investments to determine corrective actions and understand successes.

2.1.3 Define the governance responsibilities

Ensure you have the right responsibilities in the right place

45-60 minutes

Input: Selected governance base model, Governance context

Output: Updated responsibilities and activities, Updated activities for selected governance bodies, New or removed governing bodies

Materials: Whiteboard/flip charts

Participants: IT senior leadership

  1. Based on your context and model, review the responsibilities identified for each committee and confirm that they align with the mandate and the stated outcome.
  2. Identify and highlight any responsibilities and activities that would not be involved in informing and enabling the mandate of the committee.
  3. Adjust the wording of confirmed responsibilities and activities to reflect your organizational language.
  4. Review each highlighted “bad fit” activity and move it to a committee whose mandate it would support or remove it if it’s not performed in your organization.
  5. If an additional committee is required, define the mandate and scope, then include any additional responsibilities that might have been a bad fit elsewhere

2.1.4 Validate the governance mandates and membership

30 minutes

Input: Selected governance base model, Updated structure and responsibilities

Output: Adjusted mandates and refined committee membership

Materials: Whiteboard/flip charts

Participants: IT senior leadership

  1. Review the mandate and membership slides in your selected governance model.
  2. Adjust the mandate to ensure that it aligns to and conveys:
    1. The outcome that the committee is meant to generate for the organization.
    2. Its scope/span of control.
  3. Discuss the type of information members would require for the committee to be successful in achieving its mandate.
  4. Document the member knowledge requirement in the mandate slide of the model template.

Determine the right membership for your governance

One of the biggest benefits of governance committees is the perspective provided by people from various parts of the organization, which helps to ensure technology investments are aligned with strategic goals. However, having too many people – or the wrong people – involved prevents the committee from being effective. Avoid this by following these principles.

Three principles for selecting committee membership

  1. Determine membership based on responsibilities and required knowledge.
    Organizations often make the mistake of creating committees and selecting members before defining what they will do. This results in poor governance because members don’t have the knowledge required to make decisions. Define the mandate of the committee to determine which members are the right fit.
  2. Ensure members are accountable and authorized to make the decisions.
    Effective governance requires the members to have the authority and accountability to make decisions. This ensures meetings achieve their outcome and produce value, which improves the committee’s chances of survival.
  3. Select leaders who see the big picture.
    Often committee decisions and responsibilities become tangled in the web of organizational politics. Include people, often C-level, whose attendance is critical and who have the requisite knowledge, mindset, and understanding to put business needs ahead of their own.

2.1.5 Update your committee processes

20 minutes

Input: Selected governance base model, Updated structure and responsibilities

Output: Updated committee processes

Materials: Whiteboard/flip charts

Participants: IT senior leadership

  1. Review the committee details based on the changes you have made in goals, mandate, and responsibilities.
  2. Identify and document changes required to the committee outputs (outcomes) and adjust the consumer of the outputs to match.
  3. Review the high-level process steps required to get to the modified output. Add required activities or remove unnecessary ones. Review the process flow. Does it make sense? Are there unnecessary steps?
  4. Review and update inputs required for the process steps and update the information/data sources.
  5. Adjust the detailed process steps to reflect the work that needs to be done to support each high-level process step that changed.

2.1.6 Adjust your associated policies

20 minutes

Input: Selected governance base model, Updated structure and responsibilities

Output: Adjusted mandates and refined committee membership

Materials: Whiteboard/flip charts

Participants: IT senior leadership

  1. Review the policies associated with the governing bodies in your base model. Identify the policies that apply to your organization, those that are missing, and those that are not necessary.
  2. Confirm the policies that you require.
  3. Make sure the policies and policy purposes (or risks and related behaviors the policy addresses) are matched to the governance committee that has responsibilities in that area. Move policies to the right committee.

2.1.7 Adjust and confirm your governance model

  1. Confirm the adjustment of governance bodies, structure, and input/output linkages.
  2. Confirm revisions to decisions and responsibilities.
  3. Confirm policy and regulation/standards associations.
  4. Select related governance committee charters from the provided set and revise the charters to reflect the elements defined in your updated model.
  5. Finalize your governance model.

Samples of slides related to adjusting and confirming governance models in the Governance Workbook.

Step 2.2

Identify and Document Your Governance Triggers

Activities
  • 2.2.1 Identify and document update triggers
  • 2.2.2 Embed triggers into the review cycle

This step will walk you through the following activities:

Identify scenarios that will create a need to review or change your governance model.

Update your review/update approach to receiving trigger notifications.

This step involves the following participants:

  • Senior IT leadership
  • Governance leads

Outcomes of this step

Downloaded tool ready to select the base governance model for your organization

Select and Refine Your Governance Model

Step 2.1 – Choose and Adapt Your Model Step 2.2 – Identify and Document Your Governance Triggers Step 2.3 – Build Implementation Approach

What are governance triggers

Governance triggers are organizational or environmental changes within or around an organization that are inflection points that start the review and revision of governance models to maintain their fit with the organization. This is the key to adaptive governance design.

A target with five arrows sticking out of the bullseye, 'Operating Model', 'Business Strategy', 'Mandate Change', 'Management Practices', and 'Digital Transformation'.

2.2.1 Identify and document update triggers

30 minutes

Input: Governance Workbook

Output: Updated workbook with defined and documented governance triggers, points of origin, and integration

Materials: Whiteboard/flip charts

Participants: IT senior leadership

  1. Open the Governance Workbook to the “Triggers” slides.
  2. Review the list of governance triggers. Retain the ones that apply to your organization, remove those you feel are unnecessary, and add any change scenarios you feel should be included.
  3. Identify where you would receive notifications of these changes and the related processes or activities that would generate these notifications, if applicable.
  4. Document any points of integration required between governance processes and the source process. Highlight any where the integration is not currently in place.

Sample of the 'Triggers' slide in the Governance Workbook.

2.2.2 Embed triggers into the review cycle

30 minutes

Input: Governance model

Output: Review cycle update

Materials: Whiteboard/flip charts

Participants: IT senior leadership

  1. Identify which triggers impact the entire governance model and which impact specific committees.
  2. Add an activity for triggered review of the impacted governance model into your governance committee process.

Step 2.3

Build Your Implementation Approach

Activities
  • 2.3.1 Identify and document your implementation plan
  • 2.3.2 Build your roadmap
  • 2.3.3 Build your sunshine diagram

This step will walk you through the following activities:

Transfer changes to the Governance Implementation Plan Template.

Determine the timing for the implementation phases.

This step involves the following participants:

  • Senior IT leadership
  • Governance process owner

Outcomes of this step

Implementation plan for adaptive governance framework model

Select and Refine Your Governance Model
Step 2.1 – Choose and Adapt Your Model Step 2.2 – Identify and Document Your Governance Triggers Step 2.3 – Build Implementation Approach

2.3.1 Identify and document your implementation plan

60 minutes

Input: Governance model, Guiding principles, Update triggers, Cultural factors and mitigations

Output: Implementation roadmap

Materials: Whiteboard/flip charts

Participants: IT senior leadership

  1. As a group, discuss the changes required to implement the governance model, the cultural items that need to be addressed, and the anticipated timing.
  2. Document the implementation activities and consolidate them into groupings/themes based on similarities or shared outcomes.
  3. Name the grouped themes for clarity and identify key dependencies between activities in each area and across themes.
  4. Identify and document your approach (e.g. continuous, phased) and high-level timeline for implementation.
  5. Document the themes and initiatives in the Governance Implementation Plan.

Download the Governance Implementation Plan

Illustrate the implementation plan using roadmaps

Info-Tech recommends two different methods to roadmap the initiatives in your Governance Implementation Plan.

Gantt Chart
Sample of a Gantt Chart.

This type of roadmap depicts themes, related initiatives, the associated goals, and exact start and end dates for each initiative. This diagram is useful for outlining a larger number of activities and initiatives and has an easily digestible and repeatable format.

Sunshine Diagram
Sample of a Sunshine Diagram.

This type of roadmap depicts themes and their associated initiatives. The start and end dates for the initiatives are approximated based on years or phases. This diagram is useful for highlighting key initiatives on one page.

2.3.2 Build your roadmap

30 minutes

Input: Governance themes and initiatives

Output: roadmap visual

Materials: Governance Roadmap Workbook, Governance Workbook

Participants: CIO, IT senior leadership

  1. Open the Governance Implementation Plan and review themes and initiatives.
  2. Open the Governance Roadmap Workbook.
  3. Discuss whether the implementation roadmap should be developed as a Gantt chart, a sunshine diagram, or both.
    For the Gantt chart:
    • Input the roadmap start year and date.
    • Change the months and year in the Gantt chart to reflect the same roadmap start year.
    • Input and populate the planned start and end dates for the list of high-priority initiatives.

Develop your Gantt chart in the Governance Roadmap Workbook

2.3.3 Build your sunshine diagram

30 minutes

Input: Governance themes and initiatives

Output: Sunshine diagram visual

Materials: Whiteboard/flip charts, Markers, Governance Implementation Plan

Participants: CIO, IT senior leadership

  1. Review your list of themes and initiatives.
  2. Build a model with “rays” radiating out from a central theme or objective.
  3. Using curved arcs, break the grid into timeline periods or phases.
  4. Complete your sunshine diagram in the Governance Implementation Plan.

Customize your sunshine diagram in the Governance Implementation Plan

Make Your IT Governance Adaptable

Phase 3

Embed and Automate

Phase 1

  • 1.1 Define Your Guiding Star
  • 1.2 Define Scope and Principles
  • 1.3 Adjust for Culture and Finalize Context

Phase 2

  • 2.1 Choose and Adapt Your Model
  • 2.2. Identify and Document Your Governance Triggers
  • 2.3 Build Your Implementation Approach

Phase 3

  • 3.1 Identify Decisions to Embed and Automate
  • 3.2 Plan Validation and Verification
  • 3.3 Update Implementation Plan
    •

This phase will walk you through the following activities:

Identify which decisions you are ready to automate.

Identify standards and policies that can be embedded and automated.

Identify integration points.

Confirm data requirements to enable success.

This phase involves the following participants:

  • IT senior leadership
  • Governance process owner
  • Product and service owners
  • Policy owners

Step 3.1

Identify Decisions to Embed and Automate

Activities
  • 3.1.1 Review governance decisions and standards and the required level of authority
  • 3.1.2 Build your decision logic
  • 3.1.3 identify constraints and mitigation approaches
  • 3.1.4 Develop decision rules and principles

This step will walk you through the following activities:

Identify your key decisions.

Develop your decision logic.

Confirm decisions that could be automated.

Identify and address constraints.

Develop decision rules and principles.

This step involves the following participants:

  • IT senior leadership

Outcomes of this step

Developed decision rules, rulesets, and principles that can be leveraged to automate governance

Defined integration points

Embed and Automate

Step 3.1 – Identify Decisions to Embed and Automate Step 3.2 – Plan Validation and Verification Step 3.3 – Update Implementation Plan

What is decision automation?

Decision automation is the codifying of rules that connect the logic of how decisions are made with the data required to make those decisions. This is then embedded and automated into processes and the design of products and services.

  • It is well suited to governance where the same types of decisions are made on a recurring basis, using the same set of data. It requires clean, high-quality data to be effective.
  • Improvements in artificial intelligence (AI) and machine learning (ML) have allowed the creation of scenarios where a hybrid of rules and learning can improve decision outcomes.

Key Considerations

  • Data Availability
  • Legality
  • Contingencies
  • Decision Transparency
  • Data Quality
  • Auditability

How complexity impacts decisions

Decision complexity impacts the type of rule(s) you create and the amount of data required. It also helps define where or if decisions can be automated.

  1. SIMPLE
    Known and repeatable with consistent and familiar outcomes – structured, causal, and easy to standardize and automate.
  2. COMPLICATED
    Less known and outcomes are not consistently repeatable. Expertise can drive standards and guidelines that can be used to automate decisions.
  3. COMPLEX
    Unknown and new, highly uncertain in terms of outcomes, impact, and data. Requires more exploration and data. Difficult to automate but can be built into the design of products and services.
  4. CHAOTIC
    Unstructured and unknown situation. Requires adaptive and immediate action without active data – requires retained human governance
    5. (Based on Dave Snowden’s Cynefin framework)

Governance Automation Criteria Checklist

The Governance Automation Criteria Checklist provides a view of key considerations for determining whether a governing activity or decision is a good candidate for automation.

The criteria identify key qualifiers/disqualifiers to make it easier to identify eligibility.

Sample of the Governance Automation Criteria Checklist.

Download the Governance Automation Criteria Checklist

Governance Automation Worksheet

Sample of the Governance Automation Worksheet.

The Governance Automation Worksheet provides a way to document your governance and systematically identify information about the decisions to help determine if automation is possible.

From there, decision rules, logic, and rulesets can be designed in support of building a structure flow to allow for automation.

Download the Governance Automation Worksheet

3.1.1 Review governance decisions and standards and the required level of authority

30 minutes

Input: Automation Criteria Checklist, Governance Automation Worksheet, Updated governance model

Output: Documented decisions and related authority, Selected options for automation, Updated Governance Automation Worksheet

Materials: Whiteboard/flip charts, Governance Automation Worksheet

Participants: IT senior leadership

  1. Identify the decisions that are made within each committee in your updated governance model and document them in the Governance Automation Worksheet.
  2. Confirm the level of authority required to make each decision.
  3. Review the automation checklist to confirm whether each decision is positioned well for automation.
  4. Select and document the decisions that are the strongest options for automation/embedding and document them in the Governance Automation Worksheet.

What are decision rules?

Decision rules provide specific instructions and constraints that must be considered in making decisions and are critical for automating governance.

They provide the logical path to assess governance inputs to make effective decisions with positive business outputs.

Inputs would include key information such as known risks, your defined prioritization matrix, portfolio value scoring, and compliance controls.

Individual rules can be leveraged in different places.

Some decision rule types are listed here.

  1. Statement Rules
    Natural expression of logical progression, written through logical elements
  2. Decision Tree Rules
    Decision tree with two axes that overlap to generate a decision
  3. Sequential Rules
    A sequence of decisions that move from one step to the next
  4. Expression Rule
    A particular set of rules triggered by a particular rule condition being met
  5. Truth table rules
    Combines many decision factors into one place; produces different outputs

What are decision rulesets

Rulesets are created to make complex decisions. Individual rule types are combined to create rulesets that are applied together to generate effective decisions. One rule will provide contextual information required for additional rules to execute in a Rule-Result-Rule-Result-Rule-Decision flow.

A visualization of two separate rulesets made up of the decision rules on the previous slide. 'Ruleset 1' contains '1) Statement Rules', '2) Decision Tree Rules', and 5) Truth Table Rules'. 'Ruleset 2' contains '3) Sequential Rules' and '4) Expression Rule'.

3.1.2 Build your decision logic

30 minutes

Input: Governance Automation Worksheet

Output: Documented decision logic to support selected decision types and data requirements

Materials: Whiteboard/flip charts

Participants: IT senior leadership

  1. For each selected decision, identify the principles that drive the considerations around the decision.
  2. For each decision, develop the decision logic by defining the steps and information inputs involved in making the decision and documenting the flow from beginning to end.
  3. Determine whether this is one specific decision or a combination of different decisions (in sequence or based on decisions).
  4. Name your decision rule.

Sample of the Governance Automation Worksheet.

3.1.3 Identify constraints and mitigation approaches

60 minutes
  1. Document constraints to automation of decisions related to:
    • Availability of decision automation tools
    • Decision authority change requirements
    • Data constraints
    • Knowledge requirements
    • Process adjustment requirements
    • Product/service design levels
  2. Brainstorm and identify approaches to mitigate constraints and score based on likelihood of success.
  3. Identify mitigation owners and initial timeline expectations.
  4. Document the constraints and mitigations in the Governance Workbook on the constraints and mitigations slide.

Sample of the 'Constraints and mitigations' slide of the 'Governance Workbook'.

3.1.4 Develop decision rules and principles

1.5-2 hours

Input: Governance Automation Worksheet

Output: Defined decision integration points, Confirmed data availability sets, Decision rules, rulesets, and principles with control indicators

Materials: Whiteboard/flip charts, Governance Automation Worksheet

Participants: IT senior leadership

  1. Review the decision logic for those decisions that you have confirmed for automation. Identify the processes where the decision should be executed.
  2. Associate each decision with specific process steps or stages or how it would be included in software/product design.
  3. For each selected decision, identify the availability of data required to support the decision logic and the level of complexity and apply governing principles.
  4. Create the decision rules and identify data gaps.
  5. Define the decision flow and create rulesets as needed.
  6. Confirm automation requirements and define control indicators.

Step 3.2

Plan Validation and Verification

Activities
  • 3.2.1 Define verification approach for embedded and automated governance
  • 3.2.2 Define validation approach for embedded and automated governance

This step will walk you through the following activities:

Define how decision outcomes will be measured.

Determine how the effectiveness of automated governance will be reported.

This step involves the following participants:

  • IT senior leadership

Outcomes of this step

Tested and verified automation of decisions

Embed and Automate

Step 3.1 – Identify Decisions to Embed and Automate Step 3.2 – Plan Validation and Verification Step 3.3 – Update Implementation Plan

Decision rule relationship through to verification

1. Rules

Focus on clear decision logic

Often represented in simple statement types and supported by data:

IF – THEN

IF – AND – THEN

IF – AND NOT – THEN

2. Rulesets

Aggregate rules for more complex decisions

Integrated flows between different required rules:
Rule 1:
(Output 1) – Rule 2
(Output 2) – Rule 6
Rule 6: (Output 1) – Rule 7 		3. Rule Attestation

Verify success of automated decisions

Attestation of embedded and automated rules with key control indicators embedded within process and products.

Principles embedded into automated software controls.

3.2.1 Define verification approach for embedded and automated governance

60 minutes

Input: Governance rules and rulesets as defined in the Governance Automation Worksheet, Defined decision outcomes

Output: A defined measurement of effective decision outcomes, Approach to automate and/or report the effectiveness of automated governance

Materials: Whiteboard/flip charts

Participants: IT senior leadership

Verify

  1. Confirm expected outcome of rules.
  2. Select a sampling of new required decisions or recently performed decisions related to areas of automation.
  3. Run the decisions through the decision rules or rule groupings that were developed and compare to parallel decisions made using the traditional approach. (These must be segregated activities.)
  4. Review the outcome of the rules and adjust based on the output. Identify areas of adjustment. Confirm that the automation meets your requirements.

3.2.2 Define validation approach for embedded and automated governance

60 minutes

Input: Governance rules and rulesets as defined in the Governance Automation Worksheet, Defined decision outcomes

Output: Defined assurance and attestation requirements, Key control indicators that can be automated

Materials: Whiteboard/flip charts

Participants: IT senior leadership

Validate

  1. Develop an approach to measure automated decisions. Align success criteria to current governance KPIs and metrics.
  2. If no such metrics exist, define expected outcome. Define key risk indicators based on the expected points of automation.
  3. Establish quality assurance checkpoints within the delivery lifecycles to adjust for variance.
  4. Create triggers back to rule owners to drive changes and improvements to rules and rule groupings.

Step 3.3

Update Implementation Plan

Activities
  • 3.3.1 Finalize the implementation plan

This step will walk you through the following activities:

Review implications and mitigations to make sure all have been considered.

Finalize the implementation plan and roadmap.

This step involves the following participants:

  • Senior IT leadership

Outcomes of this step

Completed Governance implementation plan and roadmap

Embed and Automate

Step 3.1 – Identify Decisions to Embed and Automate Step 3.2 – Plan Validation and Verification Step 3.3 – Update Implementation Plan

3.3.1 Finalize the implementation plan

30 minutes

Input: Governance workbook, Updated governance model, Draft implementation plan and roadmap

Output: Finalized implementation plan and roadmap

Materials: Whiteboard/flip charts, Governance Implementation Plan

Participants: IT senior leadership

  1. Document automation activities within phases in a governance automation theme in the Governance Implementation Plan.
  2. Review timelines in the implementation plan and where automation fits within the roadmap.
  3. Updated the implementation plan and roadmap.

Governance Implementation Plan

Summary of Accomplishment

Problem Solved

Through this project we have:

  • Improved your governance model to ensure a better fit for your organization, while creating adaptivity for the future.
  • Ensured your governance operates as an enabler of success with the proper bodies and levels of authority established.
  • Established triggers to ensure your governance model is actively adjusted to maintain its fit.
  • Developed a plan to embed and automate governance.
  • Created decision rules and principles and identified where to embed them within your practices.

If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

Contact your account representative for more information.

workshops@infotech.com 1-888-670-8889

Additional Support

If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

Photo of Valence Howden.

Contact your account representative for more information.

workshops@infotech.com 1-888-670-8889

To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.

Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.

Related Info-Tech Research

Improve IT Governance to Drive Business Results

Avoid bureaucracy and achieve alignment with a minimalist approach. Align with your organizational context.

Establish Data Governance

Establish data trust and accountability with strong governance.

Maximize Business Value From IT Through Benefits Realization

Embed value and alignment confirmation into your governance to ensure you optimize IT value achievement for resource spend.

Build a Better Product Owner

Strengthen the product/service owner role in your organization by focusing on core capabilities and proper alignment.

Research contributors and experts

Photo of Sidney Hodgson, Senior Director, Industry, Info-Tech Research Group. Sidney Hodgson
Senior Director, Industry
Info-Tech Research Group
  • Sidney has over 30 years of experience in IT leadership roles as CIO of three organizations in Canada and the US as well as international consulting experience in the US and Asia.
  • Sid has a breadth of knowledge in IT governance, project management, strategic and operational planning, enterprise architecture, business process re-engineering, IT cost reduction, and IT turnaround management.
 Photo of David Tomljenovic, Principal Research Advisor, Industry, Info-Tech Research Group. David Tomljenovic
Principal Research Advisor, Industry
Info-Tech Research Group
  • David brings extensive experience from the Financial Services sector, having worked 25 years on Bay Street. Most recently he was a Corporate Finance and Strategy Advisor for Infiniti Labs (Toronto/Hong Kong), Automotive, and Smart City Accelerator, where he provided financial and mergers & acquisitions advisory services to accelerator participants with a focus on early-stage fundraising activities.

Research contributors and experts

Photo of Cole Cioran, Practice Lead, Applications and Agile Development, Info-Tech Research Group. Cole Cioran
Practice Lead, Applications and Agile Development
Info-Tech Research Group
  • Over the past 25 years, Cole has developed software; designed data, infrastructure, and software solutions; defined systems and enterprise architectures; delivered enterprise-wide programs; and managed software development, infrastructure, and business systems analysis practices.
 Photo of Crystal Singh, Research Director, Applications – Data and Information Management, Info-Tech Research Group. Crystal Singh
Research Director, Applications – Data and Information Management
Info-Tech Research Group
  • Crystal brings a diverse and global perspective to her role, drawing from her professional experiences in various industries and locations. Prior to joining Info-Tech, Crystal led the Enterprise Data Services function at Rogers Communications, one of Canada’s leading telecommunications companies.

Research contributors and experts

Photo of Carlene McCubbin, Practice Lead, CIO, Info-Tech Research Group. Carlene McCubbin
Practice Lead, CIO
Info-Tech Research Group
  • Carlene covers key topics in organization and leadership and specializes in governance, organizational design, relationship management, and human capital development. She led the development of Info-Tech’s Organization and Leadership practice.
 Photo of Denis Goulet, Senior Workshop Director, Info-Tech Research Group. Denis Goulet
Senior Workshop Director
Info-Tech Research Group
  • Denis is a transformational leader and experienced strategist who focuses on helping clients communicate, relate, and adapt for success. Having developed Governance Model and IT strategies in organizations ranging from small to billion-dollar multi-nationals, he firmly believes in a collaborative value-driven approach to work.

Bibliography

“2020 State of Data Governance and Automation Report.” Erwin.com, 28 Jan. 2020. Web.

“Adaptive IT Governance.” Google search, 15 Nov. 2020.

“Adaptive IT Governance Framework.” CIO Index, 3 Nov. 2011. Accessed 15 Nov. 2020.

“Agile Governance Made Easy.” Agilist, n.d. Accessed 15 Nov. 2020.

“Automating Governance — Our Work.” Humanising Machine Intelligence, n.d. Accessed 15 Nov. 2020.

“Automation – Decisions.” IBM, 2020. Accessed 15 Oct. 2020.

Chang, Charlotte. “Accelerating Agile through effective governance.” Medium, 22 Sept. 2020. Web.

“COBIT 5: Enabling Processes.” ISACA, 2012. Web. Oct. 2016.

COBIT 2019. ISACA, Dec. 2018. Web.

Curtis, Blake. “The Value of IT Governance.” ISACA, 29 June 2020. Accessed 15 Nov. 2020.

De Smet, Aaron. “Three Keys to Faster, Better Decisions.” McKinsey & Company, 1 May 2019. Accessed 15 Nov. 2020.

“Decision Rules and Decision Analysis.” Navex Global, 2020. Web.

“Decisions Automation with Business Rules Management Solution.” Sumerge, 4 Feb. 2020. Accessed 15 Nov. 2020.

“DevGovOps – Key factors for IT governance for enterprises in a DevOps world.” Capgemini, 27 Sept. 2019. Web.

Eisenstein, Lena. “IT Governance Checklist.” BoardEffect, 19 Feb. 2020. Accessed 15 Nov. 2020.

“Establishing Effective IT and Data Governance.” Chartered Professional Accountants Canada, n.d. Accessed 15 Nov. 2020.

Gandzeichuk, Ilya. “Augmented Analytics: From Decision Support To Intelligent Decision-Making.” Forbes, 8 Jan. 2020. Accessed 15 Nov. 2020.

Georgescu, Vlad. “What Is IT Governance? Understanding From First Principles.” Plutora, 18 Oct. 2019. Web.

Goodwin, Bill. “IT Governance in the Era of Shadow IT.” ComputerWeekly, 5 Aug. 2014. Accessed 15 Nov. 2020.

“Governance of IT, OT and IOT.” ISACA Journal, 2019. Web.

Gritsenko, Daria, and Matthew Wood. “Algorithmic Governance: A Modes of Governance Approach.” Regulation & Governance, 10 Nov. 2020. Web.

Hansert, Philipp. “Adaptive IT Governance with Clausmark’s Bee4IT.” Bee360, 25 Oct. 2019. Accessed 15 Nov. 2020.

Havelock, Kylie. “What Does Good Product Governance Look Like?” Medium. 8 Jan. 2020. Web.

Haven, Dolf van der. “Governance of IT with ISO 38500 - A More Detailed View” LinkedIn article, 24 Oct. 2016. Accessed 15 Nov. 2020.

Hong, Sounman, and Sanghyun Lee. “Adaptive Governance and Decentralization: Evidence from Regulation of the Sharing Economy in Multi-Level Governance.” Government Information Quarterly, vol. 35, no. 2, April 2018, pp. 299–305. Web.

ISACA. “Monthly Seminar & Networking Dinner: CIO Dashboard.” Cvent, Feb. 2012. Accessed 15 Nov. 2020.

ISO/IEC 38500, ISO, 2018 and ongoing.

“IT Governance.” Kenway Consulting, n.d. Accessed 15 Nov. 2020.

“IT Governance in the Age of COVID 19.” Union of Arab Banks Webinar, 19-21 Oct. 2020. Accessed 15 Nov. 2020.

Jaffe, Dennis T. “Introducing the Seven Pillars of Governance.” Triple Pundit, 15 Nov. 2011. Accessed 15 Nov. 2020.

Janssen, Marijn, and Haiko van der Voort. “Agile and Adaptive Governance in Crisis Response: Lessons from the COVID-19 Pandemic.” International Journal of Information Management, vol. 55, December 2020. Web.

Jodya, Tiffany. “Automating Enterprise Governance within Delivery Pipelines.” Harness.io, 14 May 2020. Web.

Kumar, Sarvesh. “AI-Based Decision-Making Automation.” Singular Intelligence, 17 June 2019. Web.

“Lean IT Governance.” Disciplined Agile, n.d. Accessed 15 Nov. 2020.

Lerner, Mark. “Government Tech Projects Fail by Default. It Doesn’t Have to Be This Way.” Belfer Center for Science and International Affairs, 21 Oct. 2020. Accessed 15 Nov. 2020.

Levstek, Aleš, Tomaž Hovelja, and Andreja Pucihar. “IT Governance Mechanisms and Contingency Factors: Towards an Adaptive IT Governance Model.” Organizacija, vol. 51, no. 4, Nov. 2018. Web.

Maccani, Giovanni, et al. “An Emerging Typology of IT Governance Structural Mechanisms in Smart Cities.” Government Information Quarterly, vol. 37, no. 4, Oct. 2020. Web.

Magowan, Kirstie. “IT Governance vs IT Management: Mastering the Differences.” BMC Blogs, 18 May 2020. Accessed 15 Nov. 2020.

Mazmanian, Adam. “Is It Time to Rethink IT Governance? ” Washington Technology, 26 Oct. 2020. Accessed 15 Nov. 2020.

Mukherjee, Jayanto. “6 Components of an Automation (DevOps) Governance Model.” Sogeti, n.d. Accessed 15 Nov. 2020.

Ng, Cindy. “The Difference Between Data Governance and IT Governance.” Inside Out Security, updated 17 June 2020. Web.

Pearson, Garry. “Agile or Adaptive Governance Required?” Taking Care of the Present (blog), 30 Oct. 2020. Accessed 15 Nov. 2020.

Peregrine, Michael, et al. “The Long-Term Impact of the Pandemic on Corporate Governance.” Harvard Law School Forum on Corporate Governance, 16 July 2020. Web.

Raymond, Louis, et al. “Determinants and Outcomes of IT Governance in Manufacturing SMEs: A Strategic IT Management Perspective.” International Journal of Accounting Information Systems, vol. 35, December 2019. Web.

Rentrop, Christopher. “Adaptive IT Governance – Foundation of a Successful Digitalization.” Business IT Cooperation Coordination Controlling (blog). May 2, 2018. Web.

Schultz, Lisen, et al. “Adaptive Governance, Ecosystem Management, and Natural Capital.” Proceedings of the National Academy of Sciences, vol. 112, no. 24, 2015, pp. 7369–74. Web.

Selig, Gad J. Implementing IT Governance: A Practical Guide to Global Best Practices in IT Management. Van Haren Publishing, 2008. Accessed 15 Nov. 2020.

Sharma, Chiatan. “Rule Governance for Enterprise-Wide Adoption of Business Rules: Why Does a BRMS Implementation Need a Governance Framework?” Business Rules Journal, vol. 13, no. 4, April 2012. Accessed 15 Nov. 2020.

Smallwood, Robert. “Information Governance, IT Governance, Data Governance – What’s the Difference?” The Data Administration Newsletter, 3 June 2020. Accessed 15 Nov. 2020.

Snowden, Dave. "Cynefin – weaving sense-making into the fabric of our world", Cognitive Edge, 20 October 2020.

“The Place of IT Governance in the Enterprise Governance.” Institut de la Gouvernance des Systemes d’Information, 2005. Accessed 15 Nov. 2020.

Thomas, Mark. “Demystifying IT Governance Roles in a Dynamic Business Environment.” APMG International, 29 Oct. 2020. Webinar. Accessed 15 Nov. 2020.

“The Four Pillars of Governance Best Practice.” The Institute of Directors in New Zealand, 4 Nov. 2019. Web.

Wang, Cancan, Rony Medaglia, and Lei Zheng. “Towards a Typology of Adaptive Governance in the Digital Government Context: The Role of Decision-Making and Accountability.” Government Information Quarterly, vol. 35, no. 2, April 2018, pp. 306–22.

Westland, Jason. “IT Governance: Definitions, Frameworks and Planning.” ProjectManager.com, 17 Dec. 2019. Web.

Wilkin, Carla L., and Jon Riddett. “IT Governance Challenges in a Large Not-for-Profit Healthcare Organization: The Role of Intranets.” Electronic Commerce Research vol. 9, no. 4, 2009, pp. 351-74. Web.

Zalnieriute, Monika, et al. “The Rule of Law and Automation of Government Decision Making.” Modern Law Review, 25 Feb. 2019. Web.

Define Your Digital Business Strategy

  • Buy Link or Shortcode: {j2store}55|cart{/j2store}
  • member rating overall impact: 9.0/10 Overall Impact
  • member rating average dollars saved: $83,641 Average $ Saved
  • member rating average days saved: 26 Average Days Saved
  • Parent Category Name: Innovation
  • Parent Category Link: /innovation
  • Your organizational digital business strategy sits on the shelf because it fails to guide implementation.
  • Your organization has difficulty adapting new technologies or rethinking their existing business models.
  • Your organization lacks a clear vision for the digital customer journey.
  • Your management team lacks a framework to rethink how your organization delivers value today, which causes annual planning to become an ideation session that lacks focus.

Our Advice

Critical Insight

  • Pre-pandemic digital strategies have been primarily focused on automation. However, your post-pandemic digital strategy must focus on driving resilience for growth opportunities.

Impact and Result

  • Design a strategy that applies innovation to your business model, streamline and transform processes, and make use of technologies to enhance interactions with customers and employees.
  • Use digital for transforming non-routine cognitive activities and for derisking key elements of the value chain.
  • Create a balanced roadmap that improves digital maturity and prepares you for long-term success in a digital economy.

Define Your Digital Business Strategy Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Digital Business Strategy Deck – A step-by-step document that walks you through how to identify top value chains and a digitally enabled growth opportunity, transform stakeholder journeys, and build a digital transformation roadmap.

This blueprint guides you through a value-driven approach to digital transformation that allows you to identify what aspects of the business to transform, what technologies to embrace, what processes to automate, and what new business models to create. This approach to digital transformation unifies digital possibilities with your customer experiences.

  • Define Your Digital Business Strategy – Phases 1-4

2. Digital Business Strategy Workbook – A tool to guide you in planning and prioritizing projects to build an effective digital business strategy.

This tool guides you in planning and prioritizing projects to build an effective digital business strategy. Key activities include conducting a horizon scan, conducting a journey mapping exercise, prioritizing opportunities from a journey map, expanding opportunities into projects, and lastly, building the digital transformation roadmap using a Gantt chart visual to showcase project execution timelines.

  • Digital Strategy Workbook

3. Digital Business Strategy Final Report Template – Use this template to capture the synthesized content from outputs of the activities.

This deck is a visual presentation template for this blueprint. The intent is to capture the contents of the activities in a presentation PowerPoint. It uses sample data from “City of X” to demonstrate the digital business strategy.

  • Digital Business Strategy Final Report Template
[infographic]

Workshop: Define Your Digital Business Strategy

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Identify Two Existing Value Chains

The Purpose

Understand how your organization creates value today.

Key Benefits Achieved

Identify opportunities for digital transformation in how you currently deliver value today.

Activities

1.1 Validate business context.

1.2 Assess business ecosystem.

1.3 Identify and prioritize value streams.

1.4 Break down value stream into value chains.

Outputs

Business context

Overview of business ecosystem

Value streams and value chains

2 Identify a Digitally Enabled Growth Opportunity

The Purpose

Leverage strategic foresight to evaluate how complex trends can evolve over time and identify opportunities to leapfrog competitors.

Key Benefits Achieved

Identify a leapfrog idea to sidestep competitors.

Activities

2.1 Conduct a horizon scan.

2.2 Identify leapfrog ideas.

2.3 Identify impact to existing or new value chains.

Outputs

One leapfrog idea

Corresponding value chain

3 Transform Stakeholder Journeys

The Purpose

Design a journey map to empathize with your customers and identify opportunities to streamline or enhance existing and new experiences.

Key Benefits Achieved

Identify a unified view of customer experience.

Identify opportunities to automate non-routine cognitive tasks.

Identify gaps in value delivery.

Improve customer journey.

Activities

3.1 Identify stakeholder persona.

3.2 Identify journey scenario.

3.3 Conduct one journey mapping exercise.

3.4 Identify opportunities to improve stakeholder journey.

3.5 Break down opportunities into projects.

Outputs

Stakeholder persona

Stakeholder scenario

Journey map

Journey-based projects

4 Build a Digital Transformation Roadmap

The Purpose

Build a customer-centric digital transformation roadmap.

Key Benefits Achieved

Keep your team on the same page with key projects, objectives, and timelines.

Activities

4.1 Prioritize and categorize initiatives.

4.2 Build roadmap.

Outputs

Digital goals

Unified roadmap

Further reading

Define Your Digital Business Strategy

After a major crisis, find your place in the digital economy.

Info-Tech Research Group

Info-Tech is a provider of best-practice IT research advisory services that make every IT leader’s job easier.

35,000 members sharing best practices you can leverage

Millions spent developing tools and templates annually

Leverage direct access to over 100 analysts as an extension of your team

Use our massive database of benchmarks and vendor assessments

Get up to speed in a fraction of the time

Analyst Perspective

Build business resilience and prepare for a digital economy.

This is a picture of Senior Research Analyst, Dana Daher

Dana Daher
Senior Research Analyst

To survive one of the greatest economic downturns since the Great Depression, organizations had to accelerate their digital transformation by engaging with the Digital Economy. To sustain growth and thrive as the pandemic eases, organizations must focus their attention on building business resilience by transforming how they deliver value today.
This requires a value-driven approach to digital transformation that is capable of identifying what aspects of the business to transform, what technologies to embrace, what processes to automate, and what new business models to create. And most importantly, it needs to unify digital possibilities with your customer experiences.
If there was ever a time for an organization to become a digital business, it is today.

Executive Summary

Your Challenge

  • Your organization has difficulty adapting new technologies or rethinking the existing business models.
  • Your management lacks a framework to rethink how your organization delivers value today, which causes annual planning to become an ideation session that lacks focus.
  • There is uncertainty on how to meet evolving customer needs and how to compete in a digital economy.

Common Obstacles

  • Your organization might approach digital transformation as if we were still in 2019, not recognizing that the pandemic resulted in a major shift to an end-to-end digital economy.
  • Your senior-most leadership thinks digital is "IT's problem" because digital is viewed synonymously with technology.
  • On the other hand, your IT team lacks the authority to make decisions without the executives’ involvement in the discussion around digital.

Info-Tech’s Approach

  • Design a strategy that applies innovation to your business model, streamline and transform processes, and make use of technologies to enhance interactions with customers and employees.
  • Use digital for transforming non-routine cognitive activities and for de-risking key elements of the value chain.
  • Create a balanced roadmap that improves digital maturity and prepares you for long-term success in a digital economy.

Info-Tech Insight

After a major crisis, focus on restarting the growth engine and bolstering business resilience.

Your digital business strategy aims to transform the business

Digital Business Strategy

  • Looks for ways to transform the business by identifying what technologies to embrace, what processes to automate, and what new business models to create.
  • Unifies digital possibilities with your customer experiences.
  • Accountability lies with the executive leadership.
  • Must involve cross-functional participation from senior management from the different areas of the organization.

IT Strategy

  • Aims to identify how to change, fix, or improve technology in support of the organization’s business strategy.
  • Accountability lies with the CIO.
  • Must involve IT management and gather strategic input from the business.

Becoming a digital business

Automate tasks to free up time for innovation.

Business activities (tasks, procedures, and processes, etc.) are used to create, sell, buy, and deliver goods and services.

When we convert information into a readable format used by computers, we call this digitization (e.g. converting paper into digital format). When we convert these activities into a format to be processed by a computer, we have digitalization (e.g. scheduling appointments online).

These two processes alter how work takes place in an organization and form the foundation of the concept digital transformation.

We maintain that digital transformation is all about becoming a “digital business” – an organization that performs more than 66% of all work activities via executable code.

As organizations take a step closer to this optimal state, new avenues are open to identify advances to promote growth, enhance customer experiences, secure sustainability, drive operational efficiencies, and unearth potential future business ventures.

Key Concepts:

Digital: The representation of a physical item in a format used by computers

Digitization: Conversion of information and processes into a digital format

Digitalization: Conversion of information into a format to be processed by a computer

Why transform your business?

COVID-19 has irrefutably changed livelihoods, businesses, and the economy. During the pandemic, digital tools have acted as a lifeline, helping businesses and economies survive, and in the process, have acted as a catalyst for digital transformation.

As organizations continue to safeguard business continuity and financial recovery, in the long term, recovery won’t be enough.

Although many pandemic/recession recovery periods have occurred before, this next recovery period will present two first-time challenges no one has faced before. We must find ways to:

  • Recover from the COVID-19 recession.
  • Compete in a digital economy.

To grow and thrive in this post-pandemic world, organizations must provide meaningful and lasting changes to brace for a future defined by digital technologies. – Dana Daher, Info-Tech Research Group

We are amid an economic transformation

What we are facing today is a paradigm shift transforming the ways in which we work, live, and relate to one another.

In the last 60 years alone, performance and productivity have been vastly improved by IT in virtually all economic activities and sectors. And today, digital technologies continue to advance IT's contribution even further by bringing unprecedented insights into economic activities that have largely been untouched by IT.

As technological innovation and the digitalization of products and services continue to support economic activities, a fundamental shift is occurring that is redefining how we live, work, shop, and relate to one another.

These rapid changes are captured in a new 21st century term:

The Digital Economy.

90% of CEOs believe the digital economy will impact their industry. But only 25% have a plan in place. – Paul Taylor, Forbes, 2020

Analyst Perspective

Become a Digital Business

this is a picture of Research Fellow, Kenneth McGee

Kenneth McGee
Research Fellow

Today, the world faces two profoundly complex, mega-challenges simultaneously:

  1. Ending the COVID-19 pandemic and recession.
  2. Creating strategies for returning to business growth.

Within the past year, healthcare professionals have searched for and found solutions that bring real hope to the belief the global pandemic/recession will soon end.

As progress towards ending COVID-19 continues, business professionals are searching for the most effective near-term and long-term methods of restoring or exceeding the rates of growth they were enjoying prior to 2020.

We believe developing a digital business strategy can deliver cost savings to help achieve near-term business growth while preparing an enterprise for long-term business growth by effectively competing within the digital economy of the future.

The Digital Economy

The digital economy refers to a concept in which all economic activity is facilitated or managed through digital technologies, data, infrastructure, services, and products (OECD, 2020).

The digital economy captures decades of digital trends including:

  • Declining enterprise computing costs
  • Improvements in computing power and performance; unprecedent analytic capabilities
  • Rapid growth in network speeds, affordability, and geographic reach
  • High adoption rates of PCs, mobile, and other computing devices

These trends among others have set the stage to permanently alter how buying and selling will take place within and between local, regional, national, and international economies.

The emerging digital economy concept is so compelling that the world economists, financial experts, and others are currently investigating how they must substantially rewrite the rules governing how taxes, trade, tangible and intangible assets, and countless other financial issues will be assessed and valued in a digital economy.

Download Info-Tech’s Digital Economy Report

Signals of Change

60%
of People on Earth Use the Internet
(DataReportal, 2021)
20%
of Global Retail Sales Performed via E-commerce
(eMarketer, 2021)
6.64T
Global Business-to-Business
E-commerce Market
(Derived from The Business Research Company, 2021)
9.6%
of US GDP ($21.4T) accounted for by the digital economy ($2.05T)
(Bureau of Economic Analysis, 2021)

The digital economy captures technological developments transforming the way in which we live, work, and socialize

Technological evolution

this image contains a timeline of technological advances, from computers and information technology, to the digital economy of the future

Info-Tech’s approach to digital business strategy

A path to thrive in a digital economy.

  1. Identify top value chains to be transformed
  2. Identify a digitally enabled growth opportunity
  3. Transform stakeholder journeys
  4. Build a digital transformation roadmap

Info-Tech Insight

Pre-pandemic digital strategies have been primarily focused on automation. However, your post-pandemic digital strategy must focus on driving resilience for growth opportunities.

The Info-Tech difference:

  • Understand how your organization creates value today to identify opportunities for digital transformation.
  • Leverage strategic foresight to evaluate how complex trends can evolve over time and identify opportunities to leapfrog competitors.
  • Design a journey map to empathize with your customers and identify opportunities to streamline or enhance existing and new experiences.
  • Create a balanced roadmap that improves digital maturity and prepares you for long-term success in a digital economy.

A digital transformation starts by transforming how you deliver value today

As digital transformation is an effort to transform how you deliver value today, it is important to understand the different value-generating activities that deliver an outcome for and from your customers.

We do this by looking at value streams –which refer to the specific set of activities an industry player undertakes to create and capture value for and from the end consumer (and so the question to ask is, how do you make money as an organization?).

Our approach helps you to digitally transform those value streams that generate the most value for your organization.

Higher Education Value stream

Recruitment → Admission → Student Enrolment → Instruction & Research → Graduation → Advancement

Local Government Value Stream

Sustain Land, Property, and the Environment → Facilitate Civic Engagement → Protect Local Health and Safety → Grow the Economy → Provide Regional Infrastructure

Manufacturing Value Stream

Design Product → Produce Product → Sell Product

Visit Info-Tech’s Industry Coverage Research to identify your industry’s value streams

Assess your external environment to identify new value generators

Assessing your external environment allows you to identify trends that will have a high impact on how you deliver value today.

Traditionally, a PESTLE analysis is used to assess the external environment. While this is a helpful tool, it is often too broad as it identifies macro trends that are not relevant to an organization's addressable market. That is because not every factor that affects the macro environment (for example, the country of operation) affects a specific organization’s industry in the same way.

And so, instead of simply assessing the macro environment and trying to project its evolution along the PESTLE factors, we recommend to:

  • Conduct a PESTLE first and deduce, from the analysis, what are possible shifts in six characteristics of an organization’s industry, or
  • Proceed immediately with identifying evolutionary trends that impact the organization’s direct market.

the image depicts the relationship of factors from the Macro Environment, to the Industry/Addressable Market, to the Organization. the macro environmental factors are Political; Economic; Social; Technological; Legal; and Environmental. the Industry/addressable market factors are the Customer; Talent; Regulation; technology and; Supply chain.

Info-Tech Insight

While PESTLE is helpful to scan the macro environment, the analysis often lacks relevance to an organization’s industry.

An analysis of evolutionary shifts in five industry-specific characteristics would be more effective for identifying trends that impact the organization

A Market Evolution Trend Analysis (META) identifies changes in prevailing market conditions that are directly relevant to an organization’s industry, and thus provides some critical input to the strategy design process, since these trends can bring about strategic risks or opportunities.
Shifts in these five characteristics directly impact an organization:

ORGANIZATION

  • Customer Expectations
  • Talent Availability
  • Regulatory System
  • Supply Chain Continuity
  • Technological Landscape

Capture existing and new value generators through a customer journey map

As we prioritize value streams, we break them down into value chains – that is the “string” of processes that interrelate that work.

However, once we identify these value chains and determine what parts we wish to digitally transform, we take on the perspective of the user, as the way they interact with your products and services will be different to the view of those within the organization who implement and provide those services.

This method allows us to build an empathetic and customer-centric lens, granting the capability to uncover challenges and potential opportunities. Here, we may define new experiences or redesign existing ones.

This image contains an example of how a school might use a value chain and customer journey map. the value streams listed include: Recruitment; Admission; Student Enrolment; Instruction& Research; Graduation; and Advancement. the Value chain for the Instruction and Research Value stream. The value chain includes: Research; Course Creation, Delivery, and assessment. The Customer journey map for curricula delivery includes: Understanding the needs of students; Construct the course material; Deliver course material; Conduct assessment and; Upload Grades into system

A digital transformation is not just about customer journeys but also about building business resilience

Pre-pandemic, a digital transformation was primarily focused around improving customer experiences. Today, we are facing a paradigm shift in the way in which we capture the priorities and strategies for a digital transformation.

As the world grows increasingly uncertain, organizations need to continue to focus on improving customer experience while simultaneously protecting their enterprise value.

Ultimately, a digital transformation has two purposes:

  1. The classical model – whereby there is a focus on improving digital experiences.
  2. Value protection or the reduction of enterprise risk by systematically identifying how the organization delivers value and digitally transforming it to protect future cashflows and improve the overall enterprise value.
Old Paradigm New Paradigm
Predictable regulatory changes with incremental impact Unpredictable regulatory changes with sweeping impact
Reluctance to use digital collaboration Wide acceptance of digital collaboration
Varied landscape of brick-and-mortar channels Last-mile consolidation
Customers value brand Customers value convenience/speed of fulfilment
Intensity of talent wars depends on geography Broadened battlefields for the war for talent
Cloud-first strategies Cloud-only strategies
Physical assets Aggressive asset decapitalization
Digitalization of operational processes Robotization of operational processes
Customer experience design as an ideation mechanism Business resilience for value protection and risk reduction

Key deliverable:

Digital Business Strategy Presentation Template

A highly visual and compelling presentation template that enables easy customization and executive-facing content.

three images are depicted, which contain slides from the Digital Business Strategy presentation template, which will be available in 2022.

*Coming in 2022

Blueprint deliverables

The Digital Business Strategy Workbook supports each step of this blueprint to help you accomplish your goals:

Initiative Prioritization

A screenshot from the Initiative Prioritization blueprint is depicted, no words are legible in the image.

Use the weighted scorecard approach to evaluate and prioritize your opportunities and initiatives.

Roadmap Gantt Chart

A screenshot from the Roadmap Gantt Chart blueprint is depicted, no words are legible in the image.

Populate your Gantt chart to visually represent your key initiative plan over the next 12 months.

Journey Mapping Workbook

A screenshot from the Journey Mapping Workbook blueprint is depicted, no words are legible in the image.

Populate the journey maps to evaluate a user experience over its end-to-end journey.

Info-Tech offers various levels of support to best suit your needs

DIY Toolkit

“Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

Guided Implementation

“Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

Workshop

“We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

Consulting

“Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

Diagnostics and consistent frameworks used throughout all four options

Guided Implementation

What does a typical GI on this topic look like?

Phase 0 Phase 1 Phase 2 Phase 3 Phase 4
Call #1:
Discuss business context and customize your organization’s capability map. 		Call #2:
Assess business ecosystem. 		Call #3:
Perform horizon scanning and trends identification. 		Call #5:
Identify stakeholder personas and scenarios. 		Call #7:
Discuss initiative generation and inputs into roadmap.
Call #3:
Identify how your organization creates value. 		Call #4:
Discuss value chain impact. 		Call #6:
Complete journey mapping exercise. 		Call #8:
Summarize results and plan next steps.

A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.
A typical GI is between 8 to 12 calls over the course of 2 to 4 months.

Workshop Requirements

Business Inputs

Gather business strategy documents and find information on:

  • Business goals
  • Current transformation initiatives
  • Business capabilities to create or enhance
  • Identify top ten revenue and expense generators
  • Identify stakeholders

Interview the following stakeholders to uncover business context information:

  • CEO
  • CIO

Download the Business Context Discovery Tool

Optional Diagnostic

  • Assess your digital maturity (Concierge Service)

Visit Assess Your Digital Maturity

Phase 1

Identify top value chains to be transformed

  • Understand the business
  • Assess your business ecosystem
  • Identify two value chains for transformation

This phase will walk you through the following activities:

Understand how your organization delivers value today and identify value chains to be transformed.

This phase involves the following participants:

A cross-functional cohort across all levels of the organization.

Outcomes

  • Business ecosystem
  • Existing value chains to be transformed

Step 1.1

Understand the business

Activities

  • Review business documents.

Identify top value chains to be transformed

This step will walk you through the following activities:

In this section you will gain an understanding of the business context for your strategy.

This step involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes of this step

Business Context

Understand the business context

Understanding the business context is a must for all strategic initiatives. A pre-requisite to all strategic planning should be to elicit the business context from your business stakeholders.

Inputs Document(s)/ Method Outputs
Key stakeholders Strategy Document Stakeholders that are actively involved in, affected by or influence outcome of the organization, e.g. employers, customers, vendors.
Vision and mission of the organization Website Strategy Document What the organization wants to achieve and how it strives to accomplish those goals.
Business drivers CEO Interview Inputs and activities that drive the operational and financial results of the organization.
Key targets CEO Interview Quantitative benchmarks to support strategic goals, e.g. double the enterprise EBITD, improve top-of-mind brand awareness by 15%,
Strategic investment goals CFO Interview
Digital Strategy 		Financial investments corresponding with strategic objectives of the organization, e.g. geographic expansion, digital investments.
Top three value-generating lines of business Financial Document Identification of your top three value-generating products and services or lines of business.
Goals of the organization over the next 12 months Strategy Document
Corporate Retreat Notes 		Strategic goals to support the vision, e.g. hire 100 new sales reps, improve product management and marketing.
Top business initiatives over the next 12 months Strategy Document
CEO Interview 		Internal campaigns to support strategic goals, e.g. invest in sales team development, expand the product innovation team.
Business model Strategy Document Products or services that the organization plans to sell, the identified market and customer segments, price points, channels and anticipated expenses.
Competitive landscape Internal Research Analysis Who your typical or atypical competitors are.

1.1 Understand the business context

Objective: Elicit the business context with a careful review of business and strategy documents.

  1. Gather the strategy creation team and review your business context documents. This includes business strategy documents, interview notes from executive stakeholders, and other sources for uncovering the business strategy.
  2. Brainstorm in smaller groups answers to the question you were assigned:
    • What are the strengths and weaknesses of the organization?
    • What are some areas of improvement or opportunity?
    • What does it mean to have a digital business strategy?
  3. Discuss the questions above with participants and document key findings. Share with the group and work through the balanced scorecard questions to complete this exercise.
  4. Document your findings.

Assess your digital readiness with Info-Tech’s Digital Maturity Assessment

Input

  • Business Strategy Documents
  • Executive Stakeholder Interviews

Output

  • Business Context Information

Materials

  • Collaboration/ Brainstorming Tool (whiteboard, flip chart, digital equivalent)

Participants

  • Executive Team

Step 1.2

Assess your business ecosystem

Activities

  • Identify disruptors and incumbents.

Info-Tech Insight

Your digital business strategy cannot be formulated without a clear vision of the evolution of your industry.

Identify top value chains to be transformed

This step will walk you through the following activities:

In this section, we will assess who the incumbents and disruptors are in your ecosystem and identify who your stakeholders are.

This step involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes of this step

Business Ecosystem

Assess your business ecosystem

Understand the nature of your competition.

Learn what your competitors are doing.

To survive, grow, or transform in today's digital era, organizations must first have a strong pulse on their business ecosystem. Learning what your competitors are doing to grow their bottom line is key to identifying how to grow your own. Start by understanding who the key incumbents and disruptors in your industry are to identify where your industry is heading.

Incumbents: These are established leaders in the industry that possess the largest market share. Incumbents often focus their attention to their most demanding or profitable customers and neglect the needs of those down market.

Disruptors: Disruptors are primarily new entrants (typically startups) that possess the ability to displace the existing market, industry, or technology. Disruptors are often focused on smaller markets that the incumbents aren’t focused on. (Clayton Christenson, 1997)

An image is shown demonstrating the relationship within an industry between incumbents, disruptors, and the organization. The incumbents are represented by two large purple circles. The disruptors are represented by 9 smaller blue circles, which represent smaller individual customer bases, but overall account for a larger portion of the industry.

’Disruption’ specifically refers to what happens when the incumbents are so focused on pleasing their most profitable customers that they neglect or misjudge the needs of their other segments.– Ilan Mochari, Inc., 2015

Example Business Ecosystem Analysis

Business Target Market & Customer Product/Service & Key Features Key Differentiators Market Positioning
University XYZ
  • Local Students
  • Continuous Learner
  • Certificate programs
  • Associate degrees
  • Strong engineering department with access to high-quality labs
  • Strong community impact
Affordable education with low tuition cost and access to bursaries & scholarships.
University CDE University CDE
  • Local students
  • International students
  • Continuous learning students
  • Continuous learning offerings (weekend classes)
  • Strong engineering program
  • Strong continuous learning programs
 Outcome focused university with strong co-ops/internship programs and career placements for graduates
University MNG
  • Local students
  • Non degree, freshman and continuous learning adults
  • Associate degrees
  • Certificate programs (IT programs)
  • Dual credit program
  • More locations/campuses
  • Greater physical presence
  • High web presence
 Nurturing university with small student population and classroom sizes. University attractive to adult learners.
Disruptors Online Learning Company EFG
  • Full-time employees & executives– (online presence important)
  • Shorter courses
  • Full-time employees & executives– (online presence important)
 Competitive pricing with an open acceptance policy
University JKL Online Credential Program
  • High school
  • University students
  • Adult learners
  • Micro credentials
  • Ability to acquire specific skills
Borderless and free (or low cost) education

1.2 Understand your business ecosystem

Objective: Identify the incumbents and disruptors in your business ecosystem.

  1. Identify the key incumbents and disruptors in your business ecosystem.
    • Incumbents: These are established leaders in the industry that possess the largest market share.
    • Disruptors: Disruptors are primarily new entrants (startups) that possess the ability to displace the existing market, industry, or technology.
  2. Identify target market and key customers. Who are the primary beneficiaries of your products or service offerings? Your key customers are those who keep you in business, increase profits, and are impacted by your operations.
  3. Identify what their core products or services are. Assess what core problem their products solve for key customers and what key features of their solution support this.
  4. Assess what the competitors' key differentiators are. There are many differentiators that an organization can have, examples include product, brand, price, service, or channel.
  5. Identify what the organization’s value proposition is. Why do customers come to them specifically? Leverage insights from the key differentiators to derive this.
  6. Finally, assess how your organization derives value relative to your competitors.

Input

  • Market Assessment

Output

  • Key Incumbents and Disruptors

Materials

  • Collaboration/ Brainstorming Tool (whiteboard, flip chart, digital equivalent)

Participants

  • Executive Team

Step 1.3

Value-chain prioritization

Activities

  • Identify and prioritize value chains for innovation.

Identify top value chains to be transformed

This step will walk you through the following activities:

Identify and prioritize how your organization currently delivers value today and identify value chains to be transformed.

This step involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes of this step

Prioritized Value Chains

Determine what value the organization creates

Identify areas for innovation.

Value streams and value chains connect business goals to the organization’s value realization activities. They enable an organization to create and capture value in the market place by engaging in a set of interconnected activities. Those activities are dependent on the specific industry segment an organization operates within.

Different types of value your organization creates

This an example of a value chain which a school would use to analyze how their organization creates value. The value streams listed include: Recruitment; Admission; Student Enrolment; Instruction& Research; Graduation; and Advancement. the Value chain for the Student enrolment stream is displayed. The value chain includes: Matriculation; Enrolment into a Program and; Unit enrolment.

Value Streams

A value stream refers to the specific set of activities an industry player undertakes to create and capture value for and from the end consumer.

Value Chains

A value chain is a ”string” of processes within a company that interrelate and work together to meet market demand. Examining the value chain of a company will reveal how it achieves competitive advantage.

Visit Info-Tech’s Industry Coverage Research to identify value streams

Begin with understanding your industry’s value streams

Value Streams

Recruitment

  • The promotion of the institution and the communication with prospective students is accommodated by the recruitment component.
  • Prospective students are categorized as domestic and international, undergraduate and graduate. Each having distinct processes.

Admission

  • Admission into the university involves processes distinct from recruitment. Student applications are processed and evaluated and the students are informed of the decision.
  • This component is also concerned with transfer students and the approval of transfer credits.

Student Enrolment

  • Student enrolment is concerned with matriculation when the student first enters the institution, and subsequent enrolment and scheduling of current students.
  • The component is also concerned with financial aid and the ownership of student records.

Instruction & Research

  • Instruction involves program development, instructional delivery and assessment, and the accreditation of courses of study.
  • The research component begins with establishing policy and degree fundamentals and concerns the research through to publication and impact assessment.

Graduation

  • Graduation is not only responsible for the ceremony but also the eligibility of the candidate for an award and the subsequent maintenance of transcripts.

Advancement

  • Alumni relations are the first responsibility of advancement. This involves the continual engagement with former students.
  • Fundraising is the second responsibility. This includes the solicitation and stewardship of gifts from alumni and other benefactors.

Value stream defined…

Value streams connect business goals to the organization’s value realization activities in the marketplace. Those activities are dependent on the specific industry segment in which an organization operates.

There are two types of value streams: core value streams and support value streams.

  • Core value streams are mostly externally facing. They deliver value to either an external or internal customer and they tie to the customer perspective of the strategy map.
  • Support value streams are internally facing and provide the foundational support for an organization to operate.

An effective method for ensuring all value streams have been considered is to understand that there can be different end-value receivers.

Leverage your industry’s capability maps to identify value chains

Business Capability Map Defined

A business capability defines what a business does to enable value creation, rather than how. Business capabilities:

  • Represent stable business functions.
  • Are unique and independent of each other.
  • Typically, will have a defined business outcome.

A capability map is a great starting point to identify value chains within an organization as it is a strong indicator of the processes involved to deliver on the value streams.

this image contains an example of a business capability map using the value streams identified earlier in this blueprint.

Info-Tech Insight

Leverage your industry reference architecture to define value streams and value chains.

Visit Info-Tech’s Industry Coverage Research to identify value streams

Prioritize value streams to be supported or enhanced

Use an evaluation criteria that considers both the human and business value generators that these streams provide.

two identical value streams are depicted. The right most value stream has Student Enrolment and Instruction Research highlighted in green. between the two streams, are two boxes. In these boxes is the following: Business Value: Profit; Enterprise Value; Brand value. Human Value: Faculty satisfaction; Student satisfaction; Community impact.

Info-Tech Insight

To produce maximum impact, focus on value streams that provide two-thirds of your enterprise value.

Business Value

Assess the value generators to the business, e.g. revenue dollars, enterprise value, cost or differentiation (competitiveness), etc.

Human Value

Assess the value generators to people, e.g. student/faculty satisfaction, well-being, and social cohesion.

Identify value chains for transformation

Value chains, pioneered by the academic Michael Porter, refer to the ”string” of processes within a company that interrelate and work together to meet market demand. An organization’s value chain is connected to the larger part of the value stream. This perspective of how value is generated encourages leaders to see each activity as a part of a series of steps required deliver value within the value stream and opens avenues to identify new opportunities for value generation.

this image depicts two sample value chains for the value streams: student enrolment and Instruction & Research. Each value chain has a stakeholder associated with it. This is the primary stakeholder that seeks to gain value from that value chain.

Prioritize value chains for transformation

Once we have identified the key value chains within each value stream element, evaluate the individual processes within the value chain to identify opportunities for transformation. Evaluate the value chain processes based on the level of pain experienced by a stakeholder to accomplish that task, and the financial impact that level of the process has on the organization.

this image depicts the same value chains as the image above, with a legend showing which steps have a financial impact, which steps have a high degree of risk, and which steps are prioritized for transformation. Matriculation and publishing are shown to have a financial impact. Research foundation is shown to have a high degree of risk, and enrollment into a program and conducting research are prioritized for transformation.

1.3 Value chain analysis

Objective: Determine how the organization creates value, and prioritize value chains for innovation.

  1. The first step of delivering value is defining how it will happen. Use the organization’s industry segment to start a discussion on how value is created for customers. Working back from the moment value is realized by the customer, consider the sequential steps required to deliver value in your industry segment.
  2. Define and validate the organization’s value stream. Write a short description of the value stream that includes a statement about the value provided and a clear start and end for the value stream.
  3. Prioritize the value streams based on an evaluation criteria that reflects business and human value generators to the organization.
  4. Identify value chains that are associated with each value stream. The value chains refer to a string of processes within the value stream element. Each value chain also captures a particular stakeholder that benefits from the value chain.
  5. Once we have identified the key value chains within each value stream element, evaluate the individual processes within the value chain and identify areas for transformation. Evaluate the value chain processes based on the level of pain or exposure to risk experienced by a stakeholder to accomplish that task and the financial impact that level of the process has on the organization.

Visit Info-Tech’s Industry Coverage Research to identify value streams and capability maps

Input

  • Market Assessment

Output

  • Key Incumbents and Disruptors

Materials

  • Collaboration/ Brainstorming Tool (whiteboard, flip chart, digital equivalent)

Participants

  • Executive Team

Phase 2

Identify a digitally enabled growth opportunity

  • Conduct horizon scan
  • Identify leapfrog idea
  • Conduct value chain impact analysis

This phase will walk you through the following activities:

Assess trends that are impacting your industry and identify strategic growth opportunities.

This phase involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes

Identify new growth opportunities and value chains impacted

Phase 2.1

Horizon scanning

Activities

  • Scan the internal and external environment for trends.

Info-Tech Insight

Systematically scan your environment to identify avenues or opportunities to skip one or several stages of technological development and stay ahead of disruption.

Identify a digitally enabled growth opportunity

This step will walk you through the following activities:

Scan the environment for external environment for megatrends, trends, and drivers. Prioritize trends and build a trends radar to keep track of trends within your environment.

This step involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes of this step

Growth opportunity

Horizon scanning

Understand how your industry is evolving.

Horizon scanning is a systematic analysis of detecting early signs of future changes or threats.

Horizon scanning involves scanning, analyzing, and communicating changes in an organization’s environment to prepare for potential threats and opportunities. Much of what we know about the future is based around the interactions and trajectory of macro trends, trends, and drivers. These form the foundations for future intelligence.

Macro Trends

A macro trend captures a large-scale transformative trend that could impact your addressable market.

Trends

A trend captures a business use case of the macro trend. Consider trends in relation to competitors in your industry.

Drivers

A driver is an underlying force causing the trend to occur. There can be multiple causal forces, or drivers, that influence a trend, and multiple trends can be influenced by the same causal force.

Identify signals of change in the present and their potential future impacts.

Identifying macro trends

A macro trend captures a large-scale transformative trend that could change the addressable market. Here are some examples of macro trends to consider when horizon scanning for your own organization:

Talent Availability

  • Decentralized workforce
  • Hybrid workforce
  • Diverse workforce
  • Skills gap
  • Digital workforce
  • Multigenerational workforce

Customer Expectations

  • Personalization
  • Digital experience
  • Data ownership
  • Transparency
  • Accessibility

Technological Landscape

  • AI & robotics
  • Virtual world
  • Ubiquitous connectivity,
  • Genomics
  • Materials (smart, nano, bio)

Regulatory System

  • Market control
  • Economic shifts
  • Digital regulation
  • Consumer protection
  • Global green

Supply Chain Continuity

  • Resource scarcity
  • Sustainability
  • Supply chain digitization
  • Circular supply chains
  • Agility

Identifying trends and drivers

A trend captures a business use case of a macro trend. Assessing trends can reduce some uncertainties about the future and highlight potential opportunities for your organization. A driver captures the internal or external forces that lead the trend to occur. Understanding and capturing drivers is important to understanding why these trends are occurring and the potential impacts to your value chains.

This image contains a flow chart, demonstrating the relationship between Macro trends, Trends, and Drivers. in this example, the macro trend is Accessibility. The Trends, or patterns of change, are an increase in demands for micro-credentials, and Preference for eLearning. The Drivers, or the why, are addressing skill gaps for increase in demand for micro-credentials, and Accommodating adult/working learners- for Preference for eLearning.

Leverage industry roundtables and trend reports to understand the art of the possible

Uncover important business and industry trends that can inform possibilities for technology innovation.

Explore trends in areas such as:

  • Machine Learning
  • Citizen Dev 2.0
  • Venture Architecture
  • Autonomous Organizations
  • Self-Sovereign Cloud
  • Digital Sustainability

Market research is critical in identifying factors external to your organization and identifying technology innovation that will provide a competitive edge. It’s important to evaluate the impact each trend or opportunity will have in your organization and market.

Visit Info-Tech’s Trends & Priorities Research Center

Visit Info-Tech’s Industry Coverage Research to identify your industry’s value streams

this image contains three screenshots from Rethinking Higher Education Report and 2021 Tech Trends Report

Images are from Info-Tech’s Rethinking Higher Education Report and 2021 Tech Trends Report

Example horizon scanning activity

Macro Trends Trends Drivers
Talent Availability Diversity Inclusive campus culture Systemic inequities
Hybrid workforce Online learning staff COVID-19 and access to physical institutions
Customer Expectations Digital experience eLearning for working learners Accommodate adult learners
Accessibility Micro-credentials for non-traditional students Addressing skills gap
Technological Landscape Artificial intelligence and robotics AI for personalized learning Hyper personalization
IoT IoT for monitoring equipment Asset tracking
Augmented reality Immersive education AR and VR Personalized experiences
Regulatory System Regulatory System Alternative funding for research Changes in federal funding
Global Green Environmental and sustainability education curricula Regulatory and policy changes
Supply Chain Continuity Circular supply chains Vendors recycling outdated technology Sustainability
Cloud-based solutions Cloud-based eLearning software Convenience and accessibility

Visit Info-Tech’s Industry Coverage Research to identify your industry’s value streams

Prioritize trends

Develop a cross-industry holistic view of trends.

Visualize emerging and prioritize action.

Moving from horizon scanning to action requires an evaluation process to determine which trends can lead to growth opportunities. First, we need to make a short list of trends to analyze. For your digital strategy, consider trends on the time horizon that are under 24 months. Next, we need to evaluate the shortlisted opportunities by a second set of criteria: relevance to your organization and impact on industry.

Timing

The estimated time to disruption this trend will have for your industry. Assess whether the trend will require significant developments to support its entry into the ecosystem.

Relevance

The relevance of the trend to your organization. Does the trend fulfil the vision or goals of the organization?

Impact

The degree of impact the trend will have on your industry. A trend with high impact will drive new business models, products, or services.

Prioritize trends to adopt into your organization

Prioritize trends based on timing, impact, and relevance.

Trend Timing
(S/M/L) 		Impact
(1-5) 		Relevance
( 1-5)
1. Micro-credentialing S 5 5
2. IoT-connected devices for personalized experience S 1 3
3. International partnerships with educational institutions M
4. Use of chatbots throughout enrollment process L
5. IoT for energy management of campus facilities L
6. Gamification of digital course content M
7. Flexible learning curricula S 4 3
Deprioritize trends
that have a time frame
to disruption of more
than 24 months.
this image contains a graph demonstrating the relationship between relevance (x axis) and Impact (Y axis).

2.1 Scanning the horizon

Objective: Generate trends

60 minutes

  • Start by selecting macro trends that are occurring in your environment using the five categories. These are the large-scale transformative trends that impact your addressable market. Macro trends have three key characteristics:
    • They span over a long period of time.
    • They impact all geographic regions.
    • They impact governments, individuals, and organizations.
  • Begin to break down these macro trends into trends. Trends should reflect the direction of a macro trend and capture the pattern in events. Consider trends that directly impact your organization.
  • Understand the drivers behind these trends. Why are they occurring? What is driving them? Understanding the drivers helps us understand the value they may generate.
  • Deprioritize trends that are expected to happen beyond 24 months.
  • Prioritize trends that have a high impact and relevance to the organization.
  • If you identify more than one trend, discuss with the group which trend you would like to pursue and limit it to one opportunity.

Input

  • Macro Trends
  • Trends

Output

  • Trends Prioritization

Materials

  • Digital Strategy Workbook

Participants

  • Executive Team

Step 2.2

Leapfrogging ideation

Activities

  • Identify leapfrog ideas.
  • Identify impact to value chain.

Info-Tech Insight

A systematic approach to leapfrog ideation is one of the most critical ways in which an organization can build the capacity for resilient innovation.

This step will walk you through the following activities:

Evaluate trend opportunities and determine the strategic opportunities they pose. You will also work towards identifying the impact the trend has on your value chain.

This step involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes of this step

  • Strategic growth opportunities
  • Value chain impact

Leapfrog into the future

Turn trends into growth opportunities.

To thrive in the digital age, organizations must innovate big, leverage internal creativity, and prepare for flexibility.

In this digital era, organizations are often playing catch up to a rapidly evolving technological landscape and following a strict linear approach to innovation. However, this linear catch-up approach does not help companies get ahead of competitors. Instead, organizations must identify avenues to skip one or several stages of technological development to leapfrog ahead of their competitors.

The best way to predict the future is to invent it. – Alan Kay

Leapfrogging takes place when an organization introduces disruptive innovation into the market and sidesteps competitors who are unable to mobilize to respond to the opportunities.

Case Study

Classroom of the Future

Higher Education: Barco’s Virtual Classroom at UCL

University College London (UCL), in the United Kingdom, selected Barco weConnect virtual classroom technology for its continuing professional development medical education offering. UCL uses the platform for synchronous teaching, where remote students can interact with a lecturer.

One of the main advantages of the system is that it enables direct interaction with students through polls, questions, and whiteboarding. The system also allows you to track student engagement in real time.

The system has also been leveraged for scientific research and publications. In their “Delphi” process, key opinion leaders were able to collaborate in an effective way to reach consensus on a subject matter. The processes that normally takes months were successfully completed in 48 hours (McCann, 2020).

Results

The system has been largely successful and has supported remote, real-time teaching, two-way engagement, engagement with international staff, and an overall enriched teaching experience.

Funnel trends into leapfrog ideas

Go from trend insights into ideas.

Brainstorm ways of generating leapfrog ideas from trend insights.

Dealing with trends is one of the most important tasks for innovation. It provides the basis of developing the future orientation of the organization. However, being aware of a trend is one thing, to develop strategies for response is another.

To identify the impact the trend has on the organization, consider the four areas of growth strategies for the organization:

  1. New Customers: Leverage the trend to target new customers for existing products or services.
  2. New Business Models: Adjust the business model to capture a change in how the organization delivers value.
  3. New Markets: Enter or create new markets by applying existing products or services to different problems.
  4. New Product or Service Offerings: Introduce new products or services to the existing market.
A funnel shaped image is depicted. At the top, at the entrance of the funnel, is the word Trend. At the bottom of the image, at the output of the funnel, is the word Opportunity.

From trend to leapfrog ideas

Trend New Customer New Market New Business Model New Product or Service
What trends pose a high-immediate impact to the organization? Target new customers for existing products or services Enter or create new markets by applying existing products or services to different problems Adjust the business model to capture a change in how the organization delivers value Introduce new products or services to the existing market
Micro-credentials for non-traditional students Target non-traditional learners/students - Online delivery Introduce mini MBA program

2.2 Identify and prioritize opportunities

60 minutes

  1. Gather the prioritized trend identified in the horizon scanning exercise (the trend identified to be “adopted” within the organization).
  2. Analyze each trend identified and assess whether the trend provides an opportunity for a new customers, new markets, new business models, or new products and services.

Input

  • “Adopt” Trends

Output

  • Trends to pursue
  • Breakdown of strategic opportunities that the trends pose

Materials

  • Collaboration/ Brainstorming Tool (whiteboard, flip chart, digital equivalent)

Participants

  • Executive Team

Step 2.3

Value chain impact

Activities

  • Identify impact to value chain.

This step will walk you through the following activities:

Evaluate trend opportunities and determine the strategic opportunities they pose. Prioritize the opportunities and identify impact to your value chain.

This step involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes of this step

  • Strategic growth opportunities

Value chain analysis

Identify implications of strategic growth opportunities to the value chains.

As we identify and prioritize the opportunities available to us, we need to assess their impacts on value chains. Does the opportunity directly impact an existing value chain? Or does it open us to the creation of a new value chain?

The value chain perspective allows an organization to identify how to best minimize or enhance impacts and generate value.
As we move from opportunity to impact, it is important to break down opportunities into the relevant pieces so we can see a holistic picture of the sources of differentiation.

this image depicts the value chain for the value stream, student enrolment.

2.3 Value chain impact

Objective: Identify impacts to the value chain from the opportunities identified.
60 minutes

  1. Once you have identified the opportunity, turn back to the value stream, and with the working group, identify the value stream impacted most by the opportunity. Leverage the human impact/business impact criteria to support the identification of the value stream to be impacted.
  2. Within the value stream, brainstorm what parts of the value chain will be impacted by the new opportunity. Or ask whether this new opportunity provides you with a new value chain to be created.
  3. If this opportunity will require a new value chain, identify what set of new processes or steps will be created to support this new entrant.
  4. Identify any critical value chains that will be impacted by the new opportunity. What areas of the value chain pose the greatest risk? And where can we estimate the financial revenue will be impacted the most?

Input

  • Opportunity

Output

  • Value chains impacted

Materials

  • Collaboration/ Brainstorming Tool (whiteboard, flip chart, digital equivalent)

Participants

  • Executive Team

Phase 3

Transform stakeholder journeys

  • Identify stakeholder personas and scenarios
  • Conduct journey map
  • Identify projects

This phase will walk you through the following activities:

Take the prioritized value chains and create a journey map to capture the end-to-end experience of a stakeholder.

Through a journey mapping exercise, you will identify opportunities to digitize parts of the journey. These opportunities will be broken down into functional initiatives to tackle in your strategy.

This phase involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes

  1. Stakeholder persona
  2. Stakeholder scenario
  3. Stakeholder journey map
  4. Opportunities

Step 3.1

Identify stakeholder persona and journey scenario

Activities

  • Identify stakeholder persona.
  • Identify stakeholder journey scenario.

Transform stakeholder journeys

This step will walk you through the following activities:

In this step, you with identify stakeholder personas and scenarios relating to the prioritized value chains.

This step involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes of this step

  • A taxonomy of critical stakeholder journeys.

Identify stakeholder persona and journey scenario

From value chain to journey scenario.

Stakeholder personas and scenarios help us build empathy towards our customers. It helps put us into the shoes of a stakeholder and relate to their experience to solve problems or understand how they experience the steps or processes required to accomplish a goal. A user persona is a valuable basis for stakeholder journey mapping.

A stakeholder scenario describes the situation the journey map addresses. Scenarios can be real (for existing products and services) or anticipated.

A stakeholder persona is a fictitious profile to represent a customer or a user segment. Creating this persona helps us understand who your customers really are and why they are using your service or product.

Learn more about applying design thinking methodologies

Identify stakeholder scenarios to map

For your digital strategy, leverage the existing and opportunity value chains identified in phase 1 and 2 for journey mapping.

Identify two existing value chains to be transformed.
In section 1, we identified existing value chains to be transformed. For example, your stakeholder persona is a member of the faculty (engineering), and the scenario is the curricula design process. 		this image contains the value chains for instruction (engineering) and enrolment of engineering student. the instruction(engineering) value chain includes curricula research, curricula design, curricula delivery, and Assessment for the faculty-instructor. The enrolment of engineering student value chain includes matriculation, enrolment into a program, and unit enrolment for the student. In the instruction(engineering) value chain, curricula design is highlighted in blue. In the enrolment of engineering student value chain, Enrolment into a program is highlighted.
Identify one new value chain.
In section 2, we identified a new value chain. However, for a new opportunity, the scenario is more complex as it may capture many different areas of a value chain. Subsequently, a journey map for a new opportunity may require mapping all parts of the value chain. 		this image contains an example of a value chain for micro-credentialing (mini online MBA)

Identify stakeholder persona

Who are you transforming for?

To define a stakeholder scenario, we need to understand who we are mapping for. In each value chain, we identified a stakeholder who gains value from that value chain. We now need to develop a stakeholder persona: a representation of the end user to gain a strong understanding of who they are, what they need, and their pains and gains.

One of the best ways to flesh out your stakeholder persona is to engage with the stakeholders directly or to gather the input of those who may engage with them within the organization.

For example, if we want to define a journey map for a student, we might want to gather the input of students or teaching faculty that have firsthand encounters with different student types and are able to define a common student type.

Info-Tech Insight

Run a survey to understand your end users and develop a stronger picture of who they are and what they are seeking to gain from your organization.

Example Stakeholder Persona

Name: Anne
Age: 35
Occupation: Engineering Faculty
Location: Toronto, Canada

Pains

What are their frustrations, fears, and anxieties?

  • Time restraints
  • Using new digital tools
  • Managing a class while incorporating individual learning
  • Varying levels within the same class
  • Unmotivated students

What do they need to do?

What do they want to get done? How will they know they are successful?

  • Design curricula in a hybrid mode without loss of quality of experience of in-classroom learning.

Gains

What are their wants, needs, hopes, and dreams?

  • Interactive content for students
  • Curriculum alignment
  • Ability to run a classroom lab (in hybrid format)
  • Self-paced and self-directed learning opportunities for students

(Adapted from Osterwalder, et al., 2014)

Define a journey statement for mapping

Now that we understand who we are mapping for, we need to define a journey statement to capture the stakeholder journey.
Leverage the following format to define the journey statement.
As a [stakeholder], I need to [prioritized value chain task], so that I can [desired result or overall goal].

this image contains the instruction(engineering) value chain shown above. next to it is a stakeholder journey statement, which states: As an engineering faculty member, I want to design my curricula in a hybrid mode of delivery so that I can simulate in-classroom experiences.

3.1 Identify stakeholder persona and journey scenario

Objective: Identify stakeholder persona and journey scenario statement for journey mapping exercise.

  1. Start by identifying who your stakeholder is. Give your stakeholder a demographic profile – capture a typical stakeholder for this value chain.
  2. Identify what the gains and pains are during this value chain and what the stakeholder is seeking to accomplish.
  3. Looking at the value chain, create a statement that captures the goals and needs of the stakeholder. Use the following format to create a statement:
    As a [stakeholder], I need to [prioritized value chain task], so that I can [desired result or overall goal].

Input

  • Prioritized Value Chains (existing and opportunity)

Output

  • Stakeholder Persona
  • Stakeholder Journey Statement

Materials

  • Collaboration/ Brainstorming Tool (whiteboard, flip chart, digital equivalent)
  • Stakeholder Persona Canvas

Participants

  • Executive Team
  • Stakeholders (if possible)
  • Individual who works directly with stakeholders

Step 3.2

Map stakeholder journeys

Activities

  • Map stakeholder journeys.

Transform stakeholder journeys

This step will walk you through the following activities:

Prioritize the journeys by focusing on what matters most to the stakeholders and estimating the organizational effort to improve those experiences.

This step involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes of this step

  • Candidate journeys identified for redesign or build.

Leverage customer journey mapping to capture value chains to be transformed

Conduct a journey mapping exercise to identify opportunities for innovation or automation.

A journey-based approach helps an organization understand how a stakeholder moves through a process and interacts with the organization in the form of touch points, channels, and supporting characters. By identifying pain points in the journey and the activity types, we can identify opportunities for innovation and automation along the journey.

Embrace design thinking methodologies to elevate the stakeholder journey and to build a competitive advantage for your organization.

this image contains an example of the result of a journey mapping exercise. the main headings are Awareness, Consideration, Acquisition, Service and, Loyalty.

Internal vs. external stakeholder perspective

In journey mapping, we always start with the stakeholder's perspective, then eventually transition into what the organization does business-wise to deliver value to each stakeholder. It is important to keep in mind both perspectives while conducting a journey mapping exercise as there are often different roles, processes, and technologies associated with each of the journey steps.

Stakeholder Journey
(External Perspective)

  • Awareness
  • Consideration
  • Selecting
  • Negotiating
  • Approving

Business Processes
(Internal Perspective)

  • Preparation
  • Prospecting
  • Presentation
  • Closing
  • Follow-Up

Info-Tech Insight

Take the perspective of an end user, who interacts with your products and services, as it is different from the view of those inside the organization, who implement and provide those services.

Build a stakeholder journey map

A stakeholder journey map is a tool used to illustrate the user’s perceptions, emotions, and needs as they move through a process and interact with the organization in the form of touch points, channels, and supporting characters.

this image depicts an example of a stakeholder journey map, the headings in the map are: Journey Activity; Touch Points; Metrics; Nature of Activity; Key Moments & Pain Points; Opportunities

Stakeholder Journey Map: Journey Activity

The journey activity refers to the steps taken to accomplish a goal.

The journey activity comprises the steps or sequence of tasks the stakeholder takes to accomplish their goal. These steps reflect the high-level process your candidates perform to complete a task or solve a problem.

Stakeholder Journey Map: Touch Points

Touch points are the points of interaction between a stakeholder and the organization.

A touch point refers to any time a stakeholder interacts with your organization or brand. Consider three main points of interaction with the customer in the journey:

  • Before: How did they find out about you? How did they first contact you to start this journey? What channels or mediums were used?
    • Social media
    • Rating & reviews
    • Word of mouth
    • Advertising
  • During: How was the sale or service accomplished?
    • Website
    • Catalog
    • Promotions
    • Point of sale
    • Phone system
  • After: What happened after the sale or service?
    • Billing
    • Transactional emails
    • Marketing emails
    • Follow-ups
    • Thank-you emails

Stakeholder Journey Map: Nature of Activity

The nature of activity refers to the type of task the journey activity captures.

We categorize the activity type to identify opportunities for automation. There are four main types of task types, which in combination (as seen in the table below) capture a task or job to be automated.

Routine Non-Routine
Cognitive Routine Cognitive: repeatable tasks that rely on knowledge work, e.g. sales, administration
Prioritize for automation (2) 		Non-Routine Cognitive: infrequent tasks that rely on knowledge work, e.g. driving, fraud detection
Prioritize for automation (3)
Non-Routine Cognitive: infrequent tasks that rely on knowledge work, e.g. driving, fraud detection Prioritize for automation (3) Routine Manual: repeatable tasks that rely on physical work, e.g. manufacturing, production
Prioritize for automation (1) 		Non-Routine Manual: infrequent tasks that rely on physical work, e.g. food preparation
Not mature for automation

Info-Tech Insight

Where automation makes sense, routine manual activities should be transformed first, followed by routine cognitive activities. Non-routine cognitive activities are the final frontier.

Stakeholder Journey Map: Metrics

Metrics are a quantifiable measurement of a process, activity, or initiative.

Metrics are crucial to justify expenses and to estimate growth for capacity planning and resourcing. There are multiple benefits to identifying and implementing metrics in a journey map:

  • Metrics provide accurate indicators for accurate IT and business decisions.
  • Metrics help you identify stakeholder touch point efficiencies and problems and solve issues before they become more serious.
  • Active metrics tracking makes root cause analysis of issues much easier.

Example of journey mapping metrics: Cost, effort, turnaround time, throughput, net promoter score (NPS), satisfaction score

Stakeholder Journey Map: Key Moments & Pain Points

Key moments and pain points refer to the emotional status of a stakeholder at each stake of the customer journey.

The key moments are defining pieces or periods in a stakeholder's experience that create a critical turning point or memory.

The pain points are the critical problems that the stakeholder is facing during the journey or business continuity risks. Prioritize identifying pain points around key moments.

Info-Tech Insight

To identify key moments, look for moments that can dramatically influence the quality of the journey or end the journey prematurely. To improve the experience, analyze the hidden needs and how they are or aren’t being met.

Stakeholder Journey Map: Opportunities

An opportunity is an investment into people, process, or technology for the purposes of building or improving a business capability and accomplishing a specific organizational objective.

An opportunity refers to the initiatives or projects that should address a stakeholder pain. Opportunities should also produce a demonstrable financial impact – whether direct (e.g. cost reduction) or indirect (e.g. risk mitigation) – and be evaluated based on how technically difficult it will be to implement.

Customer

Create new or different experiences for customers

Workforce

Generate new organizational skills or new ways of working

Operations

Improve responsiveness and resilience of operations

Innovation

Develop different products or services

Example of stakeholder journey output: Higher Education

Stakeholder: A faculty member
Journey: As an engineering faculty member, I want to design my curricula in a hybrid mode of delivery so that I can simulate in-classroom experiences

Journey activity Understanding the needs of students Construct the course material Deliver course material Conduct assessments Upload grades into system
Touch Points
  • Research (primary or secondary)
  • Teaching and learning center
  • Training on tools
  • Office suite
  • Video tools
  • PowerPoint live
  • Chat (live)
  • Forum (FAQ
  • Online assessment tool
  • ERP
  • LMS
Nature of Activity Non-routine cognitive Non-routine cognitive Non-routine cognitive Routine cognitive Routine Manual
Metrics
  • Time to completion
  • Time to completion
  • Student satisfaction
  • Student satisfaction
  • Student scores
Ken Moments & Pain Points Lack of centralized repository for research knowledge
  • Too many tools to use
  • Lack of Wi-Fi connectivity for students
  • Loss of social aspects
  • Adjusting to new forms of assessments
No existing critical pain points; process already automated
Opportunities
  • Centralized repository for research knowledge
  • Rationalize course creation tool set
  • Connectivity self-assessment/checklist
  • Forums for students
  • Implement an online proctoring tool

3.2 Stakeholder journey mapping

Objective: Conduct journey mapping exercise for existing value chains and for opportunities.

  1. Gather the working group and, with the journey mapping workbook, begin to map out the journey scenario statements identified in the value chain analysis. In total, there should be three journey maps:
    • Two for the existing value chains. Map out the specific point in the value chain that is to be transformed.
    • One for the opportunity value chain. Map out all parts of the value chain to be impacted by the new opportunity.
  2. Start with the journey activity and map out the steps involved to accomplish the goal of the stakeholder.
  3. Identify the touch points involved in the value chain.
  4. Categorize the nature of the activity in the journey activity.
  5. Identify metrics for the journey. How can we measure the success of the journey?
  6. Identify pain points and opportunities in parallel with one another.

Input

  • Value Chain Analysis
  • Stakeholder Personas
  • Journey Mapping Scenario

Output

  • Journey Map

Materials

  • Digital Strategy Workbook, Stakeholder Journey tab

Participants

  • Executives
  • Individuals in the organization that have a direct interaction with the stakeholders

Info-Tech Insight

Aim to build out 90% of the stakeholder journey map with the working team; validate the last 10% with the stakeholder themselves.

Step 3.3

Prioritize opportunities

Activities

  • Prioritize opportunities.

Transform stakeholder journeys

This step will walk you through the following activities:

Prioritize the opportunities that arose from the stakeholder journey mapping exercise.

This step involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes of this step

Prioritized opportunities

Prioritization of opportunities

Leverage design-thinking methods to prioritize opportunities.

As there may be many opportunities arising from the journey map, we need to prioritize ideas to identify which ones we can tackle first – or at all. Leverage IDEO’s design-thinking “three lenses of innovation” to support prioritization:

  • Feasibility: Do you currently have the capabilities to deliver on this opportunity? Do we have the right partners, resources, or technology?
  • Desirability: Is this a solution the stakeholder needs? Does it solve a known pain point?
  • Viability: Does this initiative have an impact on the financial revenue of the organization? Is it a profitable solution that will support the business model? Will this opportunity require a complex cost structure?
Opportunities Feasibility
(L/M/H) 		Desirability
(L/M/H) 		Viability
(L/M/H)
Centralized repository for research knowledge H H H
Rationalize course creation tool set H H H
Connectivity self-assessment/ checklist H M H
Forums for students M H H
Exam preparation (e.g. education or practice exams) H H H

3.3 Prioritization of opportunities

Objective: Prioritize opportunities for creating a roadmap.

  1. Gather the opportunities identified in the journey mapping exercise
  2. Assess the opportunities based on IDEO’s three lenses of innovation:
    • Feasibility: Do you currently have the capabilities to deliver on this opportunity? Do we have the right partners, resources, or technology?
    • Viability: Does this initiative have an impact on the financial revenue of the organization? Is it a profitable solution that will support the business model? Will this opportunity require a complex cost structure?
    • Desirability: Is this a solution the stakeholder needs? Does it solve a known pain point?
  3. Opportunities that score high in all three areas are prioritized for the roadmap.

Input

  • Opportunities From Journey Map

Output

  • Prioritized Opportunities

Materials

  • Digital Strategy Workbook

Participants

  • Executives

Step 3.4

Define digital goals

Activities

Transform stakeholder journeys

This step will walk you through the following activities:

Define a digital goal as it relates to the prioritized opportunities and the stakeholder journey map.

This step involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes of this step

Digital goals

Define digital goals

What digital goals can be derived from the stakeholder journey?

With the prioritized set of opportunities for each stakeholder journey, take a step back and assess what the sum of these opportunities mean for the journey. What is the overall goal or objective of these opportunities? How do these opportunities change or facilitate the journey experience? From here, identify a single goal statement for each stakeholder journey.

Stakeholder Scenario Prioritized Opportunities Goal
Faculty (Engineering) As a faculty (Engineering), I want to prepare and teach my course in a hybrid mode of delivery Centralized repository for research knowledge
Rationalized course creation tool set 		Support hybrid course curricula development through value-driven toolsets and centralized knowledge

3.4 Define digital goals

Objective: Identify digital goals derived from the journey statements.

  1. With the prioritized set of opportunities for each stakeholder journey (the two existing journeys and one opportunity journey) take a step back and assess what the sum of these opportunities means for each journey.
    • What is the overall goal or objective of these opportunities?
    • How do these opportunities change or facilitate the journey experience?
  2. From here, identify a single goal for each stakeholder journey.

Input

  • Opportunities From Journey Map
  • Stakeholder Persona

Output

  • Digital Goals

Materials

  • Prioritization Matrix

Participants

  • Executives

Step 3.5

Breakdown opportunities into series of initiatives

Activities

  • Identify initiatives from the opportunities.

Transform stakeholder journeys

This step will walk you through the following activities:

Identify people, process, and technology initiatives for the opportunities identified.

This step involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes of this step

  • People, process, and technology initiatives

Break down opportunities into a series of initiatives

Brainstorm initiatives for each high-priority opportunity using the framework below. Describe each initiative as a plan or action to take to solve the problem.

Opportunity → Initiatives:

People: What initiatives are required to manage people, data, and other organizational factors that are impacted by this opportunity?

Process: What processes must be created, changed, or removed based on the data?

Technology: What systems are required to support this opportunity?

Break down opportunities into a series of initiatives

Initiatives
Centralized repository for research knowledge Technology Acquire and implement knowledge management application
People Train researchers on functionality
Process Periodically review and validate data entries into repository
Initiatives
Rationalize course creation toolset Technology Retire duplicate or under-used tools
People Provide training on tool types and align to user needs
Process Catalog software applications and tools across the organization
Identify under-used or duplicate tools/applications

Info-Tech Insight

Ruthlessly evaluate if a initiative should stand alone or if it can be rolled up with another. Fewer initiatives or opportunities increases focus and alignment, allowing for better communication.

3.5 Break down opportunities into initiatives

Objective: Break down opportunities into people, process, and technology initiatives.

  1. Split into groups and identify initiatives required to deliver on each opportunity. Document each initiative on sticky notes.
  2. Have each team answer the following questions to identify initiatives for the prioritized opportunities:
    • People: What initiatives are required to manage people, data, and other organizational factors that are impacted by this opportunity?
    • Process: What processes must be created, changed, or removed based on the data?
    • Technology: What systems are required to support this opportunity?
  3. Document findings in the Digital Strategy Workbook.

Input

  • Opportunities

Output

  • Opportunity initiatives categorized by people, process and technology

Materials

  • Digital Strategy Workbook

Participants

  • Executive team

Phase 4

Build a digital transformation roadmap

  • Detail initiatives
  • Build a unified roadmap roadmap

This phase will walk you through the following activities:

Build a digital transformation roadmap that captures people, process, and technology initiatives.

This phase involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes

  • Digital transformation roadmap

Step 4.1

Detail initiatives

Activities

  • Detail initiatives.

Build a digital transformation roadmap

This step will walk you through the following activities:

Detail initiatives for each priority initiative on your horizon.

This step involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes of this step

  • A roadmap for your digital business strategy.

Create initiative profiles for each high-priority initiative on your strategy

this image contains a screenshot of an example initiative profile

Step 4.2

Build a roadmap

Activities

  • Create a roadmap of initiatives.

Build a digital transformation roadmap

Info-Tech Insight

A roadmap that balances growth opportunities with business resilience will transform your organization for long-term success in the digital economy.

This step will walk you through the following activities:

Identify timing of initiatives and build a Gantt chart roadmap.

This step involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes of this step

  • A roadmap for your digital transformation and the journey canvases for each of the prioritized journeys.

Build a roadmap to visualize your key initiative plan

Visual representations of data are more compelling than text alone.

Develop a high-level document that travels with the initiative from inception through executive inquiry, project management, and finally execution.

A initiative needs to be discrete: able to be conceptualized and discussed as an independent item. Each initiative must have three characteristics:

  • Specific outcome: Describe an explicit change in the people, processes, or technology of the enterprise.
  • Target end date: When the described outcome will be in effect.
  • Owner: Who on the IT team is responsible for executing on the initiative.
this image contains screenshots of a sample roadmap for supporting hybrid course curricula development through value-driven toolsets and centralized knowledge.

4.2 Build your roadmap (30 minutes)

  1. For the Gantt chart:
    • Input the Roadmap Start Year date.
    • Change the months and year in the Gantt chart to reflect the same roadmap start year.
    • Populate the planned start and planned end date for the pre-populated list of high-priority initiatives in each category (people, process, and technology).

Input

  • Initiatives
  • Initiative start & end dates
  • Initiative category

Output

  • Digital strategy roadmap visual

Materials

  • Digital Strategy Workbook

Participants

  • Senior Executive

Learn more about project portfolio management strategy

Step 4.3

Create a refresh strategy

Activities

  • Refresh your strategy.

Build a digital transformation roadmap

Info-Tech Insight

A digital strategy is a design process, it must be revisited to pressure test and account for changes in the external environment.

This step will walk you through the following activities:

Detail a refresh strategy.

This step involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes of this step

  • Refresh strategy

Create a refresh strategy

It is important to dedicate time to your strategy throughout the year. Create a refresh plan to assess for the changing business context and its impact on the digital business strategy. Make sure the regular planning cycle is not the primary trigger for strategy review. Put a process in place to review the strategy and make your organization proactive. Start by examining the changes to the business context and how the effect would trickle downwards. It’s typical for organizations to build a refresh strategy around budget season and hold planning and touch points to accommodate budget approval time.
Example:

this image contains an example of a refresh strategy.

4.3 Create a refresh strategy (30 minutes)

  1. Work with the digital strategy creation team to identify the time frequencies the organization should consider to refresh the digital business strategy. Time frequencies can also be events that trigger a review (i.e. changing business goals). Record the different time frequencies in the Refresh of the Digital Business Strategy slide of the section.
  2. Discuss with the team the different audience members for each time frequency and the scope of the refresh. The scope represents what areas of the digital business strategy need to be re-examined and possibly changed.

Example:

Frequency Audience Scope Date
Annually Executive Leadership Resurvey, review/ validate, update schedule Pre-budget
Touch Point Executive Leadership Status update, risks/ constraints, priorities Oct 2021
Every Year (Re-build) Executive Leadership Full planning Jan 2022

Input

  • Digital Business Strategy

Output

  • Refresh Strategy

Materials

  • Digital Business Strategy Presentation Template
  • Collaboration/ Brainstorming Tool (whiteboard, flip chart, digital equivalent)

Participants

  • Executive Leaders

Related Info-Tech Research

Design a Customer-Centric Digital Operating Model

Design a Customer-Centric Digital Operating Model

Establish a new way of working to deliver value on your digital transformation initiatives.

Develop a Project Portfolio Management Strategy

Develop a Project Portfolio Management Strategy

Drive project throughput by throttling resource capacity.

Adopt Design Thinking in Your Organization

Adopt Design Thinking in Your Organization

Innovation needs design thinking.

Digital Maturity Improvement Service

Digital Maturity Improvement Service

Prepare your organization for digital transformation – or risk falling behind.

Research Contributors and Experts

Kenneth McGee

this is a picture of Research Fellow, Kenneth McGee

Research Fellow
Info-Tech Research Group

Kenneth McGee is a Research Fellow within the CIO practice at Info-Tech Research Group and is focused on IT business and financial management issues, including IT Strategy, IT Budgets and Cost Management, Mergers & Acquisitions (M&A), and Digital Transformation. He also has extensive experience developing radical IT cost reduction and return-to-growth initiatives during and following financial recessions.

Ken works with CIOs and IT leaders to help establish twenty-first-century IT organizational charters, structures, and responsibilities. Activities include IT organizational design, IT budget creation, chargeback, IT strategy formulation, and determining the business value derived from IT solutions. Ken’s research has specialized in conducting interviews with CEOs of some of the world’s largest corporations. He has also interviewed a US Cabinet member and IT executives at the White

House. He has been a frequent keynote speaker at industry conventions, client sales kick-off meetings, and IT offsite planning sessions.

Ken obtained a BA in Cultural Anthropology from Dowling College, Oakdale, NY, and has pursued graduate studies at Polytechnic Institute (now part of NYU University). He has been an adjunct instructor at State University of New York, Westchester Community College.

Jack Hakimian

this is a picture of Vice President of the Info-Tech Research Group, Jack Hakimian

Vice President
Info-Tech Research Group

Jack has more than 25 years of technology and management consulting experience. He has served multi-billion dollar organizations in multiple industries including Financial Services and Telecommunications. Jack also served a number of large public sector institutions.

Prior to joining the Info-Tech Research Group, he worked for leading consulting players such as Accenture, Deloitte, EY, and IBM.

Jack led digital business strategy engagements as well as corporate strategy and M&A advisory services for clients across North America, Europe, the Middle East, and Africa. He is a seasoned technology consultant who has developed IT strategies and technology roadmaps, led large business transformations, established data governance programs, and managed the deployment of mission-critical CRM and ERP applications.

He is a frequent speaker and panelist at technology and innovation conferences and events and holds a Master’s degree in Computer Engineering as well as an MBA from the ESCP-EAP European School of Management.

Bibliography

Abrams, Karin von. “Global Ecommerce Forecast 2021.” eMarketer, Insider Intelligence, 7 July 2021. Web.

Christenson, Clayton. The Innovator's Dilemma: When New Technologies Cause Great Firms to Fail. Harvard Business School, 1997. Book.

Drucker, Peter F., and Joseph A. Maciariello. Innovation and Entrepreneurship. Routledge, 2015.

Eagar, Rick, David Boulton, and Camille Demyttenaere. “The Trends in Megatrends.” Arthur D Little, Prism, no. 2, 2014. Web.

Enright, Sara, and Allison Taylor. “The Future of Stakeholder Engagement.” The Business of a Better World, October 2016. Web.

Hatem, Louise, Daniel Ker, and John Mitchell. “A roadmap toward a common framework for measuring the digital economy.” Report for the G20 Digital Economy Task Force, OECD, 2020. Web.

Kemp, Simon. “Digital 2021 April Statshot Report.” DataReportal, Global Digital Insights, 21 Apr. 2021. Web.

Larson, Chris. “Disruptive Innovation Theory: 4 Key Concepts.” Business Insights, Harvard Business School, HBS Online, 15 Nov. 2016. Web.

McCann, Leah. “Barco's Virtual Classroom at UCL: A Case Study for the Future of All University Classrooms?” rAVe, 2 July 2020. Web.

Mochari, Ilan. “The Startup Buzzword Almost Everyone Uses Incorrectly.” Inc., 19 Nov. 2015. Web.

Osterwalder, Alexander, et al. Value Proposition Design. Wiley, 2014.

Reed, Laura. “Artificial Intelligence: Is Your Job at Risk?” Science Node, 9 August 2017.

Rodeck, David. “Alphabet Soup: Understanding the Shape of a Covid-19 Recession.” Forbes, 8 June 2020. Web.

Tapscott, Don. Wikinomics. Atlantic Books, 2014.

Taylor, Paul. “Don't Be A Dodo: Adapt to the Digital Economy.” Forbes, 27 Aug. 2015. Web.

The Business Research Company. "Wholesale Global Market Report 2021: COVID-19 Impact and Recovery to 2030." Research and Markets, January 2021. Press Release.

“Topic 1: Megatrends and Trends.” BeFore, 11 October 2018.

“Updated Digital Economy Estimates – June 2021.” Bureau of Economic Analysis, June 2021. Web.

Williamson, J. N. The Leader Manager. John Wiley & Sons, 1984.

Optimize Applications Release Management

  • Buy Link or Shortcode: {j2store}406|cart{/j2store}
  • member rating overall impact: 9.3/10 Overall Impact
  • member rating average dollars saved: $44,874 Average $ Saved
  • member rating average days saved: 21 Average Days Saved
  • Parent Category Name: Testing, Deployment & QA
  • Parent Category Link: /testing-deployment-and-qa
  • The business demands high service and IT needs to respond. Rapid customer response through efficient release and deployment is critical to maintain high business satisfaction.
  • The lack of process ownership leads to chaotic and uncoordinated releases, resulting in costly rework and poor hand-offs.
  • IT emphasizes tools but release tools and technologies alone will not fix the problem. Tools are integrated into the processes they support – if the process challenges aren’t addressed first, then the tool won’t help.
  • Releases are traditionally executed in silos with limited communication across the entire release pipeline. Culturally, there is little motivation for cross-functional collaboration and holistic process optimization.

Our Advice

Critical Insight

  • Release management is not solely driven by tools. It is about delivering high quality releases on time through accountability and governance aided by the support of tools.
  • Release management is independent of your software development lifecycle (SDLC). Release management practices sit as an agnostic umbrella over your chosen development methodology.
  • Ownership of the entire process is vital. Release managers ensure standards are upheld and the pipeline operates efficiently.

Impact and Result

  • Acquire release management ownership. Ensure there is appropriate accountability for speed and quality of the releases passing through the entire pipeline. A release manager has oversight over the entire release process and facilitates the necessary communication between business stakeholders and various IT roles.
  • Instill holistic thinking. Release management includes all steps required to push release and change requests to production along with the hand-off to Operations and Support. Increase the transparency and visibility of the entire pipeline to ensure local optimizations do not generate bottlenecks in other areas.
  • Standardize and lay a strong release management foundation. Optimize the key areas where you are experiencing the most pain and continually improve.

Optimize Applications Release Management Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to find out why you should optimize release management, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Review your release management objectives

Assess the current state and define the drivers behind your release management optimizations.

  • Optimize Applications Release Management – Phase 1: Review Your Release Management Objectives
  • Release Management Process Standard Template
  • Release Management Maturity Assessment

2. Standardize release management

Design your release processes, program framework, and release change management standards, and define your release management team.

  • Optimize Applications Release Management – Phase 2: Standardize Release Management
  • Release Manager

3. Roll out release management enhancements

Create an optimization roadmap that fits your context.

  • Optimize Applications Release Management – Phase 3: Roll Out Release Management Enhancements
[infographic]

Workshop: Optimize Applications Release Management

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Review Your Release Management Objectives

The Purpose

Reveal the motivators behind the optimization of release management.

Identify the root causes of current release issues and challenges.

Key Benefits Achieved

Ensure business alignment of optimization efforts.

Firm grasp of why teams are facing release issues and the impacts they have on the organization.

Activities

1.1 Identify the objectives for application release.

1.2 Conduct a current state assessment of release practices.

Outputs

Release management business objectives and technical drivers

Current state assessment of release processes, communication flows, and tools and technologies

2 Standardize Release Management

The Purpose

Alleviate current release issues and challenges with best practices.

Standardize a core set of processes, tools, and roles & responsibilities to achieve consistency, cadence, and transparency.

Key Benefits Achieved

Repeatable execution of the same set of processes to increase the predictability of release delivery.

Defined ownership of release management.

Adaptable and flexible release management practices to changing business and technical environments.

Activities

2.1 Strengthen your release process.

2.2 Coordinate releases with a program framework.

2.3 Manage release issues with change management practices.

2.4 Define your release management team.

Outputs

Processes accommodating each release type and approach the team is required to complete

Release calendars and program framework

Release change management process

Defined responsibilities and accountabilities of release manager and release management team

3 Roll Out Release Management Enhancements

The Purpose

Define metrics to validate release management improvements.

Identify the degree of oversight and involvement of the release management team.

Prioritize optimization roadmap against business needs and effort.

Key Benefits Achieved

Easy-to-gather metrics to measure success that can be communicated to stakeholders.

Understanding of how involved release management teams are in enforcing release management standards.

Practical and achievable optimization roadmap.

Activities

3.1 Define your release management metrics.

3.2 Ensure adherence to standards.

3.3 Create your optimization roadmap.

Outputs

List of metrics to gauge success

Oversight and reporting structure of release management team

Release management optimization roadmap

Ensure Cloud Security in IaaS, PaaS, and SaaS Environments

  • Buy Link or Shortcode: {j2store}386|cart{/j2store}
  • member rating overall impact: N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: Secure Cloud & Network Architecture
  • Parent Category Link: /secure-cloud-network-architecture
  • Security remains a large impediment to realizing cloud benefits. Numerous concerns still exist around the ability for data privacy, confidentiality, and integrity to be maintained in a cloud environment.
  • Even if adoption is agreed upon, it becomes hard to evaluate vendors that have strong security offerings and even harder to utilize security controls that are internally deployed in the cloud environment.

Our Advice

Critical Insight

  • The cloud can be secure despite unique security threats.
  • Securing a cloud environment is a balancing act of who is responsible for meeting specific security requirements.
  • Most security challenges and concerns can be minimized through our structured process (CAGI) of selecting a trusted cloud security provider (CSP) partner.

Impact and Result

  • The business is adopting a cloud environment and it must be secured, which includes:
    • Ensuring business data cannot be leaked or stolen.
    • Maintaining privacy of data and other information.
    • Securing the network connection points.
  • Determine your balancing act between yourself and your CSP; through contractual and configuration requirements, determine what security requirements your CSP can meet and cover the rest through internal deployment.
  • This blueprint and associated tools are scalable for all types of organizations within various industry sectors.

Ensure Cloud Security in IaaS, PaaS, and SaaS Environments Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to find out why you should prioritize security in the cloud, review Info-Tech’s methodology, and understand the ways we can support you in completing this project.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Determine your cloud risk profile

Determine your organization’s rationale for cloud adoption and what that means for your security obligations.

  • Ensure Cloud Security in IaaS, PaaS, and SaaS Environments – Phase 1: Determine Your Cloud Risk Profile
  • Secure Cloud Usage Policy

2. Identify your cloud security requirements

Use the Cloud Security CAGI Tool to perform four unique assessments that will be used to identify secure cloud vendors.

  • Ensure Cloud Security in IaaS, PaaS, and SaaS Environments – Phase 2: Identify Your Cloud Security Requirements
  • Cloud Security CAGI Tool

3. Evaluate vendors from a security perspective

Learn how to assess and communicate with cloud vendors with security in mind.

  • Ensure Cloud Security in IaaS, PaaS, and SaaS Environments – Phase 3: Evaluate Vendors From a Security Perspective
  • IaaS and PaaS Service Level Agreement Template
  • SaaS Service Level Agreement Template
  • Cloud Security Communication Deck

4. Implement your secure cloud program

Turn your security requirements into specific tasks and develop your implementation roadmap.

  • Ensure Cloud Security in IaaS, PaaS, and SaaS Environments – Phase 4: Implement Your Secure Cloud Program
  • Cloud Security Roadmap Tool

5. Build a cloud security governance program

Build the organizational structure of your cloud security governance program.

  • Ensure Cloud Security in IaaS, PaaS, and SaaS Environments – Phase 5: Build a Cloud Security Governance Program
  • Cloud Security Governance Program Template
[infographic]

Improve Application Development Throughput

  • Buy Link or Shortcode: {j2store}151|cart{/j2store}
  • member rating overall impact: 10.0/10 Overall Impact
  • member rating average dollars saved: $59,399 Average $ Saved
  • member rating average days saved: 39 Average Days Saved
  • Parent Category Name: Development
  • Parent Category Link: /development
  • The business is demanding more features at an increasing pace. It is expecting your development teams to keep up with its changing needs while maintaining high quality.
  • However, your development process is broken. Tasks are taking significant time to complete, and development handoffs are not smooth.

Our Advice

Critical Insight

  • Lean development is independent of your software development lifecycle (SDLC) methodology. Lean development practices can be used in both Agile and Waterfall teams.
  • Lean isn’t about getting rid of sound development processes. Becoming lean means fine-tuning the integration of core practices like coding and testing.
  • Lean thinking motivates automation. By focusing on optimizing the development process, automation becomes a logical and necessary step toward greater maturity and improved throughput.

Impact and Result

  • Gain a deep understanding of lean principles and associated behaviors. Become familiar with the core lean principles and the critical attitudes and mindsets required by lean. Understand how incorporating DevOps and Agile principles can help your organization.
  • Conduct a development process and tool review. Use a value-stream analysis of your current development process and tools to reveal bottlenecks and time-consuming or wasteful tasks. Analyze these insights to identify root causes and the impact to product delivery.
  • Incorporate the right tools and practices to become more lean. Optimize the key areas where you are experiencing the most pain and consuming the most resources. Look at how today’s best development and testing practices (e.g. version control, branching) and tools (e.g. automation, continuous integration) can improve the throughput of your delivery pipeline.

Improve Application Development Throughput Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to find out why you should make development teams leaner, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Conduct a current state analysis

Acquire a holistic perspective of the development team, process, and tools to identify the bottlenecks and inefficiency points that are significantly delaying releases.

  • Improve Application Development Throughput – Phase 1: Conduct a Current State Analysis
  • Lean Implementation Roadmap Template
  • Lean Development Readiness Assessment

2. Define the lean future state

Identify the development guiding principles and artifact management practices and build automation and continuous integration processes and tools that best fit the context and address the organization’s needs.

  • Improve Application Development Throughput – Phase 2: Define the Lean Future State

3. Create an implementation roadmap

Prioritize lean implementation initiatives in a gradual, phased approach and map the critical stakeholders in the lean transformation.

  • Improve Application Development Throughput – Phase 3: Create an Implementation Roadmap
[infographic]

Workshop: Improve Application Development Throughput

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Conduct a Current State Analysis

The Purpose

Assess the current state of your development environment.

Select a pilot project to demonstrate the value of your optimization.

Key Benefits Achieved

Realization of the root causes behind the bottlenecks and inefficiencies in your current development process.

Valuation of your current development tools.

Selection of a pilot project that will be used to gather the metrics in order obtain buy-in for wider optimization initiatives.

Activities

1.1 Assess your readiness to transition to lean development.

1.2 Conduct a SWOT analysis and value-stream assessment of your current development process.

1.3 Evaluate your development tools.

1.4 Select a pilot project.

Outputs

Lean development readiness assessment

Current state analysis of development process

Value assessment of existing development tools

Pilot project selection

2 Define Your Lean Future State

The Purpose

Establish your development guiding principles.

Enhance the versioning and management of your development artifacts.

Automatically build and continuously integrate your code.

Key Benefits Achieved

Grounded and well-understood set of guiding principles that are mapped to development tasks and initiatives.

Version control strategy of development artifacts, including source code, adapted to support lean development.

A tailored approach to establish the right environment to support automated build, testing, and continuous integration tools.

Activities

2.1 Assess your alignment to the lean principles.

2.2 Define your lean development guiding principles.

2.3 Define your source code branching approach.

2.4 Define your build automation approach.

2.5 Define your continuous integration approach.

Outputs

Level of alignment to lean principles

Development guiding principles

Source code branching approach

Build automation approach.

Continuous integration approach

3 Create Your Implementation Roadmap

The Purpose

Prioritize your optimization initiatives to build an implementation roadmap.

Identify the stakeholders of your lean transformation.

Key Benefits Achieved

Phased implementation roadmap that accommodates your current priorities, constraints, and enablers.

Stakeholder engagement strategy to effectively demonstrate the value of the optimized development environment.

Activities

3.1 Identify metrics to gauge the success of your lean transformation.

3.2 List and prioritize your implementation steps.

3.3 Identify the stakeholders of your lean transformation.

Outputs

List of product, process, and tool metrics

Prioritized list of tasks to optimize your development environment

Identification of key stakeholders

Mature and Scale Product Ownership

  • Buy Link or Shortcode: {j2store}145|cart{/j2store}
  • member rating overall impact: 9.5/10 Overall Impact
  • member rating average dollars saved: $21,919 Average $ Saved
  • member rating average days saved: 13 Average Days Saved
  • Parent Category Name: Development
  • Parent Category Link: /development
  • Product owners must bridge the gap between the customers, operations, and delivery to ensure products continuously deliver increasing value.
  • Product owners are often assigned to projects or product delivery without proper support, guidance, or alignment.
  • In many organizations, the product owner role is not well-defined, serves as a proxy for stakeholder ownership, and lacks reinforcement of the key skills needed to be successful.

Our Advice

Critical Insight

A product owner is the CEO for their product. Successful product management starts with empowerment and accountability. Product owners own the vision, roadmap, and value realization for their product or family aligned to enterprise goals and priorities.

  • Product and service ownership share the same foundation - underlying capabilities and best practices to own and improve a product or service are identical for both roles. Use the terms that make the most sense for your culture.
  • Product owners represent three primary perspectives: Business (externally facing), Technical (systems and tools), or Operational (manual processes). Although all share the same capabilities, how they approach their responsibilities is influenced by their primary perspective.
  • Product owners are operating under an incomplete understanding of the capabilities needed to succeed. Most product/service owners lack a complete picture of the needed capabilities, skills, and activities to successfully perform their roles.

Impact and Result

  • Create a culture of product management trust and empowerment with product owners aligned to your operational structure and product needs.
  • Promote and develop true Agile skills among your product owners and family managers.
  • Implement Info-Tech’s product owner capability model to define the role expectations and provide a development path for product owners.

Mature and Scale Product Ownership Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Mature and Scale Product Ownership Storyboard – Establish a culture of success for product management and mature product owner capabilities.

Strengthen the product owner role in your organization by focusing on core capabilities and proper alignment.

  • Establish a foundation for empowerment and success.
  • Assign and align product owners with products and stakeholders.
  • Mature product owner capabilities and skills.

    • Mature and Scale Product Ownership Storyboard

    2. Mature and Scale Product Ownership Readiness Assessment – Determine your readiness for a product-centric culture based on Info-Tech’s CLAIM+G model.

    Using Info-Tech’s CLAIM model, quickly determine your organization’s strengths and weaknesses preparing for a product culture. Use the heat map to identify key areas.

    • Mature and Scale Product Ownership Readiness Assessment

    3. Mature and Scale Product Ownership Playbook – Playbook for product owners and product managers.

    Use the blueprint exercises to build your personal product owner playbook. You can also use the workbook to capture exercise outcomes.

    • Mature and Scale Product Ownership Playbook

    4. Mature and Scale Product Ownership Workbook – Workbook for product owners and product managers.

    Use this workbook to capture exercise outcomes and transfer them to your Mature and Scale Product Ownership Playbook (optional).

    • Mature and Scale Product Ownership Workbook

    5. Mature and Scale Product Ownership Proficiency Assessment – Determine your current proficiency and improvement areas.

    Product owners need to improve their core capabilities and real Agile skills. The assessment radar will help identify current proficiency and growth opportunities.

    • Mature and Scale Product Ownership Proficiency Assessment
    [infographic]

    Workshop: Mature and Scale Product Ownership

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Establish the foundation for product ownership

    The Purpose

    Establish the foundation for product ownership.

    Key Benefits Achieved

    Product owner playbook with role clarity and RACI.

    Activities

    1.1 Define enablers and blockers of product management.

    1.2 Define your product management roles and names.

    1.3 Assess your product management readiness.

    1.4 Identify your primary product owner perspective.

    1.5 Define your product owner RACI.

    Outputs

    Enablers and blockers

    Role definitions.

    Product culture readiness

    Product owner perspective mapping

    Product owner RACI

    2 Align product owners to products

    The Purpose

    Align product owners to products.

    Key Benefits Achieved

    Assignment of resources to open products.

    A stakeholder management strategy.

    Activities

    2.1 Assign resources to your products and families.

    2.2 Visualize relationships to identify key influencers.

    2.3 Group stakeholders into categories.

    2.4 Prioritize your stakeholders.

    Outputs

    Product resource assignment

    Stakeholder management strategy

    Stakeholder management strategy

    Stakeholder management strategy

    3 Mature product owner capabilities

    The Purpose

    Mature product owner capabilities.

    Key Benefits Achieved

    Assess your Agile product owner readiness

    Assess and mature product owner capabilities

    Activities

    3.1 Assess your real Agile skill proficiency.

    3.2 Assess your vison capability proficiency.

    3.3 Assess your leadership capability proficiency.

    3.4 Assess your PLM capability proficiency.

    3.5 Assess your value realization capability proficiency.

    3.6 Identify your business value drivers and sources of value.

    Outputs

    Real Agile skill proficiency assessment

    Info-Tech’s product owner capability model proficiency assessment

    Info-Tech’s product owner capability model proficiency assessment

    Info-Tech’s product owner capability model proficiency assessment

    Info-Tech’s product owner capability model proficiency assessment

    Business value drivers and sources of value

    Further reading

    Mature and Scale Product Ownership

    Strengthen the product owner’s role in your organization by focusing on core capabilities and proper alignment.

    Executive Brief

    Analyst Perspective

    Empower product owners throughout your organization.

    Hans Eckman

    Whether you manage a product or service, the fundamentals of good product ownership are the same. Organizations need to focus on three key elements of product ownership in order to be successful.

    • Create an environment of empowerment and service leadership to reinforce product owners and product family managers as the true owners of the vision, improvement, and realized the value of their products.
    • Align product and product family owner roles based on operational alignment and the groups defined when scaling product management.
    • Develop your product owners to improve the quality of roadmaps, alignment to enterprise goals, and profit and loss (P&L) for each product or service.

    By focusing the attention of the teammates serving in product owner or service owner roles, your organization will deliver value sooner and respond to change more effectively.

    Hans Eckman

    Principal Research Director – Application Delivery and Management
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Product owners must bridge the gap between the customers, operations, and delivery to ensure products continuously deliver increasing value.

    Product owners are often assigned to projects or product delivery without proper support, guidance, or alignment.

    In many organizations the product owner role is not well-defined, serves as a proxy for stakeholder ownership, and lacks reinforcement of the key skills needed to be successful.

    Common Obstacles

    Organizations have poor alignment or missing product owners between lines of business, IT, and operations.

    Product owners are aligned to projects and demand management rather than long-term strategic product ownership.

    Product families are not properly defined, scaled, and supported within organizations.

    Individuals in product owner roles have an incomplete understanding of needed capabilities and lack a development path.

    Info-Tech's Approach

    Create a culture of product management trust and empowerment with product owners aligned to your operational structure and product needs.

    Promote and develop true Agile skills among your product owners and family managers.

    Implement Info-Tech’s product owner capability model to define the role expectations and provide a development path for product owners.

    Extend product management success using Deliver on Your Digital Product Vision and Deliver Digital Products at Scale.

    Info-Tech Insight

    There is no single correct approach to product ownership. Product ownership must be tuned and structured to meet the delivery needs of your organization and the teams it serves.

    Info-Tech’s Approach

    Product owners make the final decision

    • Establish a foundation for empowerment and success
    • Assign product owners and align with products and stakeholders
    • Mature product owner capabilities and skills
    Product Owner capabilities: Vision, Product Lifecycle Management, Leadership, Value Realization

    The Info-Tech difference

    1. Assign product owners where product decisions are needed, not to match org charts or delivery teams. The product owner has the final word on product decisions.
    2. Organize product owners into related teams to ensure product capabilities delivered are aligned to enterprise strategy and goals.
    3. Shared products and services must support the needs of many product owners with conflicting priorities. Shared service product owners must map and prioritize demand to align to enterprise priorities and goals.
    4. All product owners share the same capability model.

    Insight summary

    There is no single correct approach to product ownership

    Successful product management starts with empowerment and accountability. Product owners own the vision, roadmap, and value realization for their product or family aligned to enterprise goals and priorities.

    Phase 1 insight

    Product owners represent three primary perspectives: business (external-facing), technical (systems and tools), or operational (manual processes). Although all share the same capabilities, how they approach their responsibilities is influenced by their primary perspective.

    Phase 2 insight

    Start with your operational grouping of products and families, identifying where an owner is needed. Then, assign people to the products and families. The owner does not define the product or family.

    Phase 3 insight

    Product owners are operating under an incomplete understanding of the capabilities needed to succeed. Most product/service owners lack a complete picture of the needed capabilities, skills, and activities to successfully perform their roles.

    Product and service ownership share the same foundation

    The underlying capabilities and best practices to own and improve a product or service are identical for both roles. Use the terms that make the most sense for your culture.

    Map product owner roles to your existing job titles

    Identify where product management is needed and align expectations with existing roles. Successful product management does not require a dedicated job family.

    Projects can be a mechanism for funding product changes and improvements

    Projects can be a mechanism for funding product changes and improvements. Shows difference of value for project life-cycles, hybrid life-cycles, and product life-cycles.

    Projects within products

    Regardless of whether you recognize yourself as a product-based or project-based shop, the same basic principles should apply.

    You go through a period or periods of project-like development to build a version of an application or product.

    You also have parallel services along with your project development, which encompass the more product-based view. These may range from basic support and maintenance to full-fledged strategy teams or services like sales and marketing.

    Product and services owners share the same foundation and capabilities

    For the purpose of this blueprint, product/service and product owner/service owner are used interchangeably. The term “product” is used for consistency but would apply to services, as well.

    Product = Service

    Common foundations: Focus on continuous improvement, ROI, and value realization. Clear vision, goals, roadmap, and backlog.

    “Product” and “service” are terms that each organization needs to define to fit its culture and customers (internal and external). The most important aspect is consistent use and understanding of:

    • External products
    • Internal products
    • External services
    • Internal services
    • Products as a service (PaaS)
    • Productizing services (SaaS)

    Recognize the product owner perspectives

    The 3 product owner perspectives. 1. Business: Customer-facing, value-generating. 2. Technical: IT systems and tools. 3. Operations: Keep-the-lights-on processes.

    Product owners represent one of three primary perspectives. Although all share the same capabilities, how they approach their responsibilities is influenced by their primary perspective.

    Info-Tech Insight

    Product owners must translate needs and constraints from their perspective into the language of their audience. Kathy Borneman, Digital Product Owner at SunTrust Bank, noted the challenges of finding a common language between lines of business and IT (e.g. what is a unit?).

    Match your product management role definitions to your product family levels

    Product ownership exists at the different operational tiers or levels in your product hierarchy. This does not imply a management relationship.

    Product portfolio

    Groups of product families within an overall value stream or capability grouping.

    Project portfolio manager

    Product family

    A collection of related products. Products can be grouped along architectural, functional, operational, or experiential patterns.

    Product family manager

    Product

    Single product composed of one or more applications and services.

    Product owner

    Info-Tech Insight

    Define the current roles that will perform the product management function or define consistent role names to product owners and managers.

    Align enterprise value through product families

    Product families are operational groups based on capabilities or business functions. Product family managers translate goals, priorities, and constraints so they are actionable at the next level. Product owners prioritize changes to enhance the capabilities that allow you to realize your product family. Enabling capabilities realize value and help reach your goals.

    Understand special circumstances

    In Deliver Digital Products at Scale, products were grouped into families using Info-Tech’s five scaling patterns. Assigning owners to Enterprise Applications and Shared Services requires special consideration.

    Value stream alignment

    • Business architecture
      • Value stream
      • Capability
      • Function
    • Market/customer segment
    • Line of business (LoB)
    • Example: Customer group > value stream > products

    Enterprise applications

    • Enabling capabilities
    • Enterprise platforms
    • Supporting apps
    • Example: HR > Workday/Peoplesoft > Modules Supporting: Job board, healthcare administrator

    Shared Services

    • Organization of related services into service family
    • Direct hierarchy does not necessarily exist within the family
    • Examples: End-user support and ticketing, workflow and collaboration tools

    Technical

    • Domain grouping of IT infrastructure, platforms, apps, skills, or languages
    • Often used in combination with Shared Services grouping or LoB-specific apps
    • Examples: Java, .NET, low-code, database, network

    Organizational alignment

    • Used at higher levels of the organization where products are aligned under divisions
    • Separation of product managers from organizational structure is no longer needed because the management team owns the product management role

    Map sources of demand and influencers

    Use the stakeholder analysis to define the key stakeholders and sources of demand for enterprise applications and shared services. Extend your mapping to include their stakeholders and influencers to uncover additional sources of demand and prioritization.

    Map of key stakeholders for enterprise applications and shared services.

    Info-Tech Insight

    Your product owner map defines the influence landscape your product operates. It is every bit as important as the teams who enhance, support and operate your product directly.

    Combine your product owner map with your stakeholder map to create a comprehensive view of influencers.

    The primary value of the product owner is to fill the backlog with the highest ROI opportunities aligned with enterprise goals.

    Info-Tech Insight

    The product owner owns the direction of the product.

    • Roadmap - Where are we going?
    • Backlog - What changes are needed to get there?
    • Product review - Did we get close enough?

    Product delivery realizes value for your product family

    While planning and analysis are done at the family level, work and delivery are done at the individual product level.

    Product strategy includes: Vision, Goals, Roadmap, backlog and Release plan.

    Product family owners are more strategic

    When assigning resources, recognize that product family owners will need to be more strategic with their planning and alignment of child families and products.

    Product family owners are more strategic. They require a roadmap that is strategic, goal-based, high-level, and flexible.

    Info-Tech Insight

    Roadmaps for your product family are, by design, less detailed. This does not mean they aren’t actionable! Your product family roadmap should be able to communicate clear intentions around the future delivery of value in both the near and long term.

    Connecting your product family roadmaps to product roadmaps

    Your product and product family roadmaps should be connected at an artifact level that is common between both. Typically, this is done with capabilities, but it can be done at a more granular level if an understanding of capabilities isn’t available.

    Product family roadmap versus Product Roadmaps.

    Develop a product owner stakeholder strategy

    Stakeholder management, Product lifecycle, Project delivery, Operational support.

    Stakeholders are a critical cornerstone to product ownership. They provide the context, alignment, and constraints that influence or control what a product owner can accomplish.

    Product owners operate within a network of stakeholders who represent different perspectives within the organization.

    First, product owners must identify members of their stakeholder network. Next, they should devise a strategy for managing stakeholders.

    Without a stakeholder strategy, product owners will encounter obstacles, resistance, or unexpected changes.

    Create a stakeholder network map to product roadmaps and prioritization

    Follow the trail of breadcrumbs from your direct stakeholders to their influencers, to uncover hidden stakeholders.

    Stakeholder network map defines the influence landscape your product operates. Connectors determine who may be influencing your direct stakeholders.

    Info-Tech Insight

    Your stakeholder map defines the influence landscape your product operates. It is every bit as important as the teams who enhance, support and operate your product directly.

    Use “connectors” to determine who may be influencing your direct stakeholders. They may not have any formal authority within the organization, but they may have informal yet substantive relationships with your stakeholders.

    Being successful at Agile is more than about just doing Agile

    The following represents the hard skills needed to “Do Agile”:

    Being successful at Agile needs 4 hard skills: 1. Engineering skills, 2. Technician Skills, 3. Framework/Process skills, 4. Tools skills.
    • Engineering skills. These are the skills and competencies required for building brand-new valuable software.
    • Technician skills. These are the skills and competencies required for maintaining and operating the software delivered to stakeholders.
    • Framework/Process skills. These are the specific knowledge skills required to support engineering or technician skills.
    • Tools skills. This represents the software that helps you deliver other software.

    While these are important, they are not the whole story. To effectively deliver software, we believe in the importance of being Agile over simply doing Agile.

    Adapted from: “Doing Agile” Is Only Part of the Software Delivery Pie

    Why focus on core skills?

    They are the foundation to achieve business outcomes

    Skills, actions, output and outcomes

    The right skills development is only possible with proper assessment and alignment against outcomes.

    Focus on these real Agile skills

    Agile skills

    • Accountability
    • Collaboration
    • Comfort with ambiguity
    • Communication
    • Empathy
    • Facilitation
    • Functional decomposition
    • Initiative
    • Process discipline
    • Resilience

    Product capabilities deliver value

    As a product owner, you are responsible for managing these facets through your capabilities and activities.

    The core product and value stream consists of: Funding - Product management and governance, Business functionality - Stakeholder and relationship management, and Technology - Product delivery.

    Info-Tech Best Practice

    It is easy to lose sight of what matters when we look at a product from a single point of view. Despite what "The Agile Manifesto" says, working software is not valuable without the knowledge and support that people need in order to adopt, use, and maintain it. If you build it, they will not come. Product owners must consider the needs of all stakeholders when designing and building products.

    Recognize product owner knowledge gaps

    Pulse survey of product owners

    Pulse survey of product owners. Graph shows large percentage of respondents have alignment to common agile definition of product owners. Yet a significant perception gap in P&L, delivery, and analytics.

    Info-Tech Insight

    1. Less than 15% of respondents identified analytics or financial management as a key component of product ownership.
    2. Assess your product owner’s capabilities and understanding to develop a maturity plan.

    Source: Pulse Survey (N=18)

    Implement the Info-Tech product owner capability model

    Unfortunately, most product owners operate with incomplete knowledge of the skills and capabilities needed to perform the role. Common gaps include focusing only on product backlogs, acting as a proxy for product decisions, and ignoring the need for key performance indicators (KPIs) and analytics in both planning and value realization.

    Product Owner capabilities: Vision, Product Lifecycle Management, Leadership, Value Realization

    Vision

    • Market Analysis
    • Business Alignment
    • Product Roadmap

    Leadership

    • Soft Skills
    • Collaboration
    • Decision Making

    Product Lifecycle Management

    • Plan
    • Build
    • Run

    Value Realization

    • KPIs
    • Financial Management
    • Business Model

    Product owner capabilities provide support

    Vision predicts impact of Value realization. Value realization provides input to vision

    Your vision informs and aligns what goals and capabilities are needed to fulfill your product or product family vision and align with enterprise goals and priorities. Each item on your roadmap should have corresponding KPIs or OKRs to know how far you moved the value needle. Value realization measures how well you met your target, as well as the impacts on your business value canvas and cost model.

    Product lifecycle management builds trust with Leadership. Leadership improves quality of Product lifecycle management.

    Your leadership skills improve collaborations and decisions when working with your stakeholders and product delivery teams. This builds trust and improves continued improvements to the entire product lifecycle. A product owner’s focus should always be on finding ways to improve value delivery.

    Product owner capabilities provide support

    Leadership enhances Vision. Vision Guides Product Lifecycle Management. Product Lifecycle Management delivers Value Realization. Leadership enhances Value Realization

    Develop product owner capabilities

    Each capability: Vision, Product lifecycle management, Value realization and Leadership has 3 components needed for successful product ownership.

    Avoid common capability gaps

    Vision

    • Focusing solely on backlog grooming (tactical only)
    • Ignoring or failing to align product roadmap to enterprise goals
    • Operational support and execution
    • Basing decisions on opinion rather than market data
    • Ignoring or missing internal and external threats to your product

    Leadership

    • Failing to include feedback from all teams who interact with your product
    • Using a command-and-control approach
    • Viewing product owner as only a delivery role
    • Acting as a proxy for stakeholder decisions
    • Avoiding tough strategic decisions in favor of easier tactical choices

    Product lifecycle management

    • Focusing on delivery and not the full product lifecycle
    • Ignoring support, operations, and technical debt
    • Failing to build knowledge management into the lifecycle
    • Underestimating delivery capacity, capabilities, or commitment
    • Assuming delivery stops at implementation

    Value realization

    • Focusing exclusively on “on time/on budget” metrics
    • Failing to measure a 360-degree end-user view of the product
    • Skipping business plans and financial models
    • Limiting financial management to project/change budgets
    • Ignoring market analysis for growth, penetration, and threats

    Your product vision is your North Star

    It's ok to dream a little!

    Who is the target customer, what is the key benefit, what do they need, what is the differentiator

    Adapted from: Crossing the Chasm

    Info-Tech Best Practice

    A product vision shouldn’t be so far out that it doesn’t feel real or so short-term that it gets bogged down in minutiae and implementation details. Finding the right balance will take some trial and error and will be different for each organization.

    Leverage the product canvas to state and inform your product vision

    Leverage the product Canvas to state and inform your product vision. Includes: Product name, Tracking info, Vision, List of business objectives or goals, Metrics used to measure value realization, List of groups who consume the product/service, and List of key resources or stakeholders.

    Define product value by aligning backlog delivery with roadmap goals

    In each product plan, the backlogs show what you will deliver. Roadmaps identify when and in what order you will deliver value, capabilities, and goals.

    In each product plan, the backlogs show what you will deliver. Roadmaps identify when and in what order you will deliver value, capabilities, and goals.

    Use a balanced value to establish a common definition of goals and value

    Value drivers are strategic priorities aligned to our enterprise strategy and translated through our product families. Each product and change has an impact on the value driver helping us reach our enterprise goals.

    Importance of the value driver multiplied by the Impact of value score is equal to the Value score.

    Info-Tech Insight

    Your value drivers and impact helps estimate the expected value of roadmap items, prioritize roadmap and backlog items, and identify KPIs and OKRs to measure value realization and actual impact.

    Use CLAIM to guide your journey

    Culture, Learning, Automation, Integrated teams, Metrics and governance.

    Value is best created by self-managing teams who deliver in frequent, short increments supported by leaders who coach them through challenges.

    Product-centric delivery and Agile are a radical change in how people work and think. Structured, facilitated learning is required throughout the transformation to help leaders and practitioners make the shift.

    Product management, Agile, and DevOps have inspired SDLC tools that have become a key part of delivery practices and work management.

    Self-organizing teams that cross business, delivery, and operations are essential to gain the full benefits of product-centric delivery.

    Successful implementations require the disciplined use of metrics that support developing better teams

    Communicate reasons for changes and how they will be implemented

    Five elements of communicating change: What is the change? Why are we doing it? How are we going to go about it? How long will it take us to do it? What will the role be for each department individual?

    Leaders of successful change spend considerable time developing a powerful change message; that is, a compelling narrative that articulates the desired end state, and that makes the change concrete and meaningful to staff.

    The organizational change message should:

    • Explain why the change is needed.
    • Summarize what will stay the same.
    • Highlight what will be left behind.
    • Emphasize what is being changed.
    • Explain how the change will be implemented.
    • Address how change will affect various roles in the organization.
    • Discuss the staff’s role in making the change successful.

    Info-Tech’s methodology for mature and scale product ownership

    Phase steps

    1. Establish the foundation for product ownership

    Step 1.1 Establish an environment for product owner success

    Step 1.2 Establish your product ownership model

    2. Align product owners to products

    Step 2.1 Assign product owners to products

    Step 2.2 Manage stakeholder influence

    3. Mature product owner capabilities

    Step 3.1 Assess your Agile product owner readiness

    Step 3.2 Mature product owner capabilities

    Phase outcomes

    1.1.1 Define enablers and blockers of product management

    1.1.2 Define your product management roles and names

    1.2.1 Identify your primary product owner perspective

    1.2.2 Define your product owner RACI

    2.1.1 Assign resources to your products and families

    2.2.1 Visualize relationships to identify key influencers

    2.2.2 Group stakeholders into categories

    2.2.3 Prioritize your stakeholders

    3.1.1 Assess your real Agile skill proficiency

    3.2 Mature product owner capabilities

    3.2.1 Assess your vision capability proficiency

    3.2.2 Assess your leadership capability proficiency

    3.2.3 Assess your PLM capability proficiency

    3.2.4 Identify your business value drivers and sources of value

    3.2.5 Assess your value realization capability proficiency

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals.

    Key deliverable

    Mature and Scale Product Ownership Playbook

    Capture and organize the outcomes of the activities in the workbook.

    Mature and Scale Product Ownership Workbook

    The workbook helps organize and communicate the outcomes of each activity.

    Mature and Scale Product Ownership Readiness Assessment

    Determine your level of mastery of real Agile skills and product owner capabilities.


    Blueprint benefits

    IT benefits

    • Competent product owner who can support teams operating in any delivery methodology.
    • Representative viewpoint and input from the technical and operational product owner perspectives.
    • Products aligned to business needs and committed work are achievable.
    • Single point of contact with a business representative.
    • Acceptance of product owner role outside the Scrum teams.

    Business benefits

    • Better alignment to enterprise goals, vision, and outcomes.
    • Improved coordination with stakeholders.
    • Quantifiable value realization tied to vision.
    • Product decisions made at the right time and with the right input.
    • Product owner who has the appropriate business, operations, and technical knowledge.

    Measure the value of this blueprint

    Align product owner metrics to product delivery and value realization.

    Member outcome

    Suggested Metric

    Estimated impact
    Increase business application satisfaction Satisfaction of business applications (CIO BV Diagnostic) 20% increase within one year after implementation
    Increase effectiveness of application portfolio management Effectiveness of application portfolio management (M&G Diagnostic) 20% increase within one year after implementation
    Increase importance and effectiveness of application portfolio Importance and effectiveness to business (APA Diagnostic) 20% increase within one year after implementation
    Increase satisfaction of support of business operations Support to business (CIO BV Diagnostic) 20% increase within one year after implementation
    Successfully deliver committed work (productivity) Number of successful deliveries; burndown Reduction in project implementation overrun by 20%

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project"

    Diagnostics and consistent frameworks are used throughout all four options.

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 Establish the Foundation for Product Ownership

    Phase 2 Align Product Owners to Products

    Phase 3 Mature Product Owner Capabilities
    • Call #1:
      Scope objectives and your specific challenges
    • Call #2:
      Step 1.1 Establish an environment for product owner success
      Step 1.2 Establish your product ownership model
    • Call #3:
      Step 2.1 Assign product owners to products
    • Call #4:
      Step 2.2 Manage stakeholder influence
    • Call #5:
      Step 3.1 Assess your Agile product owner readiness
    • Call #6:
      Step 3.2 Mature product owner capabilities

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 8 and 12 calls over the course of 4 to 6 months.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Phase 1

    Phase 2

    Phase 3

    Activities

    Establish the Foundation for Product Ownership

    Step 1.1 Establish an environment for product owner success

    1.1.1 Define enablers and blockers of product management

    1.1.2 Define your product management roles and names

    1.1.3 Assess your product management readiness

    Step 1.2 Establish your product ownership model

    1.2.1 Identify your primary product owner perspective

    1.2.2 Define your product owner RACI

    Align Product Owners to Products

    Step 2.1 Assign product owners to products

    2.1.1 Assign resources to your products and families

    Step 2.2 Manage stakeholder influence

    2.2.1 Visualize relationships to identify key influencers

    2.2.2 Group stakeholders into categories

    2.2.3 Prioritize your stakeholders

    Mature Product Owner Capabilities

    Step 3.1 Assess your Agile product owner readiness

    3.1.1 Assess your real Agile skill proficiency

    Step 3.2 Mature product owner capabilities=

    3.2.1 Assess your Vision capability proficiency

    3.2.2 Assess your Leadership capability proficiency

    3.2.3 Assess your PLM capability proficiency

    3.2.4 Identify your business value drivers and sources of value

    3.2.5 Assess your Value Realization capability proficiency

    Deliverables

    1. Enablers and blockers
    2. Role definitions
    3. Product culture readiness
    4. Product owner perspective mapping
    5. Product owner RACI
    1. Product resource assignment
    2. Stakeholder management strategy
    1. Real Agile skill proficiency assessment
    2. Info-Tech’s product owner capability model proficiency assessment
    3. Business value drivers and sources of value

    Related Info-Tech Research

    Product delivery

    Deliver on Your Digital Product Vision

    Build a product vision your organization can take from strategy through execution.

    Deliver Digital Products at Scale

    Deliver value at the scale of your organization through defining enterprise product families.

    Build Your Agile Acceleration Roadmap

    Quickly assess the state of your Agile readiness and plan your path forward to higher value realization.

    Develop Your Agile Approach for a Successful Transformation

    Understand Agile fundamentals, principles, and practices so you can apply them effectively in your organization.

    Implement DevOps Practices That Work

    Streamline business value delivery through the strategic adoption of DevOps practices.

    Extend Agile Practices Beyond IT

    Further the benefits of Agile by extending a scaled Agile framework to the business.

    Build Your BizDevOps Playbook

    Embrace a team sport culture built around continuous business-IT collaboration to deliver great products.

    Embed Security Into the DevOps Pipeline

    Shift security left to get into DevSecOps.

    Spread Best Practices With an Agile Center of Excellence

    Facilitate ongoing alignment between Agile teams and the business with a set of targeted service offerings.

    Enable Organization-Wide Collaboration by Scaling Agile

    Execute a disciplined approach to rolling out Agile methods in the organization.

    Related Info-Tech Research

    Application portfolio management

    APM Research Center

    See an overview of the APM journey and how we can support the pieces in this journey.

    Application Portfolio Management Foundations

    Ensure your application portfolio delivers the best possible return on investment.

    Streamline Application Maintenance

    Effective maintenance ensures the long-term value of your applications.

    Streamline Application Management

    Move beyond maintenance to ensuring exceptional value from your apps.

    Build an Application Department Strategy

    Delivering value starts with embracing what your department can do.

    Embrace Business-Managed Applications

    Empower the business to implement its own applications with a trusted business-IT relationship.

    Optimize Applications Release Management

    Facilitate ongoing alignment between Agile teams and the business with a set of targeted service offerings.

    Related Info-Tech Research

    Value, delivery metrics, estimation

    Build a Value Measurement Framework

    Focus product delivery on business value-driven outcomes.

    Select and Use SDLC Metrics Effectively

    Be careful what you ask for, because you will probably get it.

    Application Portfolio Assessment: End User Feedback

    Develop data-driven insights to help you decide which applications to retire, upgrade, re-train on, or maintain to meet the demands of the business.

    Create a Holistic IT Dashboard

    Mature your IT department by measuring what matters.

    Refine Your Estimation Practices With Top-Down Allocations

    Don’t let bad estimates ruin good work.

    Estimate Software Delivery With Confidence

    Commit to achievable software releases by grounding realistic expectations.

    Reduce Time to Consensus With an Accelerated Business Case

    Expand on the financial model to give your initiative momentum.

    Optimize Project Intake, Approval, and Prioritization

    Deliver more projects by giving yourself the voice to say “no” or “not yet” to new projects.

    Enhance PPM Dashboards and Reports

    Facilitate ongoing alignment between Agile teams and the business with a set of targeted service offerings.

    Related Info-Tech Research

    Organizational design and performance

    Redesign Your IT Organizational Structure

    Focus product delivery on business value-driven outcomes.

    Build a Strategic Workforce Plan

    Have the right people in the right place, at the right time.

    Implement a New Organizational Structure

    Reorganizations are inherently disruptive. Implement your new structure with minimal pain for staff while maintaining IT performance throughout the change.

    Build an IT Employee Engagement Program

    Don’t just measure engagement, act on it.

    Set Meaningful Employee Performance Measures

    Set holistic measures to inspire employee performance.

    Phase 1

    Establish the Foundation for Product Ownership

    Phase 1: Establish an environment for product owner success, Establish your product ownership model

    Mature and Scale Product Ownership

    This phase will walk you through the following activities:

    1.1.1 Define enablers and blockers of product management

    1.1.2 Define your product management roles and names

    1.1.3 Assess your product management readiness

    1.2.1 Identify your primary product owner perspective

    1.2.2 Define your product owner RACI

    This phase involves the following participants:

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Delivery managers
    • Business analysts

    Step 1.1

    Establish an environment for product owner success

    Activities

    1.1.1 Define enablers and blockers of product management

    1.1.2 Define your product management roles and names

    1.1.3 Assess your product management readiness

    Establish the foundation for product ownership

    This step involves the following participants:

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Delivery managers
    • Business analysts

    Outcomes of this step

    • Enablers and blockers
    • Role definitions

    Empower product owners as the true owners of their product

    Product ownership requires decision-making authority and accountability for the value realization from those decisions. POs are more than a proxy for stakeholders, aggregators for changes, and the communication of someone else’s priorities.

    “A Product Owner in its most beneficial form acts like an Entrepreneur, like a 'mini-CEO'. The Product Owner is someone who really 'owns' the product.”

    – Robbin Schuurman,
    “Tips for Starting Technical Product Managers”

    Info-Tech Best Practice

    Implement Info-Tech’s Product Owner Capability Model to help empower and hold product owners accountable for the maturity and success of their product. The product owner must understand how their product fits into the organization’s mission and strategy in order to align to enterprise value.

    Product and service owners share the same foundation and capabilities

    For the purpose of this blueprint, product/service and product owner/service owner are used interchangeably. The term “product” is used for consistency but applies to services, as well.

    Product = Service

    Common foundations: Focus on continuous improvement, ROI, and value realization. Clear vision, goals, roadmap, and backlog.

    “Product” and “service” are terms that each organization needs to define to fit its culture and customers (internal and external). The most important aspect is consistent use and understanding of:

    • External products
    • Internal products
    • External services
    • Internal services
    • Products as a service (PaaS)
    • Productizing services (SaaS)

    Define product ownership to match your culture and customers

    Characteristics of a discrete product:

    • Has end users or consumers
    • Delivers quantifiable value
    • Evolves or changes over time
    • Has predictable delivery
    • Has definable boundaries
    • Has a cost to produce and operate
    • Has a discrete backlog and roadmap of improvements

    What does not need a product owner?

    • Individual features
    • Transactions
    • Unstructured data
    • One-time solutions
    • Non-repeatable processes
    • Solutions that have no users or consumers
    • People or teams

    Info-Tech Insight

    • Products are long-term endeavors that don’t end after the project finishes.
    • Products mature and improve their ability to deliver value.
    • Products have a discrete backlog of changes to improve the product itself, separate from operational requests fulfilled by the product or service.

    Need help defining your products or services? Download our blueprint Deliver Digital Products at Scale.

    Connect roadmaps to value realization with KPIs

    Every roadmap item should have an expected realized value once it is implemented. The associate KPIs or OKRs determine if our goal was met. Any gap in value feedback back into the roadmap and backlog refinement.</p data-verified=

    " loading="lazy">

    Info-Tech Insight

    Every roadmap item should have an expected realized value once it is implemented. The associate KPIs or OKRs determine if our goal was met. Any gap in value feedback back into the roadmap and backlog refinement.

    Identify the differences between a project-centric and a product-centric organization

    Differences between Project centric and Product centric organizations in regards to: Funding, Prioritization, Accountability, Product management, Work allocation, and Capacity management.

    Info-Tech Insight

    Product delivery requires significant shifts in the way you complete development work and deliver value to your users. Make the changes that support improving end-user value and enterprise alignment.

    Projects can be a mechanism for funding product changes and improvements

    Projects lifecycle, hybrid lifecycle and product lifecycle. Period or periods of project development have parallel services that encompass a more product-based view.

    Projects withing products

    Regardless of whether you recognize yourself as a product-based or project-based shop, the same basic principles should apply.

    You go through a period or periods of project-like development to build a version of an application or product.

    You also have parallel services along with your project development, which encompasses a more product-based view. These may range from basic support and maintenance to full-fledged strategy teams or services like sales and marketing.

    Recognize common barriers to product management

    The transition to product ownership is a series of behavioral and cultural changes supported by processes and governance. It takes time and consistency to be successful.

    • Command and control structures
    • Lack of ownership and accountability
    • High instability in the market, demand, or organization
    • Lack of dedicated teams align to delivery, service, or product areas
    • Culture of one-off projects
    • Lack of identified and engaged stakeholders
    • Lack of customer exposure and knowledge

    Agile’s four core values

    “…while there is value in the items on the right, we value the items on the left more.”

    Source: “The Agile Manifesto”

    We value...

    We value being agile: Individuals and interactions, Working Software, Customer collaboration, Responding to change. Versus being prescriptive: Processes and tools, Comprehensive documentation, Contract negotiation, following a plan.

    Exercise 1.1.1 Define enablers and blockers of product management

    1 hour
    1. Identify and mitigate blockers of product management in your organization.
    2. What enablers will support strong product owners?
    3. What blockers will make the transition to product management harder?
    4. For each blocker, also define at least one mitigating step.
    Define enablers e.g. team culture. Define blockers and at least one mitigating step

    Output

    • Enablers and blockers

    Participants

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Business analysts

    Capture in the Mature and Scale Product Ownership Playbook.

    Align enterprise value through product families

    Product families are operational groups based on capabilities or business functions. Product family managers translate goals, priorities, and constraints so they are actionable at the next level. Product owners prioritize changes to enhance the capabilities that allow you to realize your product family. Enabling capabilities realize value and help reach your goals.

    Effective product delivery requires thinking about more than just a single product

    Good application and product management begins with strengthening good practices for a single or small set of applications, products, and services.

    Product portfolio

    Groups of product families within an overall value stream or capability grouping.

    Project portfolio manager

    Product family

    A collection of related products. Products can be grouped along architectural, functional, operational, or experiential patterns.

    Product family manager

    Product

    Single product composed of one or more applications and services.

    Product owner

    Info-Tech Insight

    Define the current roles that will perform the product management function or define consistent role names to product owners and managers.

    Exercise 1.1.2 Define your product management roles and names

    1-2 hour
    1. Identify the roles in which product management activities will be owned.
    2. Define a common set of role names and describe the role.
    3. Map the level of accountability for each role: Product or Product Family
    4. Product owner perspectives will be defined in the next step.

    Define roles, description and level of product accountability.

    Output

    • Role definitions

    Participants

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Business analysts

    Capture in the Mature and Scale Product Ownership Playbook.

    Use CLAIM to guide your journey

    Culture, Learning, Automation, Integrated teams, Metrics and governance.

    Value is best created by self-managing teams who deliver in frequent, short increments supported by leaders who coach them through challenges.

    Product-centric delivery and Agile are a radical change in how people work and think. Structured, facilitated learning is required throughout the transformation to help leaders and practitioners make the shift.

    Product management, Agile, and DevOps have inspired SDLC tools that have become a key part of delivery practices and work management.

    Self-organizing teams that cross business, delivery, and operations are essential to gain the full benefits of product-centric delivery.

    Successful implementations require the disciplined use of metrics that support developing better teams

    Exercise 1.1.3 Assess your product management readiness

    1 hour
    1. Open and complete the Mature and Scale Product Ownership Readiness Assessment in your Playbook or the provided Excel tool.
    2. Discuss high and low scores for each area to reach a consensus.
    3. Record your results in your Playbook.

    Assess your culture, learning, automation, Integrated teams, metrics and governance.

    Output

    • Assessment of product management readiness based on Info-Tech’s CLAIM+G model.

    Participants

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Business analysts

    Capture in the Mature and Scale Product Ownership Readiness Assessment.

    Communicate reasons for changes and how they will be implemented

    Five elements of communicating change: What is the change? Why are we doing it? How are we going to go about it? How long will it take us to do it? What will the role be for each department individual?

    Leaders of successful change spend considerable time developing a powerful change message; that is, a compelling narrative that articulates the desired end state, and that makes the change concrete and meaningful to staff.

    The organizational change message should:

    Step 1.2

    Establish your product ownership model

    Activities

    1.2.1 Identify your primary product owner perspective

    1.2.2 Define your product owner RACI

    Establish the foundation for product ownership

    This step involves the following participants:

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Delivery managers
    • Business analysts

    Outcomes of this step

    • Product owner perspective mapping
    • Product owner RACI

    Recognize the product owner perspectives

    The 3 product owner perspectives. 1. Business: Customer-facing, value-generating. 2. Technical: IT systems and tools. 3. Operations: Keep-the-lights-on processes.

    Product owners represent one of three primary perspectives. Although all share the same capabilities, how they approach their responsibilities is influenced by their primary perspective.

    Info-Tech Best Practice

    Product owners must translate needs and constraints from their perspective into the language of their audience. Kathy Borneman, Digital Product Owner at SunTrust Bank, noted the challenges of finding a common language between lines of business and IT (e.g. what is a unit?).

    Identify and align to product owner perspectives to ensure product success

    Product owner perspectives

    The 3 product owner perspectives. 1. Business: Customer-facing, value-generating. 2. Technical: IT systems and tools. 3. Operations: Keep-the-lights-on processes.
    1. Each product owner perspective provides important feedback, demand, and support for the product.
    2. Where a perspective is represented by a distinct role, the perspective is managed with that product owner.
    3. If separate roles don’t exist, the product owner must evaluate their work using two or three perspectives.
    4. The ultimate success of a product, and therefore product owner, is meeting the end-user value of the business product owner, tool support of the technical product owner, and manual processing support of the operations product owner.

    Line of business (LOB) product owners

    LOB product owners focus on the products and services consumed by the organization’s external consumers and users. The role centers on the market needs, competitive landscape, and operational support to deliver products and services.

    Business perspective

    • Alignment to enterprise strategy and priorities
    • Growth: market penetration and/or revenue
    • Perception of product value
    • Quality, stability, and predictability
    • Improvement and innovation
    • P&L
    • Market threats and opportunities
    • Speed to market
    • Service alignment
    • Meet or exceed individual goals

    Relationship to Operations

    • Customer satisfaction
    • Speed of delivery and manual processing
    • Continuity

    Relationship to Technical

    • Enabler
    • Analysis and insight
    • Lower operating and support costs

    Technical product owners

    Technical product owners are responsible for the IT systems, tools, platforms, and services that support business operations. Often they are identified as application or platform managers.

    Technical perspective

    • Application, application suite, or group of applications
    • Core platforms and tools
    • Infrastructure and networking
    • Third-party technology services
    • Enable business operations
    • Direct-to-customer product or service
    • Highly interconnected
    • Need for continuous improvement
    • End-of-life management
    • Internal value proposition and users

    Relationship to Business

    • Direct consumers
    • End users
    • Source of funding

    Relationship to Operations

    • End users
    • Process enablement or automation
    • Support, continuity, and manual intervention

    Operations (service) product owners

    Operational product owners focus on the people, processes, and tools needed for manual processing and decisions when automation is not cost-effective. Operational product owners are typically called service owners due to the nature of their work.

    Operational perspective

    • Business enablement
    • Continuity
    • Problem, incident, issue resolution
    • Process efficiency
    • Throughput
    • Error/defect avoidance
    • Decision enablement
    • Waste reduction
    • Limit time in process
    • Disaster recovery

    Relationship to Business

    • Revenue enablement
    • Manual intervention and processing
    • End-user satisfaction

    Relationship to Technical

    • Process enabler
    • Performance enhancement
    • Threat of automation

    Exercise 1.2.1 Identify your primary product owner perspective

    1 hour
    1. Identify which product owner perspective represents your primary focus.
    2. Determine where the other perspectives need to be part of your product roadmap or if they are managed by other product owners.

    Identify product/service name, identify product owner perspective, determine if other perspectives need to be part of roadmap.

    Output

    • Identification of primary product owner perspective.

    Participants

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Business analysts

    Capture in the Mature and Scale Product Ownership Playbook.

    Realign differences between project managers and product owners

    Differences between Project Manager and Product Owners in regards to: Funding, Prioritization, Accountability, Product management, Work allocation, and Capacity management.

    Manage and communicate key milestones

    Successful product owners understand and define the key milestones in their product delivery lifecycles. These need to be managed along with the product backlog and roadmap.

    Define key milestones and their product delivery life-cycles.

    Info-Tech Best Practice

    Product ownership isn’t just about managing the product backlog and development cycles. Teams need to manage key milestones such as learning milestones, test releases, product releases, phase gates, and other organizational checkpoints.

    Define who manages each key milestone

    Key milestones must be proactively managed. If a project manager is not available, those responsibilities need to be managed by the product owner or Scrum Master. Start with responsibility mapping to decide which role will be responsible.

    Example milestones and Project Manager, Product Owner and Team Facilitator.

    *Scrum Master, Delivery Manager, Team Lead

    Exercise 1.2.2 Define your product owner RACI

    60 minutes
    1. Review your product and project delivery methodologies to identify key milestones (including approvals, gates, reviews, compliance checks, etc.). List each milestone on a flip chart or whiteboard.
    2. For each milestone, define who is accountable for the completion.
    3. For each milestone, define who is responsible for executing the milestone activity. (Who does the work that allows the milestone to be completed?)
    4. Review any responsibility and accountability gaps and identify opportunities to better support and execute your operating model.
    5. If you previously completed Deliver Digital Products at Scale , review and update your RACI in the Mature and Scale Product Ownership Workbook .

    Define: Milestones, Project Manager, Product/service owner, Team Facilitator, and Other roles.

    Output

    • Product owner RACI

    Participants

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Business analysts

    Capture in the Mature and Scale Product Ownership Playbook.

    Phase 2

    Align Product Owners to Products

    Phase 2: Assign product owners to products, Manage stakeholder influence

    Mature and Scale Product Ownership

    This phase will walk you through the following activities:

    2.1.1 Assign resources to your products and families

    2.2.1 Visualize relationships to identify key influencers

    2.2.2 Group stakeholders into categories

    2.2.3 Prioritize your stakeholders

    This phase involves the following participants:

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Delivery managers
    • Business analysts

    Step 2.1

    Assign product owners to products

    Activities

    2.1.1 Assign resources to your products and families

    Align product owners to products

    This step involves the following participants:

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Delivery managers
    • Business analysts

    Outcomes of this step

    • Product resource assignment

    Match your product management role definitions to your product family levels

    Using the role definitions, you created in Exercise 1.1.2, determine which roles correspond to which levels of your product families.

    Product portfolio

    Groups of product families within an overall value stream or capability grouping.

    Project portfolio manager

    Product family

    A collection of related products. Products can be grouped along architectural, functional, operational, or experiential patterns.

    Product family manager

    Product

    Single product composed of one or more applications and services.

    Product owner

    Info-Tech Insight

    Define the current roles that will perform the product management function or define consistent role names to product owners and managers.

    Assign resources throughout your product families

    Project families are owned by a product manager. Product owners own each product that has a distinct backlog.

    Info-Tech Insight

    • Start by assigning resources to each product or product family box.
    • A product owner can be responsible for more than one product.
    • Ownership of more than one product does not mean they share the same backlog.
    • For help organizing your product families, please download Deliver Digital Products at Scale.

    Understand special circumstances

    In Deliver Digital Products at Scale , products were grouped into families using Info-Tech’s five scaling patterns. Assigning owners to Enterprise Applications and Shared Services requires special consideration.

    Value stream alignment

    • Business architecture
      • Value stream
      • Capability
      • Function
    • Market/customer segment
    • Line of business (LoB)
    • Example: Customer group > value stream > products

    Enterprise applications

    • Enabling capabilities
    • Enterprise platforms
    • Supporting apps
    • Example: HR > Workday/Peoplesoft > Modules Supporting: Job board, healthcare administrator

    Shared Services

    • Organization of related services into service family
    • Direct hierarchy does not necessarily exist within the family
    • Examples: End-user support and ticketing, workflow and collaboration tools

    Technical

    • Domain grouping of IT infrastructure, platforms, apps, skills, or languages
    • Often used in combination with Shared Services grouping or LoB-specific apps
    • Examples: Java, .NET, low-code, database, network

    Organizational alignment

    • Used at higher levels of the organization where products are aligned under divisions
    • Separation of product managers from organizational structure is no longer needed because the management team owns the product management role

    Map the source of demand to each product

    With enterprise applications and shared services, your demand comes from other product and service owners rather than end customers in a value stream.

    Enterprise applications

    • Primary demand comes from the operational teams and service groups using the platform.
    • Each group typically has processes and tools aligned to a module or portion of the overall platform.
    • Product owners determine end-user needs to assist with process improvement and automation.
    • Product family managers help align roadmap goals and capabilities across the modules and tools to ensure consistency and the alignment of changes.

    Shared services

    • Primary demand for shared services comes from other product owners and service managers whose solution or application is dependent on the shared service platform.
    • Families are grouped by related themes (e.g. workflow tools) to increase reusability, standard enterprise solutions, reduced redundancy, and consistent processes across multiple teams.
    • Product owners manage the individual applications or services within a family.

    Pattern: Enterprise applications

    A division or group delivers enabling capabilities and the team’s operational alignment maps directly to the modules/components of an enterprise application and other applications that support the specific business function.

    Workforce Management, Strategic HR, Talent Management, Core HR

    Example:

    • Human resources is one corporate function. Within HR, however, there are subfunctions that operate independently.
    • Each operational team is supported by one or more applications or modules within a primary HR system.
    • Even though the teams work independently, the information they manage is shared with, or ties into processes used by other teams. Coordination of efforts helps provide a higher level of service and consistency.

    For additional information about HRMS, please download Get the Most Out of Your HRMS.

    Assigning owners to enterprise applications

    Align your enterprise application owners to your operating teams that use the enterprise applications. Effectively, your service managers will align with your platform module owners to provide integrated awareness and planning.

    Family manager (top-level), Family managers (second-level) and Product owners.

    Pattern: Shared services

    Grouping by service type, knowledge area, or technology allows for specialization while families align service delivery to shared business capabilities.

    Grouping by service type, knowledge area, or technology allows for specialization while families align service delivery to shared business capabilities.

    Example:

    • Recommended for governance, risk, and compliance; infrastructure; security; end-user support; and shared platforms (workflow, collaboration, imaging/record retention). Direct hierarchies do not necessarily exist within the shared service family.
    • Service groupings are common for service owners (also known as support managers, operations managers, etc.).
    • End-user ticketing comes through a common request system, is routed to the team responsible for triage, and then is routed to a team for resolution.
    • Collaboration tools and workflow tools are enablers of other applications, and product families might support multiple apps or platforms delivering that shared capability.

    Assigning owners to shared services

    Assign owners by service type, knowledge area, or technology to provide alignment of shared business capabilities and common solutions.

    Family manager (top-level), Family managers (second-level) and Product owners.

    Map sources of demand and influencers

    Use the stakeholder analysis to define the key stakeholders and sources of demand for enterprise applications and shared services. Extend your mapping to include their stakeholders and influencers to uncover additional sources of demand and prioritization.

    Map of key stakeholders for enterprise applications and shared services.

    Info-Tech Insight

    Your product owner map defines the influence landscape your product operates. It is every bit as important as the teams who enhance, support, and operate your product directly.

    Combine your product owner map with your stakeholder map to create a comprehensive view of influencers.

    Exercise 2.1.1 Assign resources to your products and families

    1-4 hours
    1. Use the product families you completed in Deliver Digital Products at Scale to determine which products and product families need a resource assigned. Where the same resource fills more than one role, they are the product owner or manager for each independently.
    2. Product families that are being managed as products (one backlog for multiple products) should have one owner until the family is split into separate products later.
    3. For each product and family, define the following:
      • Who is the owner (role or person)?
      • Is ownership clearly defined?
      • Are there other stakeholders who make decisions for the product?
    4. Record the results in the Mature and Scale Product Ownership Workbook on the Product Owner Mapping worksheet.

    Output

    • Product owner and manager resource alignment.

    Participants

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Business analysts

    Capture in the Mature and Scale Product Ownership Playbook.

    Step 2.2

    Manage stakeholder influence

    Activities

    2.2.1 Visualize relationships to identify key influencers

    2.2.2 Group stakeholders into categories

    2.2.3 Prioritize your stakeholders

    Align product owners to products

    This step involves the following participants:

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Delivery managers
    • Business analysts

    Outcomes of this step

    • Stakeholder management strategy

    Develop a product owner stakeholder strategy

    Stakeholder management, Product lifecycle, Project delivery, Operational support.

    Stakeholders are a critical cornerstone to product ownership. They provide the context, alignment, and constraints that influence or control what a product owner can accomplish.

    Product owners operate within a network of stakeholders who represent different perspectives within the organization.

    First, product owners must identify members of their stakeholder network. Next, they should devise a strategy for managing stakeholders.

    Without a stakeholder strategy, product owners will encounter obstacles, resistance, or unexpected changes.

    Create a stakeholder network map to product roadmaps and prioritization

    Follow the trail of breadcrumbs from your direct stakeholders to their influencers to uncover hidden stakeholders.

    Create a stakeholder network map to product roadmaps and prioritization. Use connectors to determine who may be influencing your direct stakeholders.

    Info-Tech Insight

    Your stakeholder map defines the influence landscape your product operates. It is every bit as important as the teams who enhance, support, and operate your product directly.

    Use connectors to determine who may be influencing your direct stakeholders. They may not have any formal authority within the organization, but they may have informal yet substantive relationships with your stakeholders.

    Exercise 2.2.1 Visualize relationships to identify key influencers

    1 hour
    1. List direct stakeholders for your product.
    2. Determine the stakeholders of your stakeholders and consider adding each of them to the stakeholder list.
    3. Assess who has either formal or informal influence over your stakeholders; add these influencers to your stakeholder list.
    4. Construct a diagram linking stakeholders and their influencers together.
      • Use black arrows to indicate the direction of professional influence.
      • Use dashed green arrows to indicate informal bidirectional influence relationships.
    5. Record the results in the Mature and Scale Product Ownership Workbook .

    Output

    • Relationships among stakeholders and influencers

    Participants

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Business analysts

    Capture in the Mature and Scale Product Ownership Playbook.

    Categorize your stakeholders with a prioritization map

    A stakeholder prioritization map helps product owners categorize their stakeholders by their level of influence and ownership in the product and/or teams.

    Influence versus Ownership/Interest

    There are four areas on the map, and the stakeholders within each area should be treated differently.

    • Players have a high interest in the initiative and the influence to effect change over the initiative. Their support is critical, and a lack of support can cause significant impediments to the objectives.
    • Mediators have a low interest but significant influence over the initiative. They can help to provide balance and objective opinions to issues that arise.
    • Noisemakers have low influence but high interest. They tend to be very vocal and engaged, either positively or negatively but have little ability to enact their wishes.
    • Spectators are generally apathetic and have little influence over or interest in the initiative.

    Exercise 2.2.2 Group stakeholders into categories

    1 hour
    1. Identify your stakeholders’ interest in and influence on your Agile implementation as high, medium, or low by rating the attributes below.
    2. Map your results to the model below to determine each stakeholder’s category.
    3. Record the results in the Mature and Scale Product Ownership Workbook .

    Influence versus Ownership/Interest with CMO, CIO and Product Manager in assigned areas.

    Output

    • Categorization of stakeholders and influencers

    Participants

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Business analysts

    Capture in the Mature and Scale Product Ownership Playbook.

    Prioritize your stakeholders

    There may be too many stakeholders to be able to manage them all. Focus your attention on the stakeholders that matter most.

    Stakeholder category versus level of support.

    Consider the three dimensions of stakeholder prioritization: influence, interest, and support. Support can be determined by rating the following question: How likely is it that your stakeholder would recommend your product? These parameters are used to prioritize which stakeholders are most important and should receive your focused attention. The table to the right indicates how stakeholders are ranked.

    Exercise 2.2.3 Prioritize your stakeholders

    1 hour
    1. Identify the level of support of each stakeholder by answering the following question: How likely is it that your stakeholder would endorse your product?
    2. Prioritize your stakeholders using the prioritization scheme on the previous slide.
    3. Record the results in the Mature and Scale Product Ownership Workbook .

    Stakeholder, Category, level of support, prioritization.

    Output

    • Stakeholder and influencer prioritization

    Participants

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Business analysts

    Capture in the Mature and Scale Product Ownership Playbook.

    Define strategies for engaging stakeholders by type

    Authority Vs. Ownership/Interest.

    Type

    Quadrant

    Actions

    Players

    		 High influence, high interest – actively engage Keep them updated on the progress of the project. Continuously involve players in the process and maintain their engagement and interest by demonstrating their value to its success.

    Mediators

    		 High influence, low interest – keep satisfied They can be the game changers in groups of stakeholders. Turn them into supporters by gaining their confidence and trust and including them in important decision-making steps. In turn, they can help you influence other stakeholders.

    Noisemakers

    		 Low influence, high interest – keep informed Try to increase their influence (or decrease it if they are detractors) by providing them with key information, supporting them in meetings, and using mediators to help them.

    Spectators

    		 Low influence, low interest – monitor They are followers. Keep them in the loop by providing clarity on objectives and status updates.

    Info-Tech Insight

    Each group of stakeholders draws attention and resources away from critical tasks. By properly identifying your stakeholder groups, the product owner can develop corresponding actions to manage stakeholders in each group. This can dramatically reduce wasted effort trying to satisfy spectators and noisemakers while ensuring the needs of mediators and players are met.

    Phase 3

    Mature Product Owner Capabilities

    Phase 3: Assess your Agile product owner readiness, Mature product owner capabilities.

    Mature and Scale Product Ownership

    This phase will walk you through the following activities:

    3.1.1 Assess your real Agile skill proficiency

    3.2.1 Assess your vision capability proficiency

    3.2.2 Assess your leadership capability proficiency

    3.2.3 Assess your PLM capability proficiency

    3.2.4 Identify your business value drivers and sources of value

    3.2.5 Assess your value realization capability proficiency

    This phase involves the following participants:

    • Product owners
    • Product managers

    Step 3.1

    Assess your Agile product owner readiness

    Activities

    3.1.1 Assess your real Agile skill proficiency

    Mature product owner capabilities

    This step involves the following participants:

    • Product owners
    • Product managers

    Outcomes of this step

    • Real Agile skill proficiency assessment

    Why focus on core skills?

    They are the foundation to achieve business outcomes

    Skills, actions, output and outcomes

    The right skills development is only possible with proper assessment and alignment against outcomes.

    Being successful at Agile is more than about just doing Agile

    The following represents the hard skills needed to “Do Agile”:

    Being successful at Agile needs 4 hard skills: 1. Engineering skills, 2. Technician Skills, 3. Framework/Process skills, 4. Tools skills.

    • Engineering skills. These are the skills and competencies required for building brand-new valuable software.
    • Technician skills. These are the skills and competencies required for maintaining and operating the software delivered to stakeholders.
    • Framework/Process skills. These are the specific knowledge skills required to support engineering or technician skills.
    • Tools skills. This represents the software that helps you deliver other software.

    While these are important, they are not the whole story. To effectively deliver software, we believe in the importance of being Agile over simply doing Agile.

    Adapted from: “Doing Agile” Is Only Part of the Software Delivery Pie

    Focus on these real Agile skills

    Agile skills

    • Accountability
    • Collaboration
    • Comfort with ambiguity
    • Communication
    • Empathy
    • Facilitation
    • Functional decomposition
    • Initiative
    • Process discipline
    • Resilience

    Info-Tech research shows these are the real Agile skills to get started with

    Skill Name

    Description

    Accountability

    		 Refers to the state of being accountable. In an Agile context, it implies transparency, dedication, acting responsibly, and doing what is necessary to get the job done.

    Collaboration

    		Values diverse perspectives and working with others to achieve the best output possible. Effective at working toward individual, team, department, and organizational goals.

    Comfort with ambiguity

    		Allows you to confidently take the next steps when presented with a problem without having all the necessary information present.

    Communication

    		Uses different techniques to share information, concerns, or emotions when a situation arises, and it allows you to vary your approach depending on the current phase of development.

    Empathy

    		Is the ability to understand and share the feelings of another to better serve your team and your stakeholders.

    Facilitation

    		Refers to guiding and directing people through a set of conversations and events to learn and achieve a shared understanding.

    Functional decomposition

    		Is being able to break down requirements into constituent epics and stories.

    Initiative

    		Is being able to anticipate challenges and then act on opportunities that lead to better business outcomes.

    Process discipline

    		Refers to the focus of following the right steps for a given activity at the right time to achieve the right outcomes.

    Resilience

    		Refers to the behaviors, thoughts, and actions that allow a person to recover from stress and adversity.

    Accountability

    An accountable person:

    • Takes ownership of their own decisions and actions and is responsible for the quality of results.
    • Recognizes personal accountabilities to others, including customers.
    • Works well autonomously.
    • Ensures that the mutual expectations between themselves and others are clearly defined.
    • Takes the appropriate actions to ensure that obligations are met in a timely manner.
    • As a leader, takes responsibility for those being led.

    Accountability drives high performance in teams and organizations

    • The performance level of teams depends heavily on accountability and who demonstrates it:
      • In weak teams, there is no accountability.
      • In mediocre teams, supervisors demonstrate accountability.
      • In high-performance teams, peers manage most performance problems through joint accountability. (Grenny, 2014)
    • According to Bain & Company, accountability is the third most important attribute of high-performing companies. Some of the other key attributes include honest, performance-focused, collaborative, and innovative. (Mankins, 2013)

    All components of the employee empowerment driver have a strong, positive correlation with engagement.

    Employee empowerment and Correlation with engagement.

    Source: McLean & Company Engagement Database, 2018; N=71,794

    Accountability

    Your Score: ____

    1 - Foundational: Transitioning and Growing

    2 - Capable/Competent: Core Contributor

    3 - Influential: Gifted Improver

    4 - Transformational: Towering Strength
    • Alerts others to possible problems in a timely manner.
    • Seeks appropriate support to solve problems.
    • Actively contributes to the creation and evaluation of possible solutions.
    • Acts on solutions selected and decisions made as directed.
    • Makes effective decisions about how to complete work tasks.
    • Demonstrates the capability of breaking down concrete issues into parts and synthesizing information succinctly.
    • Collects and analyzes information from a variety of sources.
    • Seeks information and input to fully understand the cause of problems.
    • Takes action to address obstacles and problems before they impact performance and results.
    • Initiates the evaluation of possible solutions to problems.
    • Makes effective decisions about work task prioritization.
    • Appropriately assesses risks before deciding.
    • Effectively navigates through ambiguity, using multiple data points to analyze issues and identify trends.
    • Does not jump to conclusions.
    • Draws logical conclusions and provides opinions and recommendations with confidence.
    • Takes ownership over decisions and their consequences.
    • Demonstrates broad knowledge of information sources that can be used to assess problems and make decisions.
    • Invests time in planning, discovery, and reflection to drive better decisions.
    • Effectively leverages hard data as inputs to making decisions.
    • Garners insight from abstract data and makes appropriate decisions.
    • Coaches others in effective decision-making practices.
    • Has the authority to solve problems and make decisions.
    • Thinks several steps ahead in deciding the best course of action, anticipating likely outcomes, risks, or implications.
    • Establishes metrics to aid in decision-making, for self and teams
    • Prioritizes objective and ambiguous information and analyzes this when making decisions.
    • Solicits a diverse range of opinions and perspectives as inputs to decision making.
    • Applies frameworks to decision making, particularly in situations that have little base in prior experience.
    • Makes effective decisions about organizational priorities.
    • Holds others accountable for their decisions and consequences.
    • Creates a culture of empowerment and trust to facilitate effective problem solving and decision making.
    • Makes sound decisions that have organization-wide consequences and that influence future direction.

    Collaboration as a skill

    The principles and values of Agile revolve around collaboration.

    • Works well with others on specialized and cross-functional teams.
    • Can self-organize while part of a team.
    • Respects the commitments that others make.
    • Identifies and articulates dependencies.
    • Values diverse perspectives and works with others to achieve the best output possible.
    • Effective at working toward individual, team, department, and organizational goals.
    The principles and values of Agile revolve around collaboration. Doing what was done before (being prescriptive), going though the motions (doing Agile), living the principles (being Agile)

    Collaboration

    The Agile Manifesto has three principles that focus on collaboration:

    1. The business and developers must work together daily throughout the project.
    2. Build projects around motivated individuals. Give them the environment and support they need and trust them to get the job done.
    3. The most efficient and effective method of conveying information to and within a development team is face-to-face conversation.

    Effective collaboration supports Agile behaviors, including embracing change and the ability to work iteratively.

    Collaboration

    Your Score: ____

    1 - Foundational: Transitioning and Growing

    2 - Capable/Competent: Core Contributor

    3 - Influential: Gifted Improver

    4 - Transformational: Towering Strength

    • Understands role on the team and the associated responsibilities and accountabilities.
    • Treats team members with respect.
    • Contributes to team decisions and to the achievement of team goals and objectives.
    • Demonstrates a positive attitude.
    • Works cross-functionally to achieve common goals and to support the achievement of other team/department goals.
    • Values working in a diverse team and understands the importance of differing perspectives to develop unique solutions or ideas.
    • Fosters team camaraderie, collaboration, and cohesion.
    • Understands the impact of one's actions on the ability of team members to do their jobs.
    • Respects the differences other team members bring to the table by openly seeking others' opinions.
    • Helps the team accomplish goals and objectives by breaking down shared goals into smaller tasks.
    • Approaches challenging team situations with optimism and an open mind, focusing on coming to a respectful conclusion.
    • Makes suggestions to improve team engagement and effectiveness.
    • Supports implementation of team decisions.
    • Professionally gives and seeks feedback to achieve common goals.
    • Values working in a diverse team and understands the importance of differing perspectives to develop unique solutions or ideas.
    • Motivates the team toward achieving goals and exceeding expectations.
    • Reaches out to other teams and departments to build collaborative, cross-functional relationships.
    • Creates a culture of collaboration that leverages team members' strengths, even when the team is remote or virtual.
    • Participates and encourages others to participate in initiatives that improve team engagement and effectiveness.
    • Builds consensus to make and implement team decisions, often navigating through challenging task or interpersonal obstacles.
    • Values leading a diverse team and understands the importance of differing perspectives to develop unique solutions or ideas.
    • Creates a culture of collaboration among teams, departments, external business partners, and all employee levels.
    • Breaks down silos to achieve inter-departmental collaboration.
    • Demonstrates ownership and accountability for team/department/ organizational outcomes.
    • Uses an inclusive and consultative approach in setting team goals and objectives and making team decisions.
    • Coaches others on how to identify and proactively mitigate potential points of team conflict.
    • Recognizes and rewards teamwork throughout the organization.
    • Provides the tools and resources necessary for teams to succeed.
    • Values diverse teams and understands the importance of differing perspectives to develop unique solutions or ideas.

    Comfort with ambiguity

    Ability to handle ambiguity is a key factor in Agile success.

    • Implies the ability to maintain a level of effectiveness when all information is not present.
    • Able to confidently act when presented with a problem without all information present.
    • Risk and uncertainty can comfortably be handled.
    • As a result, can easily adapt and embrace change.
    • People comfortable with ambiguity demonstrate effective problem-solving skills.

    Relative importance of traits found in Agile teams

    1. Handles ambiguity
    2. Agreeable
    3. Conscientious

    Comfort with ambiguity

    Your Score: ____

    1 - Foundational: Transitioning and Growing

    2 - Capable/Competent: Core Contributor

    3 - Influential: Gifted Improver

    4 - Transformational: Towering Strength

    • Requires most information to be present before carrying out required activities.
    • Can operate with some information missing.
    • Comfortable asking people within their known circles for help.
    • Significant time is taken to reveal small pieces of information.
    • More adept at operating with information missing.
    • Willing to reach out to people outside of their regular circles for assistance and clarification.
    • Able to apply primary and secondary research methods to fill in the missing pieces.
    • Can operate essentially with a statement and a blank page.
    • Able to build a plan, drive others and themselves to obtain the right information to solve the problem.
    • Able to optimize only pulling what is necessary to answer the desired question and achieve the desired outcome.

    Communication

    Even though many organizations recognize its importance, communication is one of the root causes of project failure.

    Project success vs Communication effectiveness. Effective communications is associated with a 17% increase in finishing projects within budget.

    56%

    56% of the resources spent on a project are at risk due to ineffective communications.

    PMI, 2013.

    29%

    In 29% of projects started in the past 12 months, poor communication was identified as being one of the primary causes of failure.

    PMI, 2013.

    Why are communication skills important to the Agile team?

    It’s not about the volume, it’s about the method.

    • Effectively and appropriately interacts with others to build relationships and share ideas and information.
    • Uses tact and diplomacy to navigate difficult situations.
    • Relays key messages by creating a compelling story, targeted toward specific audiences.

    Communication effectiveness, Activity and Effort required.

    Adapted From: Agile Modeling

    Communication

    Your Score:____

    1 - Foundational: Transitioning and Growing

    2 - Capable/Competent: Core Contributor

    3 - Influential: Gifted Improver

    4 - Transformational: Towering Strength

    • Actively listens, learns through observation, and uses clear and precise language.
    • Possesses an open and approachable demeanor, with a positive and constructive tone.
    • Demonstrates interest in the thoughts and feelings of others.
    • Considers potential responses of others before speaking or acting.
    • Checks own understanding of others’ communication by repeating or paraphrasing.
    • Demonstrates self-control in stressful situations.
    • Provides clear, concise information to others via verbal or written communication.
    • Seeks to understand others' points of view, looking at verbal and non-verbal cues to encourage open and honest discussions.
    • Invites and encourages others to participate in discussions.
    • Projects a sincere and genuine tone.
    • Remains calm when dealing with others who are upset or angry.
    • Provides and seeks support to improve communication.
    • Does not jump to conclusions or act on assumptions.
    • Tailors messages to meet the different needs of different audiences.
    • Accurately interprets responses of others to their words and actions.
    • Provides feedback effectively and with empathy.
    • Is a role model for others on how to effectively communicate.
    • Ensures effective communication takes place at the departmental level.
    • Engages stakeholders using appropriate communication methods to achieve desired outcomes.
    • Creates opportunities and forums for discussion and idea sharing.
    • Demonstrates understanding of the feelings, motivations, and perspectives of others, while adapting communications to anticipated reactions.
    • Shares insights about their own strengths, weaknesses, successes, ad failures to show empathy and help others relate.
    • Discusses contentious issues without getting defensive and maintains a professional tone.
    • Coaches others on how to communicate effectively and craft targeted messages.
    • Sets and exemplifies standards for respectful and effective communications in the organization.
    • Comfortably delivers strategic messages supporting their function and the organization at the enterprise level.
    • Communicates with senior-level executives on complex organizational issues.
    • Promotes inter-departmental communication and transparency.
    • Achieves buy-in and consensus from people who share widely different views.
    • Shares complex messages in clear, understandable language.
    • Accurately interprets how they are perceived by others.
    • Rallies employees to communicate ideas and build upon differing perspectives to drive innovation.

    Empathy

    Empathy is the ability to understand and share the feelings of another in order to better serve your team and your stakeholders. There are three kinds:

    Cognitive

    Thought, understanding, intellect

    • Knowing how someone else feels and what they might be thinking.
    • Contributes to more effective communication.

    Emotional

    Feelings, physical sensation

    • You physically feel the emotions of the other person.
    • Helps build emotional connections with others.

    Compassionate

    Intellect, emotion with action

    • Along with understanding, you take action to help.

    How is empathy an Agile skill?

    Empathy enables you to serve your team, your customers, and your organization

    Serving the team

    • Primary types: Emotional and compassionate empathy.
    • The team is accountable for delivery.
    • By being able to empathize with the person you are talking to, complex issues can be addressed.
    • A lack of empathy leads to a lack of collaboration and being able to go forward on a common path.

    Serving your customers and stakeholders

    • Primary type: Cognitive empathy.
    • Agile enables the delivery of the right value at the right time to your stakeholders
    • Translating your stakeholders' needs requires an understanding of who they are as people. This is done through observations, interviews and conversations.
    • Leveraging empathy maps and user-story writing is an effective tool.

    Empathy

    Your Score: ____

    1 - Foundational: Transitioning and Growing

    2 - Capable/Competent: Core Contributor

    3 - Influential: Gifted Improver

    4 - Transformational: Towering Strength

    • Knowing how someone else feels and what they might be thinking.
    • Ability to build emotional connections with others.
    • Able to harness emotional connections to achieve tangible and experiential outcomes.
    • Demonstrates an awareness of different feelings and ways of thinking by both internal and external stakeholders.
    • Limited ability to make social connections with others outside of the immediate team.
    • Able to connect with similarly minded people to improve customer/stakeholder satisfaction. (Insights into action)
    • Able to interact and understand others with vastly different views.
    • Lack of agreement does not stop individual. from asking questions, understanding, and pushing the conversation forward

    Facilitation

    It’s not just your manager’s problem.

    “Facilitation is the skill of moderating discussions within a group in order to enable all participants to effectively articulate their views on a topic under discussion, and to ensure that participants in the discussion are able to recognize and appreciate the differing points of view that are articulated.” (IIBA, 2015)

    • Drives action through influence, often without authority.
    • Leads and impacts others' thinking, decisions, or behavior through inclusive practices and relationship building.
    • Encourages others to self-organize and hold themselves accountable.
    • Identifies blockers and constructively removes barriers to progress.

    Facilitation

    Your Score: ____

    1 - Foundational: Transitioning and Growing

    2 - Capable/Competent: Core Contributor

    3 - Influential: Gifted Improver

    4 - Transformational: Towering Strength

    • Drives action through influence, often without authority.
    • Leads and impacts others' thinking, decisions, or behavior through inclusive practices and relationship building.
    • Encourages others to self-organize and hold themselves accountable.
    • Identifies blockers and constructively removes barriers to progress.
    • Maps and executes processes effectively.
    • Uses facts and concrete examples to demonstrate a point and gain support from others.
    • Openly listens to the perspectives of others.
    • Builds relationships through honest and consistent behavior.
    • Understands the impact of their own actions and how others will perceive it.
    • Identifies impediments to progress.
    • Anticipates the effect of one's approach on the emotions and sensitivities of others.
    • Practices active listening while demonstrating positivity and openness.
    • Customizes discussion and presentations to include "what’s in it for me" for the audience.
    • Presents compelling information to emphasize the value of an idea.
    • Involves others in refining ideas or making decisions in order to drive buy-in and action.
    • Knows how to appropriately use influence to achieve outcomes without formal authority.
    • Seeks ways and the help of others to address barriers or blockers to progress.
    • Leverages a planned approach to influencing others by identifying stakeholder interests, common goals, and potential barriers.
    • Builds upon successes to gain acceptance for new ideas.
    • Facilitates connections between members of their network for the benefit of the organization or others.
    • Demonstrates the ability to draw on trusting relationships to garner support for ideas and action.
    • Encourages a culture that allows space for influence to drive action.
    • Adept at appropriately leveraging influence to achieve business unit outcomes.
    • Actively manages the removal of barriers and blockers for teams.

    Functional decomposition

    It’s not just a process, it’s a skill.

    “Functional decomposition helps manage complexity and reduce uncertainty by breaking down processes, systems, functional areas, or deliverables into their simpler constituent parts and allowing each part to be analyzed independently."

    (IIBA, 2015)

    Being able to break down requirements into constituent consumable items (example: epics and user stories).

    Start: Strategic Initiatives. 1: Epics. 2: Capabilities. 3: Features. End: Stories.

    Use artifact mapping to improve functional decomposition

    In our research, we refer to these items as epics, capabilities, features, and user stories. How you develop your guiding principles and structure your backlog should be based on the terminology and artifact types commonly used in your organization.

    Agile, Waterfall, Relationship, Decomposition skill most in demand, definition.

    Functional Decomposition

    Your Score: ____

    1 - Foundational: Transitioning and Growing

    2 - Capable/Competent: Core Contributor

    3 - Influential: Gifted Improver

    4 - Transformational: Towering Strength

    • Able to decompose items with assistance from other team members.
    • Able to decompose items independently, ensuring alignment with business value.
    • Able to decompose items independently and actively seeks out collaboration opportunities with relevant SME's during and after the refinement process to ensure completion.
    • Able to decompose items at a variety of granularity levels.
    • Able to teach and lead others in their decomposition efforts.
    • Able to quickly operate at different levels of the requirements stack.

    Initiative and self-organization

    A team that takes initiative can self-organize to solve critical problems.

    • "The best architectures, requirements, and designs emerge from self-organizing teams." (Agile Manifesto)
    • In a nutshell, the initiative represents the ability to anticipate challenges and act on opportunities that lead to better business outcomes.
    • Anticipates challenges and acts on opportunities that lead to better business outcomes.
    • Thinks critically and is motivated to use both specialist expertise and general knowledge.
    • Driven by the delivery of business value and better business outcomes.
    • Empowers others to act and is empowered and self-motivated.

    Initiative and self-organization

    Your Score: ____

    1 - Foundational: Transitioning and Growing

    2 - Capable/Competent: Core Contributor

    3 - Influential: Gifted Improver

    4 - Transformational: Towering Strength

    • Demonstrates awareness of an opportunity or issue which is presently occurring or is within the immediate work area.
    • Reports an opportunity or issue to the appropriate person.
    • Acts instead of waiting to be asked.
    • Willingly takes on challenges, even if they fall outside their area of expertise.
    • Is proactive in identifying issues and making recommendations to resolve them.
    • Within the scope of the work environment, takes action to improve processes or results, or to resolve problems.
    • Not deterred by obstacles.
    • Tackles challenges that require risk taking.
    • Procures the necessary resources, team and technical support to enable success.
    • Assists others to get the job done.
    • Demonstrates awareness of an opportunities or issues which are in the future or outside the immediate work area.
    • Typically exceeds the expectations of the job.
    • Learns new technology or skills outside their specialization so that they can be a more effective team member.
    • Recommends solutions to enhance results or prevent potential issues.
    • Drives implementation of new processes within the team to improve results.
    • Able to provide recommendations on plans and decisions that are strategic and future-oriented for the organization.
    • Identifies areas of high risk or of organizational level impact.
    • Able to empower significant recourses from the organization to enable success.
    • Leads long-term engagements that result in improved organizational capabilities and processes.

    Process discipline

    A common misconception is that Agile means no process and no discipline. Effective Agile teams require more adherence to the right processes to create a culture of self-improvement.

    • Refers to the focus of following the right steps for a given activity at the right time to achieve the right outcomes.
    • Focus on following the right steps for a given activity at the right time to achieve desired outcomes.
    Example: Scrum Ceremonies during a sprint (1 - 4 weeks/sprint). 1: Sprint planning, 2: Daily scrum, 3: Sprint review, 4: Sprint retrospective.

    Process discipline

    Your Score: ____

    1 - Foundational: Transitioning and Growing

    2 - Capable/Competent: Core Contributor

    3 - Influential: Gifted Improver

    4 - Transformational: Towering Strength

    • Demonstrates awareness of the key processes and steps that are needed in a given situation.
    • Limited consistency in following processes and limited understanding of the 'why' behind the processes.
    • Aware and follows through with key agile processes in a consistent manner.
    • Demonstrates not only the knowledge of processes but understands the 'why' behind their existence.
    • Aware and follows through with key agile processes in a consistent manner.
    • Demonstrates understanding of not only why specific processes exist but can suggest changes to improve efficiency, consistency, and outcomes.

    N/A -- Maximum level is '3

    Resilience

    If your team hits the wall, don’t let the wall hit them back.

    • Resilience is critical for an effective Agile transformation. A team that demonstrates resilience always exhibits:
    • Evolution over transformation – There is a recognition that changes happen over time.
    • Intensity and productivity – A race is not won by the ones who are the fastest, but by the ones who are the most consistent. Regardless of what comes up, the team can push through.
    • That organizational resistance is futile – Given that it is working on the right objectives, the team needs to demonstrate a consistency of approach and intensity regardless of what may stand in its way.
    • Refers to the behaviors, thoughts, and actions that allow a person to recover from stress and adversity.

    How resilience aligns with Agile

    A team is not “living the principles” without resilience.

    1. Purpose

      Aligns with: “Our highest priority is to satisfy the customer through early and continuous delivery of valuable software.” The vision or goals may not be clear in certain circumstances and can be difficult to relate to a single work item. Being able to intrinsically source and harness a sense of purpose becomes more important, especially as a self-organizing team.

    2. Perseverance

      Aligns with: “Agile processes harness change for the customer's competitive advantage.” Perseverance enables teams to continuously deliver at a steady pace, addressing impediments or setbacks and continuing to move forward.

    3. Composure

      Aligns with: “Agile processes promote sustainable development,” and “At regular intervals, the team reflects ... and adjusts its behavior accordingly.”
      When difficult situations arise, composure allows us to understand perspectives, empathize with customers, accept late changes, and sustain a steady pace.

    4. Self-Reliance

      Aligns with: “The best architectures, requirements, and designs emerge from self-organizing teams.” Knowing oneself, recognizing strengths, and drawing on past successes, can be a powerful aid in creating high-performing Agile teams

    5. Authenticity

      Aligns with: “At regular intervals, the team reflects … and adjusts its behavior accordingly,” and “Build projects around motivated individuals.”
      When difficult situations arise, authenticity is crucial. “For example, being able to openly disclose areas outside of your strengths in sprint planning or being able to contribute constructively toward self-organization.”

    Adapted from: Why Innovation, 2019.

    Resilience

    Your Score: ____

    1 - Foundational: Transitioning and Growing

    2 - Capable/Competent: Core Contributor

    3 - Influential: Gifted Improver

    4 - Transformational: Towering Strength

    • Easily distracted and stopped by moderately stressful and challenging situations.
    • Requires significant help from others to get back on track.
    • Not frequently able (or knows) how to ask for help
    • Handles typical stresses and challenges for the given role.
    • Able to get back on track with limited assistance.
    • Able to ask for help when they need it.
    • Quality of work unaffected by an increase in pressures and challenges.
    • Handles stresses and challenges what is deemed above and beyond their given role.
    • Able to provide advice to others on how to handle difficult and challenging situations.
    • Quality of work and outcomes is maintained and sometimes exceeded as pressure increases.
    • Team looks to this individual as being the gold standard on how to approach any given problem or situation.
    • Directly mentors others on approaches in situations regardless of the level of challenge.

    Exercise 1.2.1 Identify your primary product owner perspective

    1 hour
    1. Review each real Agile skill and determine your current proficiency.
    2. Complete your assessment in the Mature and Scale Product Owner Proficiency Assessment tool.
    3. Record the results in the Mature and Scale Product Ownership Playbook.
    4. Review the skills map to identify strengths and areas of growth.

    Accountability, Collaboration, Comfort in Ambiguity, Communication, Empathy, Facilitation, Functional Decomposition, Initiative, Process Discipline, Resilience.

    Output

    • Agile skills assessment results.

    Participants

    • Product owners
    • Product managers

    Capture in the Mature and Scale Product Owner Proficiency Assessment.

    Determine your Agile skills proficiency: Edit chart data to plot your scores or add your data points and connect the lines.

    Step 3.2

    Mature product owner capabilities

    Activities

    3.2.1 Assess your vision capability proficiency

    3.2.2 Assess your leadership capability proficiency

    3.2.3 Assess your PLM capability proficiency

    3.2.4 Identify your business value drivers and sources of value

    3.2.5 Assess your value realization capability proficiency

    Mature product owner capabilities

    This step involves the following participants:

    • Product owners
    • Product managers

    Outcomes of this step

    • Info-Tech product owner capability model proficiency assessment

    Product capabilities deliver value

    As a product owner, you are responsible for managing these facets through your capabilities and activities.

    The core product and value stream consists of: Funding - Product management and governance, Business functionality - Stakeholder and relationship management, and Technology - Product delivery.

    Info-Tech Best Practice

    It is easy to lose sight of what matters when we look at a product from a single point of view . Despite what "The Agile Manifesto" says, working software is not valuable without the knowledge and support that people need in order to adopt, use, and maintain it. If you build it, they will not come. Product owners must consider the needs of all stakeholders when designing and building products.

    Recognize product owner knowledge gaps

    Pulse survey of product owners

    Pulse survey of product owners. Graph shows large percentage of respondents have alignment to common agile definition of product owners. Yet a significant perception gap in P&L, delivery, and analytics.

    Info-Tech Insight

    1. Less than 15% of respondents identified analytics or financial management as a key component of product ownership.
    2. Assess your product owner’s capabilities and understanding to develop a maturity plan.

    Source: Pulse Survey (N=18)

    Implement the Info-Tech product owner capability model

    Unfortunately, most product owners operate with incomplete knowledge of the skills and capabilities needed to perform the role. Common gaps include focusing only on product backlogs, acting as a proxy for product decisions, and ignoring the need for key performance indicators (KPIs) and analytics in both planning and value realization.

    Product Owner capabilities: Vision, Product Lifecycle Management, Leadership, Value Realization

    Vision

    • Market Analysis
    • Business Alignment
    • Product Roadmap

    Leadership

    • Soft Skills
    • Collaboration
    • Decision Making

    Product Lifecycle Management

    • Plan
    • Build
    • Run

    Value Realization

    • KPIs
    • Financial Management
    • Business Model

    Product owner capabilities provide support

    Vision predicts impact of Value realization. Value realization provides input to vision

    Your vision informs and aligns what goals and capabilities are needed to fulfill your product or product family vision and align with enterprise goals and priorities. Each item on your roadmap should have corresponding KPIs or OKRs to know how far you moved the value needle. Value realization measures how well you met your target, as well as the impacts on your business value canvas and cost model.

    Product lifecycle management builds trust with Leadership. Leadership improves quality of Product lifecycle management.

    Your leadership skills improve collaborations and decisions when working with your stakeholders and product delivery teams. This builds trust and improves continued improvements to the entire product lifecycle. A product owner’s focus should always be on finding ways to improve value delivery.

    Product owner capabilities provide support

    Leadership enhances Vision. Vision Guides Product Lifecycle Management. Product Lifecycle Management delivers Value Realization. Leadership enhances Value Realization

    Develop product owner capabilities

    Each capability: Vision, Product lifecycle management, Value realization and Leadership has 3 components needed for successful product ownership.

    Avoid common capability gaps

    Vision

    • Focusing solely on backlog grooming (tactical only)
    • Ignoring or failing to align product roadmap to enterprise goals
    • Operational support and execution
    • Basing decisions on opinion rather than market data
    • Ignoring or missing internal and external threats to your product

    Leadership

    • Failing to include feedback from all teams who interact with your product
    • Using a command-and-control approach
    • Viewing product owner as only a delivery role
    • Acting as a proxy for stakeholder decisions
    • Avoiding tough strategic decisions in favor of easier tactical choices

    Product lifecycle management

    • Focusing on delivery and not the full product lifecycle
    • Ignoring support, operations, and technical debt
    • Failing to build knowledge management into the lifecycle
    • Underestimating delivery capacity, capabilities, or commitment
    • Assuming delivery stops at implementation

    Value realization

    • Focusing exclusively on “on time/on budget” metrics
    • Failing to measure a 360-degree end-user view of the product
    • Skipping business plans and financial models
    • Limiting financial management to project/change budgets
    • Ignoring market analysis for growth, penetration, and threats

    Capabilities: Vision

    Market Analysis

    • Customer Empathy: Identify the target users and unique value your product provides that is not currently being met. Define the size of your user base, segmentation, and potential growth.
    • Customer Journey: Define the future path and capabilities your users will respond to.
    • Competitive analysis: Complete a SWOT analysis for your end-to-end product lifecycle. Use Info-Tech’s Business SWOT Analysis Template.

    Business Alignment

    • Enterprise alignment: Align to enterprise and product family goals, strategies, and constraints.
    • Delivery and release strategy: Develop a delivery strategy to achieve value quickly and adapt to internal and external changes. Value delivery is constrained by your delivery pipeline.
    • OCM and go-to-market strategy: Create organizational change management, communications, and a user implementation approach to improve adoption and satisfaction from changes.

    Product Roadmap

    • Roadmap strategy: Determine the duration, detail, and structure of your roadmap to accurately communicate your vision.
    • Value prioritization: Define criteria used to evaluate and sequence demand items.
    • Release and capacity planning: Build your roadmap with realistic goals and milestones based on your delivery pipeline and dependencies.

    “Customers are best heard through many ears.”

    – Thomas K. Connellan, Inside the Magic Kingdom

    Vision: Market Analysis, Business Alignment, and Product Roadmap.

    Info-Tech Insight

    Data comes from many places and may still not tell the complete story.

    Build your product strategy playbook

    Complete Deliver on Your Digital Product Vision to define your Vision, Goals, Roadmap approach, and Backlog quality filters.

    Digital Product Strategy Supporting Workbook

    Supporting workbook that captures the interim results from a number of exercises that will contribute to your overall digital product vision.

    Product Backlog Item Prioritization Tool

    An optional tool to help you capture your product backlog and prioritize based on your given criteria

    Product Roadmap Tool

    An optional tool to help you build out and visualize your first roadmap.

    Your Digital Product Vision Details Strategy

    Record the results from the exercises to help you define, detail, and make real your digital product vision.

    Your product vision is your North Star

    It's ok to dream a little!

    Who is the target customer, what is the key benefit, what do they need, what is the differentiator

    Adapted from: Geoffrey Moore, 2014.

    Info-Tech Best Practice

    A product vision shouldn’t be so far out that it doesn’t feel real or so short-term that it gets bogged down in minutiae and implementation details. Finding the right balance will take some trial and error and will be different for each organization.

    Use product roadmaps to guide delivery

    In Deliver on Your Digital Product Vision, we showed how the product roadmap is key to value realization. As a product owner, the product roadmap is your communicated path to align teams and changes to your defined goals, while aligning your product to enterprise goals and strategy.

    As a product owner, the product roadmap is your communicated path to align teams and changes to your defined goals, while aligning your product to enterprise goals and strategy

    Info-Tech Best Practice

    Info-Tech Best Practice Product delivery requires a comprehensive set of business and technical competencies to effectively roadmap, plan, deliver, support, and validate your product portfolio. Product delivery is a “multi-faceted, complex discipline that can be difficult to grasp and hard to master.” It will take time to learn and adopt methods and become a competent product manager or owner (“What Is Product Management?”, Pichler Consulting Limited).

    Match your roadmap and backlog to the needs of the product

    Ultimately, you want products to be able to respond faster to changes and deliver value sooner. The level of detail in the roadmap and backlog is a tool to help the product owner plan for change. The duration of your product roadmap is all directly related to the tier of product owner in the product family.

    The level of detail in the roadmap and backlog is a tool to help the product owner plan for change. The duration of your product roadmap is all directly related to the tier of product owner in the product family.

    Product delivery realizes value for your product family

    While planning and analysis are done at the family level, work and delivery are done at the individual product level.

    Product strategy includes: Vision, Goals, Roadmap, backlog and Release plan.

    Use artifact mapping to improve functional decomposition

    In our research, we refer to these items as epics, capabilities, features, and user stories. How you develop your guiding principles and structure your backlog should be based on the terminology and artifact types commonly used in your organization.

    Agile, Waterfall, Relationship, Decomposition skill most in demand, definition.

    Manage and communicate key milestones

    Successful product owners understand and define the key milestones in their product delivery lifecycles. These need to be managed along with the product backlog and roadmap.

    Define key milestones and their release dates.

    Info-Tech Best Practice

    Product ownership isn’t just about managing the product backlog and development cycles! Teams need to manage key milestones such as learning milestones, test releases, product releases, phase gates, and other organizational checkpoints!

    Milestones

    • Points in the timeline when the established set of artifacts is complete (feature-based), or checking status at a particular point in time (time-based).
    • Typically assigned a date and used to show the progress of development.
      • Plays an important role when sequencing different types of artifacts.

    Release dates

    • Releases mark the actual delivery of a set of artifacts packaged together in a new version of the product.
    • Release dates, firm or not, allow stakeholders to anticipate when this is coming.

    Leverage the product canvas to state and inform your product vision

    Leverage the product Canvas to state and inform your product vision. Includes: Product name, Tracking info, Vision, List of business objectives or goals, Metrics used to measure value realization, List of groups who consume the product/service, and List of key resources or stakeholders.

    Capability: Vision

    Your Score: ____

    1 - Foundational: Transitioning and Growing

    2 - Capable/Competent: Core Contributor

    3 - Influential: Gifted Improver

    4 - Transformational: Towering Strength

    • Product backlog.
    • Basic roadmap with milestones and releases.
    • Unprioritized stakeholder list.
    • Understanding of product’s purpose and value.
    • Customers and end-users defined with core needs identified.
    • Roadmap with goals and capabilities defined by themes and set to appropriate time horizons.
    • Documented stakeholder management plan with communication and collaboration aligned to the stakeholder strategy.
    • Value drivers traced to product families and enterprise goals.
    • Customer personas defined with pain relievers and value creators defined.
    • Fully-developed roadmap traced to family (and child) roadmaps.
    • Expected ROI for all current and next roadmap items.
    • KPIs/OKRs used to improve roadmap prioritization and sequencing.
    • Proactive stakeholder engagement and reviews.
    • Cross-functional engagement to align opportunities and drive enterprise value.
    • Formal metrics to assess customer needs and value realization.
    • Roadmaps managed in an enterprise system for full traceability, value realization reporting, and views for defined audiences.
    • Proactive stakeholder engagement with regular planning and review ceremonies tied to their roadmaps and goals.
    • Cross-functional innovation to find disruptive opportunities to drive enterprise value.
    • Omni-channel metrics and customer feedback mechanisms to proactively evaluate goals, capabilities, and value realization.

    Exercise 3.2.1 Assess your Vision capability proficiency

    1 hour
    1. Review the expectations for this capability and determine your current proficiency for each skill.
    2. Complete your assessment in the Mature and Scale Product Owner Proficiency Assessment tool.
    3. Record the results in the Mature and Scale Product Ownership Playbook.
    4. Review the skills map to identify strengths and areas of growth.

    Output

    • Product owner capability assessment

    Participants

    • Product owners
    • Product managers

    Capture in the Mature and Scale Product Owner Proficiency Assessment.

    Capabilities: Leadership

    Soft Skills

    • Communication: Maintain consistent, concise, and appropriate communication using SMART guidelines (specific, measurable, attainable, relevant, and timely).
    • Integrity: Stick to your values, principles, and decision criteria for the product to build and maintain trust with your users and teams.
    • Influence: Manage stakeholders using influence and collaboration over contract negotiation.

    Collaboration

    • Stakeholder management: Build a communications strategy for each stakeholder group, tailored to individual stakeholders.
    • Relationship management: Use every interaction point to strengthen relationships, build trust, and empower teams.
    • Team development: Promote development through stretch goals and controlled risks to build team capabilities and performance.

    Decision Making

    • Prioritized criteria: Remove personal bias by basing decisions off data analysis and criteria.
    • Continuous improvement: Balance new features with the need to ensure quality and create an environment of continuous improvement.
    • Team empowerment/negotiation: Push decisions to teams closest to the problem and solution, using Delegation Poker to guide you.

    “Everything walks the walk. Everything talks the talk.”

    – Thomas K. Connellan, Inside the Magic Kingdom

    Leadership: Soft skills, collaboration, decision making.

    Info-Tech Insight

    Product owners cannot be just a proxy for stakeholder decisions. The product owner owns product decisions and management of all stakeholders.

    Capability: Leadership

    Your Score: ____

    1 - Foundational: Transitioning and Growing

    2 - Capable/Competent: Core Contributor

    3 - Influential: Gifted Improver

    4 - Transformational: Towering Strength

    • Activities are prioritized with minimal direction and/or assistance.
    • Progress self-monitoring against objectives with leadership apprised of deviations against plan.
    • Facilitated decisions from stakeholders or teams.
    • Informal feedback on performance and collaboration with teams.
    • Independently prioritized activities and provide direction or assistance to others as needed.
    • Managed issue resolution and provided guidance on goals, priorities, and constraints.
    • Product decision ownership with input from stakeholders, SMEs, and delivery teams.
    • Formal product management retrospectives with tracked and measured changes to improve performance.
    • Consulted in the most challenging situations to provide subject matter expertise on leading practices and industry standards.
    • Provide mentoring and coaching to your peers and/or teammates.
    • Use team empowerment, pushing decisions to the lowest appropriate level based on risk and complexity.
    • Mature and flexible communication.
    • Provide strategies and programs ensuring all individuals in the delivery organization obtain the level of coaching and supervision required for success in their position.
    • Provide leadership to the organization’s coaches ensuring delivery excellence across the organization.
    • Help develop strategic initiatives driving common approaches and utilizing information assets and processes across the enterprise.

    Exercise 3.2.2 Assess your Leadership capability proficiency

    1 hour
    1. Review the expectations for this capability and determine your current proficiency for each skill.
    2. Complete your assessment in the Mature and Scale Product Owner Proficiency Assessment tool.
    3. Record the results in the Mature and Scale Product Ownership Playbook.
    4. Review the skills map to identify strengths and areas of growth.

    Output

    • Product owner capability assessment

    Participants

    • Product owners
    • Product managers

    Capture in the Mature and Scale Product Owner Proficiency Assessment.

    Capability: Product lifecycle management

    Plan

    • Product backlog: Follow a schedule for backlog intake, grooming, updates, and prioritization.
    • Journey map: Create an end-user journey map to guide adoption and loyalty.
    • Fit for purpose: Define expected value and intended use to ensure product meets your end user’s needs.

    Build

    • Capacity management: Work with operations and delivery teams to ensure consistent and stable outcomes.
    • Release strategy: Build learning, release, and critical milestones into a repeatable release plan.
    • Compliance: Build policy compliance into delivery practices to ensure alignment and reduce avoidable risk (privacy, security).

    Run

    • Adoption: Focus attention on end-user adoption and proficiency to accelerate value and maximize retention.
    • Support: Build operational support and business continuity into every team.
    • Measure: Measure KPIs and validate expected value to ensure product alignment to goals and consistent product quality.

    “Pay fantastic attention to detail. Reward, recognize, celebrate.”

    – Thomas K. Connellan, Inside the Magic Kingdom

    Product Lifecycle Management: Plan, Build, Run

    Info-Tech Insight

    Product owners must actively manage the full lifecycle of the product.

    Define product value by aligning backlog delivery with roadmap goals

    In each product plan, the backlogs show what you will deliver. Roadmaps identify when and in what order you will deliver value, capabilities, and goals.

    In each product plan, the backlogs show what you will deliver. Roadmaps identify when and in what order you will deliver value, capabilities, and goals.

    A backlog stores and organizes PBIs at various stages of readiness

    A backlog stores and organizes PBIs at different levels of readiness. Stage 3 - Ideas are composed of raw, vague ideas that have yet to go through any formal valuation. Stage 2 - Qualified are researched and qualified PBIs awaiting refinement. Stage 1 - Ready are Discrete, refined RBIs that are read to be placed in your development team's sprint plans.

    A well-formed backlog can be thought of as a DEEP backlog:

    Detailed Appropriately: PBIs are broken down and refined, as necessary.

    Emergent: The backlog grows and evolves over time as PBIs are added and removed.

    Estimated: The effort a PBI requires is estimated at each tier.

    Prioritized: The PBI’s value and priority are determined at each tier.

    (Perforce, 2018)

    Distinguish your specific goals for refining in the product backlog vs. planning for a sprint itself

    Often backlog refinement is used interchangeably or considered a part of sprint planning. The reality is they are very similar, as the required participants and objectives are the same; however, there are some key differences.

    Backlog refinement versus Sprint planning. Differences in Objectives, Cadence and Participants

    Use quality filters to promote high value items into the delivery pipeline

    Product backlog has quality filters such as: Backlogged, Qualified and Ready. Sprint backlog has a backlog of accepted PBI's

    Basic scrum process

    The scrum process coordinates multiple stakeholders to deliver on business priorities.

    Prioritized Backlog, Sprint Backlog, Manage Delivery, Sprint Review, Product Release

    Capability: Product lifecycle management

    Your Score: ____

    1 - Foundational: Transitioning and Growing

    2 - Capable/Competent: Core Contributor

    3 - Influential: Gifted Improver

    4 - Transformational: Towering Strength

    • Informal or undocumented intake process.
    • Informal or undocumented delivery lifecycle.
    • Unstable or unpredictable throughput or quality.
    • Informal or undocumented testing and release processes.
    • Informal or undocumented organizational change management planning for each release.
    • Informal or undocumented compliance validation with every release.
    • Documented intake process with stakeholder prioritization of requests.
    • Consistent delivery lifecycle with stable and predictable throughput with an expected range of delivery variance.
    • Formal and documented testing and release processes.
    • Organizational change management planning for each major release.
    • Compliance validation with every major release.
    • Intake process using value drivers and prioritization criteria to sequence all items.
    • Consistent delivery lifecycle with stable and predictable throughput with little variance.
    • Risk-based and partially automated testing and release processes.
    • Organizational change management planning for all releases.
    • Automated compliance validation with every major release.
    • Intake process using enterprise value drivers and prioritization criteria to sequence all items.
    • Stable Agile DevOps with low variability and automation.
    • Risk-based automated and manual testing.
    • Multiple release channels based on risk. Automated build, validation, and rollback capabilities.
    • Cross-channel, integrated organizational change management for all releases.
    • Automated compliance validation with every change or release.

    Exercise 3.2.3 Assess your PLM capability proficiency

    1 hour
    1. Review the expectations for this capability and determine your current proficiency for each skill.
    2. Complete your assessment in the Mature and Scale Product Owner Proficiency Assessment tool.
    3. Record the results in the Mature and Scale Product Ownership Playbook.
    4. Review the skills map to identify strengths and areas of growth.

    Output

    • Product owner capability assessment

    Participants

    • Product owners
    • Product managers

    Capture in the Mature and Scale Product Owner Proficiency Assessment.

    Capabilities: Value realization

    Key performance indicators (KPIs)

    • Usability and user satisfaction: Assess satisfaction through usage monitoring and end-user feedback.
    • Value validation: Directly measure performance against defined value proposition, goals, and predicted ROI.
    • Fit for purpose: Verify the product addresses the intended purpose better than other options.

    Financial management

    • P&L: Manage each product as if it were its own business with profit and loss statements.
    • Acquisition cost/market growth: Define the cost of acquiring a new consumer, onboarding internal users, and increasing product usage.
    • User retention/market share: Verify product usage continues after adoption and solution reaches new user groups to increase value.

    Business model

    • Defines value proposition: Dedicate your primary focus to understanding and defining the value your product will deliver.
    • Market strategy and goals: Define your acquisition, adoption, and retention plan for users.
    • Financial model: Build an end-to-end financial model and plan for the product and all related operational support.

    “The competition is anyone the customer compares you with.”

    – Thomas K. Connellan, Inside the Magic Kingdom

    Value Realization: KPIs, Financial management, Business model

    Info-Tech Insight

    Most organizations stop with on-time and on-budget. True financial alignment needs to define and manage the full lifecycle P&L.

    Use a balanced value to establish a common definition of goals and value

    Value drivers are strategic priorities aligned to our enterprise strategy and translated through our product families. Each product and change has an impact on the value driver helping us reach our enterprise goals.

    Importance of the value driver multiplied by the Impact of value score is equal to the Value score.

    Info-Tech Insight

    Your value drivers and impact helps estimate the expected value of roadmap items, prioritize roadmap and backlog items, and identify KPIs and OKRs to measure value realization and actual impact.

    Include balanced value as one criteria to guide better decisions

    Your balanced value is just one of many criteria needed to align your product goals and sequence roadmap items. Feasibility, delivery pipeline capacity, shared services, and other factors may impact the prioritization of backlog items.

    Build your balanced business value score by using four key value drivers.

    Determine your value drivers

    Competent organizations know that value cannot always be represented by revenue or reduced expenses. However, it is not always apparent how to envision the full spectrum of sources of value. Dissecting value by benefit type and the value source’s orientation allows you to see the many ways in which a product or service brings value to the organization.

    Business value matrix

    Graph with 4 quadrants representing Outward versus Inward, and Financial benefit versus Human benefit. The quadrants are Reach customers, Increase revenue/demonstrate value, Enhance services, Reduce costs.

    Financial benefits vs. improved capabilities

    Financial benefits refer to the degree to which the value source can be measured through monetary metrics and is often quite tangible.

    Human benefits refer to how a product or service can deliver value through a user’s experience.

    Inward vs. outward orientation

    Inward refers to value sources that have an internal impact and improve your organization’s effectiveness and efficiency in performing its operations.

    Outward refers to value sources that come from your interaction with external factors, such as the market or your customers.

    Exercise 3.2.4 Identify your business value drivers and sources of value

    1 hour
    1. Brainstorm the different types of business value that you produce on the sticky notes (one item per page). Draw from examples of products in your portfolio.
    2. Identify the most important value items for your organization (two to three per quadrant).
    3. Record the results in the Mature and Scale Product Ownership Workbook.

    Output

    • Product owner capability assessment

    Participants

    • Product owners
    • Product managers

    Capture in the Mature and Scale Product Ownership Workbook.

    My business value sources

    Graph with 4 quadrants representing Outward versus Inward, and Financial benefit versus Human benefit. The quadrants are Reach customers, Increase revenue/demonstrate value, Enhance services, Reduce costs.

    Capability: Value realization

    Your Score: ____

    1 - Foundational: Transitioning and Growing

    2 - Capable/Competent: Core Contributor

    3 - Influential: Gifted Improver

    4 - Transformational: Towering Strength

    • Product canvas or basic product positioning overview.
    • Simple budget or funding mechanism for changes.
    • Product demos and informal user feedback mechanisms.
    • Business value canvas or basic business model tied to roadmap funding.
    • Product funding tied to roadmap milestones and prioritization.
    • Defined KPIs /OKRs for roadmap delivery throughput and value realization measurement.
    • Business model with operating cost structures, revenue/value traceability, and market/user segments.
    • Scenario-based roadmap funding alignment.
    • Roadmap aligned KPIs /OKRs for delivery throughput and value realization measurement as a key factor in roadmap prioritization.
    • Business model tied to enterprise operating costs and value realization KPIs/OKRs.
    • P&L roadmap and cost accounting tied to value metrics.
    • Roadmap aligned enterprise and scenario-based KPIs /OKRs for delivery throughput and value realization measurement as a key factor in roadmap prioritization.

    Exercise 3.2.5 Assess your value realization capability proficiency

    1 hour
    1. Review the expectations for this capability and determine your current proficiency for each skill.
    2. Complete your assessment in the Mature and Scale Product Owner Proficiency Assessment tool.
    3. Record the results in the Mature and Scale Product Ownership Playbook.
    4. Review the skills map to identify strengths and areas of growth.

    Output

    • Product owner capability assessment

    Participants

    • Product owners
    • Product managers

    Capture in the Mature and Scale Product Owner Proficiency Assessment.

    Determine your product owner capability proficiency in regards to: Vision, Leadership, Product Lifecycle, and Value Realization

    Summary of Accomplishment

    Problem solved.

    Product ownership can be one of the most difficult challenges facing delivery and operations teams. By focusing on operational grouping and alignment of goals, organizations can improve their value realization at all levels in the organization.

    The foundation for delivering and enhancing products and services is rooted in the same capability model. Traditionally, product owners have focused on only a subset of skills and capabilities needed to properly manage and grow their products. The product owner capability model is a useful tool to ensure optimal performance from product owners and assess the right level of detail for each product within the product families.

    Congratulations. You’ve completed a significant step toward higher-value products and services.

    If you would like additional support, have our analysts guide you through other phases as apart of an Info-Tech workshop

    Contact your account representative for more information

    workshops@infotech.com
    1-888-670-8889

    Additional Support

    If you would like additional support, have our analysts guide you through other phases as apart of an Info-Tech workshop

    Contact your account representative for more information
    workshops@infotech.com 1-888-670-8889

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    3.1.1 Assess your real Agile skill proficiency

    Assess your skills and capabilities against the real Agile skills inventory

    2.2.3 Prioritize your stakeholders

    Build a stakeholder management strategy.

    Research Contributors and Experts

    Emily Archer

    Lead Business Analyst,
    Enterprise Consulting, authentic digital agency

    Emily Archer is a consultant currently working with Fortune 500 clients to ensure the delivery of successful projects, products, and processes. She helps increase the business value returned for organizations’ investments in designing and implementing enterprise content hubs and content operations, custom web applications, digital marketing, and e-commerce platforms.

    David Berg

    Founder & CTO
    Strainprint Technologies Inc.

    David Berg is a product commercialization expert who has spent the last 20 years delivering product management and business development services across a broad range of industries. Early in his career, David worked with product management and engineering teams to build core network infrastructure products that secure and power the internet we benefit from today. David’s experience also includes working with clean technologies in the area of clean power generation, agritech, and Internet of Things infrastructure. Over the last five years, David has been focused on his latest venture, Strainprint Technologies, a data and analytics company focused on the medical cannabis industry. Strainprint has built the largest longitudinal medical cannabis dataset in the world, with a goal to develop an understanding of treatment behavior, interactions, and chemical drivers to guide future product development.

    Research Contributors and Experts

    Kathy Borneman

    Digital Product Owner, SunTrust Bank

    Kathy Borneman is a senior product owner who helps people enjoy their jobs again by engaging others in end-to-end decision making to deliver software and operational solutions that enhance the client experience and allow people to think and act strategically.

    Charlie Campbell

    Product Owner, Merchant e-Solutions

    Charlie Campbell is an experienced problem solver with the ability to quickly dissect situations and recommend immediate actions to achieve resolution, liaise between technical and functional personnel to bridge the technology and communication gap, and work with diverse teams and resources to reach a common goal.

    Research Contributors and Experts

    Yarrow Diamond

    Sr. Director, Business Architecture
    Financial Services

    Yarrow Diamond is an experienced professional with expertise in enterprise strategy development, project portfolio management, and business process reengineering across financial services, healthcare and insurance, hospitality, and real estate environments. She has a master’s in Enterprise Architecture from Penn State University, LSSMBB, PMP, CSM, ITILv3.

    Cari J. Faanes-Blakey, CBAP, PMI-PBA

    Enterprise Business Systems Analyst,
    Vertex, Inc.

    Cari J. Faanes-Blakey has a history in software development and implementation as a Business Analyst and Project Manager for financial and taxation software vendors. Active in the International Institute of Business Analysis (IIBA), Cari participated on the writing team for the BA Body of Knowledge 3.0 and the certification exam.

    Research Contributors and Experts

    Kieran Gobey

    Senior Consultant Professional Services
    Blueprint Software Systems

    Kieran Gobey is an IT professional with 24 years of experience, focused on business, technology, and systems analysis. He has split his career between external and internal customer-facing roles, and this has resulted in a true understanding of what is required to be a Professional Services Consultant. His problem-solving skills and ability to mentor others have resulted in successful software implementations.

    Kieran’s specialties include deep system troubleshooting and analysis skills, facilitating communications to bring together participants effectively, mentoring, leadership, and organizational skills.

    Rupert Kainzbauer

    VP Product, Digital Wallets
    Paysafe Group

    Rupert Kainzbauer is an experienced senior leader with a passion for defining and delivering products that deliver real customer and commercial benefit. With a team of highly experienced and motivated product managers, he has successfully led highly complex, multi-stakeholder payments initiatives, from proposition development and solution design through to market delivery. Their domain experience is in building online payment products in high-risk and emerging markets, remittance, prepaid cards, and mobile applications.

    Research Contributors and Experts

    Saeed Khan

    Founder,
    Transformation Labs

    Saeed Khan has been working in high tech for 30 years in Canada and the US and has held several leadership roles in Product Management in that time. He speaks regularly at conferences and has been writing publicly about technology product management since 2005.

    Through Transformation Labs, Saeed helps companies accelerate product success by working with product teams to improve their skills, practices, and processes. He is a cofounder of ProductCamp Toronto and currently runs a Meetup group and global Slack community called Product Leaders; the only global community of senior level product executives.

    Hoi Kun Lo

    Product Owner
    Nielsen

    Hoi Kun Lo is an experienced change agent who can be found actively participating within the IIBA and WITI groups in Tampa, FL and a champion for Agile, architecture, diversity, and inclusion programs at Nielsen. She is currently a Product Owner in the Digital Strategy team within Nielsen Global Watch Technology.

    Research Contributors and Experts

    Abhishek Mathur

    Sr Director, Product Management
    Kasisto, Inc.

    Abhishek Mathur is a product management leader, an artificial intelligence practitioner, and an educator. He has led product management and engineering teams at Clarifai, IBM, and Kasisto to build a variety of artificial intelligence applications within the space of computer vision, natural language processing, and recommendation systems. Abhishek enjoys having deep conversations about the future of technology and helping aspiring product managers enter and accelerate their careers.

    Jeff Meister

    Technology Advisor and Product Leader

    Jeff Meister is a technology advisor and product leader. He has more than 20 years of experience building and operating software products and the teams that build them. He has built products across a wide range of industries and has built and led large engineering, design, and product organizations.

    Jeff most recently served as Senior Director of Product Management at Avanade, where he built and led the product management practice. This involved hiring and leading product managers, defining product management processes, solution shaping and engagement execution, and evangelizing the discipline through pitches, presentations, and speaking engagements.

    Jeff holds a Bachelor of Applied Science (Electrical Engineering) and a Bachelor of Arts from the University of Waterloo, an MBA from INSEAD (Strategy), and certifications in product management, project management, and design thinking.

    Research Contributors and Experts

    Vincent Mirabelli

    Principal,
    Global Project Synergy Group

    With over 10 years of experience in both the private and public sectors, Vincent Mirabelli possesses an impressive track record of improving, informing, and transforming business strategy and operations through process improvement, design and re-engineering, and the application of quality to business analysis, project management, and process improvement standards.

    Oz Nazili

    VP, Product & Growth
    TWG

    Oz Nazili is a product leader with a decade of experience in both building products and product teams. Having spent time at funded startups and large enterprises, he thinks often about the most effective way to deliver value to users. His core areas of interest include Lean MVP development and data-driven product growth.

    Research Contributors and Experts

    Mike Starkey

    Director of Engineering
    W.W. Grainger

    Mike Starkey is a Director of Engineering at W.W. Grainger, currently focusing on operating model development, digital architecture, and building enterprise software. Prior to joining W.W. Grainger, Mike held a variety of technology consulting roles throughout the system delivery lifecycle spanning multiple industries such as healthcare, retail, manufacturing, and utilities with Fortune 500 companies.

    Anant Tailor

    Cofounder and Head of Product
    Dream Payments Corp.

    Anant Tailor is a cofounder at Dream Payments where he currently serves as the COO and Head of Product, having responsibility for Product Strategy & Development, Client Delivery, Compliance, and Operations. He has 20+ years of experience building and operating organizations that deliver software products and solutions for consumers and businesses of varying sizes.

    Prior to founding Dream Payments, Anant was the COO and Director of Client Services at DonRiver Inc, a technology strategy and software consultancy that he helped to build and scale into a global company with 100+ employees operating in seven countries.

    Anant is a Professional Engineer with a Bachelor degree in Electrical Engineering from McMaster University and a certificate in Product Strategy & Management from the Kellogg School of Management at Northwestern University.

    Research Contributors and Experts

    Angela Weller

    Scrum Master, Businessolver

    Angela Weller is an experienced Agile business analyst who collaborates with key stakeholders to attain their goals and contributes to the achievement of the company’s strategic objectives to ensure a competitive advantage. She excels when mediating or facilitating teams.

    Related Info-Tech Research

    Product Delivery

    Deliver on Your Digital Product Vision

    Build a product vision your organization can take from strategy through execution.

    Deliver Digital Products at Scale

    Deliver value at the scale of your organization through defining enterprise product families.

    Build Your Agile Acceleration Roadmap

    Quickly assess the state of your Agile readiness and plan your path forward to higher value realization.

    Implement Agile Practices That Work

    Improve collaboration and transparency with the business to minimize project failure.

    Implement DevOps Practices That Work

    Streamline business value delivery through the strategic adoption of DevOps practices.

    Extend Agile Practices Beyond IT

    Further the benefits of Agile by extending a scaled Agile framework to the business.

    Build Your BizDevOps Playbook

    Embrace a team sport culture built around continuous business-IT collaboration to deliver great products.

    Embed Security Into the DevOps Pipeline

    Shift security left to get into DevSecOps.

    Spread Best Practices With an Agile Center of Excellence

    Facilitate ongoing alignment between Agile teams and the business with a set of targeted service offerings.

    Enable Organization-Wide Collaboration by Scaling Agile

    Execute a disciplined approach to rolling out Agile methods in the organization.

    Related Info-Tech Research

    Application Portfolio Management

    APM Research Center

    See an overview of the APM journey and how we can support the pieces in this journey.

    Application Portfolio Management Foundations

    Ensure your application portfolio delivers the best possible return on investment.

    Streamline Application Maintenance

    Effective maintenance ensures the long-term value of your applications.

    Streamline Application Management

    Move beyond maintenance to ensuring exceptional value from your apps.

    Build an Application Department Strategy

    Delivering value starts with embracing what your department can do.

    Embrace Business-Managed Applications

    Empower the business to implement their own applications with a trusted business-IT relationship

    Optimize Applications Release Management

    Facilitate ongoing alignment between Agile teams and the business with a set of targeted service offerings.

    Related Info-Tech Research

    Value, Delivery Metrics, Estimation

    Build a Value Measurement Framework

    Focus product delivery on business value–driven outcomes.

    Select and Use SDLC Metrics Effectively

    Be careful what you ask for, because you will probably get it.

    Application Portfolio Assessment: End User Feedback

    Develop data-driven insights to help you decide which applications to retire, upgrade, re-train on, or maintain to meet the demands of the business.

    Create a Holistic IT Dashboard

    Mature your IT department by measuring what matters.

    Refine Your Estimation Practices With Top-Down Allocations

    Don’t let bad estimates ruin good work.

    Estimate Software Delivery With Confidence

    Commit to achievable software releases by grounding realistic expectations.

    Reduce Time to Consensus With an Accelerated Business Case

    Expand on the financial model to give your initiative momentum.

    Optimize Project Intake, Approval, and Prioritization

    Deliver more projects by giving yourself the voice to say “no” or “not yet” to new projects.

    Enhance PPM Dashboards and Reports

    Facilitate ongoing alignment between Agile teams and the business with a set of targeted service offerings.

    Related Info-Tech Research

    Organizational Design and Performance

    Redesign Your IT Organizational Structure

    Focus product delivery on business value-driven outcomes.

    Build a Strategic IT Workforce Plan

    Have the right people, in the right place, at the right time.

    Implement a New Organizational Structure

    Reorganizations are inherently disruptive. Implement your new structure with minimal pain for staff while maintaining IT performance throughout the change.

    Build an IT Employee Engagement Program

    Don’t just measure engagement, act on it

    Set Meaningful Employee Performance Measures

    Set holistic measures to inspire employee performance.

    Bibliography (Product Management)

    “12th Annual State of Agile Report.” VersionOne, 9 April 2018. Web.

    A, Karen. “20 Mental Models for Product Managers.” Product Management Insider, Medium, 2 Aug. 2018. Web.

    Adams, Paul. “Product Teams: How to Build & Structure Product Teams for Growth.” Inside Intercom, 30 Oct. 2019. Web.

    Aghina, Handscomb, Ludolph, West, and Abby Yip, “How to select and develop individuals for successful agile teams: A practical guide” McKinsey & Company 20 Dec. 2018. Web.

    Agile Alliance. “Product Owner.” Agile Alliance. n.d. Web.

    Ambler, Scott W. "Communication on Agile Software Teams“, Agile Modeling. 2001-2022. Web.

    Ambysoft. “2018 IT Project Success Rates Survey Results.” Ambysoft. 2018. Web.

    Banfield, Richard, et al. “On-Demand Webinar: Strategies for Scaling Your (Growing) Enterprise Product Team.” Pluralsight, 31 Jan. 2018. Web.

    Beck, Beedle, van Bennekum, Cockburn, Cunningham, Fowler, Grenning, Highsmith, Hunt, Jeffries, Kern, Marick, Martin, Mellor, Schwaber, Sutherland, Thomas, "Manifesto for Agile Software Development." agilemanifesto.org. 2001

    Berez, Steve, et al. “How to Plan and budget for Agile at Scale.” Bain & Company, 08 Oct 2019. Web

    Blueprint. “10 Ways Requirements Can Sabotage Your Projects Right From the Start.” Blueprint. 2012. Web.

    Breddels, Dajo, and Paul Kuijten. “Product Owner Value Game.” Agile2015 Conference, Agile Alliance 2015. Web.

    Cagan, Martin. “Behind Every Great Product.” Silicon Valley Product Group. 2005. Web.

    Cohn, Mike. “What Is a Product?” Mountain Goat Software. 6 Sept. 2016. Web.

    Connellan, Thomas K. Inside the Magic Kingdom, Bard Press, 1997.

    Curphey, Mark. “Product Definition.” SlideShare, 25 Feb. 2007. Web.

    “Delegation Poker Product Image.” Management 3.0, n.d. Web.

    Distel, Dominic, et al. “Finding the sweet spot in product-portfolio management.’ McKinsey, 4 Dec. 2020. Web

    Eringa, Ron. “Evolution of the Product Owner.” RonEringa.com, 12 June 2016. Web.

    Fernandes, Thaisa. “Spotify Squad Framework - Part I.” PM101, Medium, 6 Mar. 2017. Web.

    Galen, Robert. “Measuring Product Ownership – What Does ‘Good’ Look Like?” RGalen Consulting, 5 Aug. 2015. Web.

    Grenny, Joseph. “The Best Teams Hold Themselves Accountable.” Harvard Business Review, 30 May 2014. Web.

    Halisky, Merland, and Luke Lackrone. “The Product Owner’s Universe.” Agile2016 Conference, Agile Alliance, 2016. Web.

    Bibliography (Product Management)

    IIBA "A Guide to the Business Analysis Body of Knowledge® (BABOK® Guide) v3" IIBA. 15 APR 2015

    Kamer, Jurriaan. “How to Build Your Own ‘Spotify Model’.” The Ready, Medium, 9 Feb. 2018. Web.

    Kendis Team. “Exploring Key Elements of Spotify’s Agile Scaling Model.” Scaled Agile Framework, Medium, 23 Jul. 2018. Web.

    Lindstrom, Lowell. “7 Skills You Need to Be a Great Product Owner.” Scrum Alliance, n.d. Web.

    Lukassen, Chris. “The Five Belts Of The Product Owner.” Xebia.com, 20 Sept. 2016. Web.

    Mankins, Michael. “The Defining Elements of a Winning Culture.” Bain, 19 Dec. 2013. Web.

    McCloskey, Heather. “Scaling Product Management: Secrets to Defeating Common Challenges.” ProductPlan, 12 July 2019. Web.

    McCloskey, Heather. “When and How to Scale Your Product Team.” UserVoice, 21 Feb. 2017. Web. Mironov, Rich. “Scaling Up Product Manager/Owner Teams.” Rich Mironov's Product Bytes, Mironov Consulting, 12 Apr. 2014. Web.

    Moore, Geoffrey A. “Crossing the Chasm, 3rd Edition.” Collins Business Essentials, 28 Jan 2014

    Oh, Paul. “How Mastering Resilience Can Help Drive Agile Transformations.” Why Innovation!, 10 Oct. 2019.

    Overeem, Barry. “A Product Owner Self-Assessment.” Barry Overeem, 6 Mar. 2017. Web.

    Overeem, Barry. “Retrospective: Using the Team Radar.” Barry Overeem, 27 Feb. 2017. Web.

    Pichler, Roman. “How to Scale the Scrum Product Owner.” Roman Pichler, 28 June 2016 . Web.

    Pichler, Roman. “Product Management Framework.” Pichler Consulting Limited, 2014. Web.

    Pichler, Roman. “Sprint Planning Tips for Product Owners.” LinkedIn, 4 Sept. 2018. Web.

    Pichler, Roman. “What Is Product Management?” Pichler Consulting Limited, 26 Nov. 2014. Web.

    PMI "The high cost of low performance: the essential role of communications“. PMI Pulse of Profession, May 2013.

    Radigan,Dan. “Putting the ‘Flow' Back in Workflow With WIP Limits.” Atlassian, n.d. Web.

    Bibliography (Product Management)

    Rouse, Margaret. “Definition: product.” TechTarget, Sept. 2005. Web.

    Schuurman, Robbin. “10 Tips for Product Owners on (Business) Value.” Scrum.org, 30 Nov. 2017. Web.

    Schuurman, Robbin. “10 Tips for Product Owners on Agile Product Management.” Scrum.org, 28 Nov. 2017. Web.

    Schuurman, Robbin. “10 Tips for Product Owners on Product Backlog Management.” Scrum.org, 5 Dec. 2017. Web.

    Schuurman, Robbin. “10 Tips for Product Owners on the Product Vision.” Scrum.org, 29 Nov. 2017. Web.

    Schuurman, Robbin. “Tips for Starting Product Owners.” Scrum.org, 27 Nov. 2017. Web.

    Sharma, Rohit. “Scaling Product Teams the Structured Way.” Monetary Musings, 28 Nov. 2016. Web.

    Shirazi, Reza. “Betsy Stockdale of Seilevel: Product Managers Are Not Afraid To Be Wrong.” Austin Voice of Product, 2 Oct. 2018. Web.

    Spitz, Enid R. “The Three Kinds of Empathy: Emotional, Cognitive, Compassionate.” The Three Kinds of Empathy: Emotional, Cognitive, Compassionate. Heartmanity. Web.

    Steiner, Anne. “Start to Scale Your Product Management: Multiple Teams Working on Single Product.” Cprime, 6 Aug. 2019. Web.

    “The Qualities of Leadership: Leading Change.” Cornelius & Associates, 2016. Web.

    “The Standish Group 2015 Chaos Report.” The Standish Group. 2015. Web.

    Theus, Andre. “When Should You Scale the Product Management Team?” ProductPlan, 7 May 2019. Web.

    Tolonen, Arto. “Scaling Product Management in a Single Product Company.” Smartly.io, 26 Apr. 2018. Web.

    Ulrich, Catherine. “The 6 Types of Product Managers. Which One Do You Need?” Medium, 19 Dec. 2017. Web.

    Verwijs, Christiaan. “Retrospective: Do The Team Radar.” The Liberators, Medium, 10 Feb. 2017. Web.

    Vlaanderen, Kevin. “Towards Agile Product and Portfolio Management”. Academia.edu. 2010. Web.

    Backlog

    2009 Business Analysis Benchmark Study.” IAG Consulting, 2009. Web.

    Armel, Kate. “Data-driven Estimation, Management Lead to High Quality.” Quantitative Software Management Inc, 2015. Web.

    Bradley, Marty. “Agile Estimation Guidance.” Leading Agile, 30 Aug. 2016. Web. Feb. 2019.

    CollabNet and VersionOne. “12th Annual State of Agile Report.” VersionOne, 9 April 2018. Web.

    Craveiro, João. “Marty meets Martin: connecting the two triads of Product Management.” Product Coalition, 18 Nov. 2017. Accessed Feb. 2019.

    “Enablers.” Scaled Agile, n.d. Web.

    “Epic.” Scaled Agile, n.d. Web.

    Fischer, Christian. “Scrum Compact.” Itemis, n.d. Web. Feb. 2019.

    Hackshall, Robin. “Product Backlog Refinement.” Scrum Alliance, 9 Oct. 2014. Accessed Feb. 2019.

    Hartman, Bob. “New to agile? INVEST in good user stories.” Agile For All, 14 May 2009. Web.

    Huether, Derek. “Cheat Sheet for Product Backlog Refinement (Grooming).” Leading Agile, 2 Nov. 2013. Accessed Feb. 2019.

    Karlsson, Johan. “Backlog Grooming: Must-Know Tips for High-Value Products.” Perforce, 18 May 2018. Accessed Feb. 2019.

    Khan, Saeed. “Good Bye ‘Product Owner’, Hello ‘Backlog Manager.’” On Product Management, 27 June 2011. Accessed Feb. 2019.

    Khan, Saeed. “Let’s End the Confusion: A Product Owner is NOT a Product Manager.” On Product Management, 14 July 2017. Accessed Feb. 2019.

    Lawrence, Richard. “New Story Splitting Resource.” Agile For All. 27 Jan. 2012. Web. Feb. 2019.

    Leffingwell, Dean. “SAFe 4.0.” Scaled Agile Inc, 2017. Accessed Feb. 2019.

    Lucero, Mario. “Product Backlog – Deep Model.” Agilelucero, 8 Oct. 2014. Web.

    “PI Planning.” Scaled Agile, n.d. Web.

    Pichler, Roman. “The Product Roadmap and the Product Backlog.” Roman Pichler, 9 Sept. 2014. Accessed Feb. 2019.

    Rubin, Kenneth S. Essential Scrum: A Practical Guide to the Most Popular Agile Process. Pearson Education, 2012.

    Schuurman, Robbin. “10 Tips for Product Owners on Product Backlog Management.” Burozeven, 20 Nov. 2017. Accessed Feb. 2019.

    Srinivasan, Vibhu. “Product Backlog Management: Tips from a Seasoned Product Owner.” Agile Alliance, n.d. Accessed Feb. 2019.

    Todaro, Dave. “Splitting Epics and User Stories.” Ascendle, n.d. Accessed Feb. 2019.

    “What Characteristics Make Good Agile Acceptance Criteria?” Segue Technologies, 3 Sept. 2015. Web. Feb. 2019.

    Bibliography (Roadmap)

    Bastow, Janna. “Creating Agile Product roadmaps Everyone Understands.” ProdPad, 22 Mar. 2017. Accessed Sept. 2018.

    Bastow, Janna. “The Product Tree Game: Our Favorite Way To Prioritize Features.” ProdPad, 21 Feb. 2016. Accessed Sept. 2018.

    Chernak, Yuri. “Requirements Reuse: The State of the Practice.” 2012 IEEE International Conference, 12 June 2012, Herzliya, Israel. Web.

    Fowler, Martin. “Application Boundary.” MartinFowler.com, 11 Sept. 2003. Accessed 20 Nov. 2017.

    Harrin, Elizabeth. “Learn What a Project Milestone Is.” The Balance Careers, 10 May 2018. Accessed Sept. 2018.

    “How to create a product roadmap.” Roadmunk, n.d. Accessed Sept. 2018.

    Johnson, Steve. “How to Master the 3 Horizons of Product Strategy.” Aha!, 24 Sept. 2015. Accessed Sept. 2018.

    Johnson, Steve. “The Product Roadmap vs. the Technology Roadmap.” Aha!, 23 June 2016. Accessed Sept. 2018

    Juncal, Shaun. “How Should You Set Your Product Roadmap Timeframes?” ProductPlan, Web. Sept. 2018.

    Leffingwell, Dean. “SAFe 4.0.” Scaled Agile, 2017. Web.

    Maurya, Ash. “What is a Minimum Viable Product (MVP).” Leanstack, 12 June 2017. Accessed Sept. 2018.

    Pichler, Roman. “10 Tips for Creating an Agile Product Roadmap.” Roman Pichler, 20 July 2016. Accessed Sept. 2018.

    Pichler, Roman. Strategize: Product Strategy and Product Roadmap Practices for the Digital Age. Pichler Consulting, 2016.

    “Product Roadmap Contents: What Should You Include?” ProductPlan, n.d. Accessed 20 Nov. 2017.

    Saez, Andrea. “Why Your Roadmap Is Not a Release Plan.” ProdPad, 23 October 2015. Accessed Sept. 2018.

    Schuurman, Robbin. “Tips for Agile product roadmaps & product roadmap examples.” Scrum.org, 7 Dec. 2017. Accessed Sept. 2018.

    Bibliography (Vision and Canvas)

    Adams, Paul. “The Future Product Canvas.” Inside Intercom, 10 Jan. 2014. Web.

    “Aligning IT Funding Models to the Pace of Technology Change.” EDUCAUSE, 14 Dec. 2015. Web.

    Altman, Igor. “Metrics: Gone Bad.” OpenView, 10 Nov. 2009. Web.

    Barry, Richard. “The Product Vision Canvas – a Strategic Tool in Developing a Successful Business.” Polymorph, 2019. Web.

    “Business Canvas – Business Models & Value Propositions.” Strategyzer, 2019. Web.

    “Business Model Canvas.” Wikipedia: The Free Encyclopedia, 4 Aug. 2019. Web.

    Charak, Dinker. “Idea to Product: The Working Model.” ThoughtWorks, 13 July 2017. Web.

    Charak, Dinker. “Product Management Canvas - Product in a Snapshot.” Dinker Charak, 29 May 2017. Web.

    Chudley, James. “Practical Steps in Determining Your Product Vision (Product Tank Bristol, Oct. 2018).” LinkedIn SlideShare. Uploaded by cxpartners, 2 Nov. 2018. Web.

    Cowan, Alex. “The 20 Minute Business Plan: Business Model Canvas Made Easy.” COWAN+, 2019. Web.

    Craig, Desiree. “So You've Decided To Become A Product Manager.” Start it up, Medium, 2 June 2019. Web.

    “Create an Aha! Business Model Canvas Strategic Model.” Aha! Support, 2019. Web.

    Eick, Stephen. “Does Code Decay? Assessing the Evidence from Change Management Data.” IEEE Transactions on Software Engineering, vol. 27, no. 1, Jan. 2001, pp. 1-12. Web.

    Eriksson, Martin. “The next Product Canvas.” Mind the Product, 22 Nov. 2013. Web.

    “Experience Canvas: a Lean Approach: Atlassian Team Playbook.” Atlassian, 2019. Web.

    Freeman, James. “How to Make a Product Canvas – Visualize Your Product Plan.” Edraw, 23 Dec. 2019. Web.

    Fuchs, Danny. “Measure What Matters: 5 Best Practices from Performance Management Leaders.” OpenGov, 8 Aug. 2018. Web.

    Gorisse, Willem. “A Practical Guide to the Product Canvas.” Mendix, 28 Mar. 2017. Web.

    Gothelf, Jeff. “The Lean UX Canvas.” Jeff Gothelf, 15 Dec. 2016. Web.

    Gottesdiener, Ellen. “Using the Product Canvas to Define Your Product: Getting Started.” EBG Consulting, 15 Jan. 2019. Web.

    Gottesdiener, Ellen. “Using the Product Canvas to Define Your Product's Core Requirements.” EBG Consulting, 4 Feb. 2019. Web.

    Gray, Mark Krishan. “Should I Use the Business Model Canvas or the Lean Canvas?” Blog, Medium.com, 2019. Web.

    Bibliography (Vision and Canvas)

    Hanby, Jeff. "Software Maintenance: Understanding and Estimating Costs." LookFar, 21 Oct. 2016. Web.

    “How do you define a product?” Scrum.org, 4 Apr 2017, Web

    Juncal, Shaun. “How to Build a Product Roadmap Based on a Business Model Canvas.” ProductPlan, 19 June 2019. Web.

    “Lean Canvas Intro - Uber Example.” YouTube, uploaded by Railsware Product Academy, 12 Oct. 2018. Web.

    “Lesson 6: Product Canvas.” ProdPad Help Center, 2019. Web.

    Lucero, Mario. “The Product Canvas.” Agilelucero.com, 22 June 2015. Web.

    Maurya, Ash. “Create a New Lean Canvas.” Canvanizer, 2019. Web.

    Maurya, Ash. “Don't Write a Business Plan. Create a Lean Canvas Instead.” LEANSTACK, 2019. Web.

    Maurya, Ash. “Why Lean Canvas vs Business Model Canvas?” Medium, 27 Feb. 2012. Web.

    Mirabelli, Vincent. “The Project Value Canvas.” Vincent Mirabelli, 2019. Web.

    Mishra, LN. “Business Analysis Canvas – The Ultimate Enterprise Architecture.” BA Times, 19 June 2019. Web.

    Muller. Jerry Z. “Why performance metrics isn’t always the best way to judge performance.” Fast Company, 3 April 2019. Web.

    Perri, Melissa. “What Is Good Product Strategy?” Melissa Perri, 14 July 2016. Web.

    Pichler, Roman. “A Product Canvas for Agile Product Management, Lean UX, Lean Startup.” Roman Pichler, 16 July 2012. Web.

    Pichler, Roman. “Introducing the Product Canvas.” JAXenter, 15 Jan. 2013. Web.

    Pichler, Roman. “Roman's Product Canvas: Introduction.” YouTube, uploaded by Roman Pichler, 3 Mar. 2017. Web.

    Pichler, Roman. “The Agile Vision Board: Vision and Product Strategy.” Roman Pichler, 10 May 2011. Web.

    Pichler, Roman. “The Product Canvas – Template.” Roman Pichler, 11 Oct. 2016. Web.

    Pichler, Roman. “The Product Canvas Tutorial V1.0.” LinkedIn SlideShare. Uploaded by Roman Pichler, 14 Feb. 2013. Web.

    Pichler, Roman. “The Product Vision Board: Introduction.” YouTube uploaded by Roman Pichler, 3 Mar. 2017. Web.

    “Product Canvas PowerPoint Template.” SlideModel, 2019. Web.

    Bibliography (Vision and Canvas)

    “Product Canvas.” SketchBubble, 2019, Web.

    “Product Canvas.” YouTube, uploaded by Wojciech Szramowski, 18 May 2016. Web.

    “Product Roadmap Software to Help You Plan, Visualize, and Share Your Product Roadmap.” Productboard, 2019. Web.

    Roggero, Giulio. “Product Canvas Step-by-Step.” LinkedIn SlideShare, uploaded by Giulio Roggero, 18 May 2013. Web.

    Royce, Dr. Winston W. “Managing the Development of Large Software Systems.” Scf.usc.edu, 1970. Web.

    Ryan, Dustin. “The Product Canvas.” Qdivision, Medium, 20 June 2017. Web.

    Snow, Darryl. “Product Vision Board.” Medium, 6 May 2017. Web.

    Stanislav, Shymansky. “Lean Canvas – a Tool Your Startup Needs Instead of a Business Plan.” Railsware, 12 Oct. 2018. Web.

    Stanislav, Shymansky. “Lean Canvas Examples of Multi-Billion Startups.” Railsware, 20 Feb. 2019. Web.

    “The Product Vision Canvas.” YouTube, Uploaded by Tom Miskin, 20 May 2019. Web.

    Tranter, Leon. “Agile Metrics: the Ultimate Guide.” Extreme Uncertainty, n.d. Web.

    “Using Business Model Canvas to Launch a Technology Startup or Improve Established Operating Model.” AltexSoft, 27 July 2018. Web.

    Veyrat, Pierre. “Lean Business Model Canvas: Examples + 3 Pillars + MVP + Agile.” HEFLO BPM, 10 Mar. 2017. Web.

    “What Are Software Metrics and How Can You Track Them?” Stackify, 16 Sept. 2017. Web

    “What Is a Product Vision?” Aha!, 2019. Web.

    Supporting Research

    Transformation topics and supporting Info-Tech research to make the journey easier, with less rework.

    Supporting research and services

    Improving IT alignment

    Build a Business-Aligned IT Strategy

    Success depends on IT initiatives clearly aligned to business goals, IT excellence, and driving technology innovation.

    Includes a "Strategy on a page" template

    Make Your IT Governance Adaptable

    Governance isn't optional, so keep it simple and make it flexible.

    Create an IT View of the Service Catalog

    Unlock the full value of your service catalog with technical components.

    Application Portfolio Management Foundations

    Ensure your application portfolio delivers the best possible return on investment.

    Supporting research and services

    Shifting toward Agile DevOps

    Agile/DevOps Resource Center

    Tools and advice you need to be successful with Agile.

    Develop Your Agile Approach for a Successful Transformation

    Understand Agile fundamentals, principles, and practices so you can apply them effectively in your organization.

    Implement DevOps Practices That Work

    Streamline business value delivery through the strategic adoption of DevOps practices.

    Perform an Agile Skills Assessment

    Being Agile isn't about processes, it's about people.

    Define the Role of Project Management in Agile and Product-Centric Delivery

    Projects and products are not mutually exclusive.

    Supporting research and services

    Shifting toward product management

    Make the Case for Product Delivery

    Align your organization on the practices to deliver what matters most.

    Deliver on Your Digital Product Vision

    Build a product vision your organization can take from strategy through execution.

    Deliver Digital Products at Scale

    Deliver value at the scale of your organization through defining enterprise product families.

    Build a Better Product Owner

    Strengthen the product owner's role in your organization by focusing on core capabilities and proper alignment.

    Supporting research and services

    Improving value and delivery metrics

    Build a Value Measurement Framework

    Focus product delivery on business value-driven outcomes.

    Create a Holistic IT Dashboard

    Mature your IT department by measuring what matters.

    Select and Use SDLC Metrics Effectively

    Be careful what you ask for because you will probably get it.

    Reduce Time to Consensus With an Accelerated Business Case

    Expand on the financial model to give your initiative momentum.

    Supporting research and services

    Improving governance, prioritization, and value

    Make Your IT Governance Adaptable

    Governance isn't optional, so keep it simple and make it flexible.

    Maximize Business Value from IT Through Benefits Realization

    Embed benefits realization into your governance process to prioritize IT spending and confirm the value of IT.

    Drive Digital Transformation With Platform Strategies

    Innovate and transform your business models with digital platforms.

    Succeed With Digital Strategy Execution

    Building a digital strategy is only half the battle: create a systematic roadmap of technology initiatives to execute the strategy and drive digital transformation.

    Build a Value Measurement Framework

    Focus product delivery on business value-driven outcomes.

    Create a Holistic IT Dashboard

    Mature your IT department by measuring what matters.

    Supporting research and services

    Improving requirements management and quality assurance

    Requirements Gathering for Small Enterprises

    Right-size the guidelines of your requirements gathering process.

    Improve Requirements Gathering

    Back to basics: great products are built on great requirements.

    Build a Software Quality Assurance Program

    Build quality into every step of your SDLC.

    Automate Testing to Get More Done

    Drive software delivery throughput and quality confidence by extending your automation test coverage.

    Manage Your Technical Debt

    Make the case to manage technical debt in terms of business impact.

    Create a Business Process Management Strategy

    Avoid project failure by keeping the "B" in BPM.

    Build a Winning Business Process Automation Playbook

    Optimize and automate your business processes with a user-centric approach.

    Create a Winning BPI Playbook

    Don't waste your time focusing on the "as is." Focus on the improvements and the "to be."

    Supporting research and services

    Improving release management

    Optimize Applications Release Management

    Build trust by right-sizing your process using appropriate governance.

    Streamline Application Maintenance

    Effective maintenance ensures the long-term value of your applications.

    Streamline Application Management

    Move beyond maintenance to ensure exceptional value from your apps.

    Optimize Change Management

    Right-size your change management process.

    Manage Your Technical Debt

    Make the case to manage technical debt in terms of business impact.

    Improve Application Development Throughput

    Drive down your delivery time by eliminating development inefficiencies and bottlenecks while maintaining high quality.

    Supporting research and services

    Business relationship management

    Embed Business Relationship Management

    Leverage knowledge of the business to become a strategic IT partner.

    Improving security

    Build an Information Security Strategy

    Create value by aligning your strategy to business goals and business risks.

    Develop and Deploy Security Policies

    Enhance your overall security posture with a defensible and prescriptive policy suite.

    Simplify Identity and Access Management

    Leverage risk- and role-based access control to quantify and simplify the IAM process.

    Supporting research and services

    Improving and supporting business-managed applications

    Embrace Business-Managed Applications

    Empower the business to implement their own applications with a trusted business-IT relationship.

    Enhance Your Solution Architecture Practices

    Ensure your software systems solution is architected to reflect stakeholders’ short-and long-term needs.

    Satisfy Digital End Users With Low- and No-Code

    Extend IT, automation, and digital capabilities to the business with the right tools, good governance, and trusted organizational relationships.

    Build Your First RPA Bot

    Support RPA delivery with strong collaboration and management foundations.

    Automate Work Faster and More Easily With Robotic Process Automation

    Embrace the symbiotic relationship between the human and digital workforce.

    Supporting research and services

    Improving business intelligence, analytics, and reporting

    Modernize Data Architecture for Measurable Business Results

    Enable the business to achieve operational excellence, client intimacy, and product leadership with an innovative, Agile, and fit-for-purpose data architecture practice.

    Build a Reporting and Analytics Strategy

    Deliver actionable business insights by creating a business-aligned reporting and analytics strategy.

    Build Your Data Quality Program

    Quality data drives quality business decisions.

    Design Data-as-a-Service

    Journey to the data marketplace ecosystems.

    Build a Robust and Comprehensive Data Strategy

    Key to building and fostering a data-driven culture.

    Build an Application Integration Strategy

    Level the table before assembling the application integration puzzle or risk losing pieces.

    Appendix

    Pulse survey results

    Pulse survey (N=18): What are the key components of product/service ownership?

    Pulse survey results: What are the key components of product/service ownership? Table shows answer options and responses in percentage.

    Pulse Survey (N=18): What are the key individual skills for a product/service owner?

    What are the key individual skills for a product/service owner? Table shows answer options and responses in percentage

    Other choices entered by respondents:

    • Anticipating client needs, being able to support delivery in all phases of the product lifecycle, adaptability, and ensuring a healthy backlog (at least two sprints’ worth of work).
    • Requirements elicitation and prioritization.
    • The key skill is being product-focused to ensure it provides value for competitive advantage.

    Pulse Survey (N=18): What are three things an outstanding product/service owner does that an average one doesn’t?

    What are three things an outstanding product/service owner does that an average one doesn't? Table shows results.

    Capture and Market the ROI of Your VMO

    • Buy Link or Shortcode: {j2store}212|cart{/j2store}
    • member rating overall impact: 9.0/10 Overall Impact
    • member rating average dollars saved: $108,234 Average $ Saved
    • member rating average days saved: 9 Average Days Saved
    • Parent Category Name: Vendor Management
    • Parent Category Link: /vendor-management
    • All IT organizations are dependent on their vendors for technology products, services, and solutions to support critical business functions.
    • Measuring the impact of and establishing goals for the vendor management office (VMO) to maximize its effectiveness requires an objective and quantitative approach whenever possible.
    • Sharing the VMO’s impact internally is a balancing act between demonstrating value and self-promotion.

    Our Advice

    Critical Insight

    • The return on investment (ROI) calculation for your VMO must be customized. The ROI components selected must match your VMO ROI maturity, resources, and roadmap. There is no one-size-fits-all approach to calculating VMO ROI.
    • ROI contributions come from many areas and sources. To maximize the VMO’s ROI, look outside the traditional framework of savings and cost avoidance to vendor-facing interactions and the impact the VMO has on internal departments.

    Impact and Result

    • Quantifying the contributions of the VMO takes the guess work out of whether the VMO is performing adequately.
    • Taking a comprehensive approach to measuring the value created by the VMO and the ROI associated with it will help the organization appreciate the importance of the VMO.
    • Establishing goals for the VMO with the help of the executives and key stakeholders ensures that the VMO is supporting the needs of the entire organization.

    Capture and Market the ROI of Your VMO Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should calculate and market internally your VMO’s ROI, review Info-Tech’s methodology, and understand the ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Get organized

    Begin the process by identifying your VMO’s ROI maturity level and which calculation components are most appropriate for your situation.

    • Capture and Market the ROI of the VMO – Phase 1: Get Organized
    • VMO ROI Maturity Assessment Tool
    • VMO ROI Calculator and Tracker
    • VMO ROI Data Source Inventory and Evaluation Tool
    • VMO ROI Summary Template

    2. Establish baseline

    Set measurement baselines and goals for the next measurement cycle.

    • Capture and Market the ROI of the VMO – Phase 2: Establish Baseline
    • VMO ROI Baseline and Goals Tool

    3. Measure and monitor results

    Measure the VMO's ROI and value created by the VMO’s efforts and the overall internal satisfaction with the VMO.

    • Capture and Market the ROI of the VMO – Phase 3: Measure and Monitor Results
    • RFP Cost Estimator
    • Improvements in Working Capital Estimator
    • Risk Estimator
    • General Process Cost Estimator and Delta Estimator
    • VMO Internal Client Satisfaction Survey
    • Vendor Security Questionnaire
    • Value Creation Worksheet
    • Deal Summary Report Template

    4. Report results

    Report the results to key stakeholders and executives in a way that demonstrates the value added by the VMO to the entire organization.

    • Capture and Market the ROI of the VMO – Phase 4: Report Results
    • Internal Business Review Agenda Template
    • IT Spend Analytics
    • VMO ROI Reporting Worksheet
    • VMO ROI Stakeholder Report Template
    [infographic]

    Workshop: Capture and Market the ROI of Your VMO

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Get Organized

    The Purpose

    Determine how you will measure the VMO’s ROI.

    Key Benefits Achieved

    Focus your measurement on the appropriate activities.

    Activities

    1.1 Determine your VMO’s maturity level and identify applicable ROI measurement categories.

    1.2 Review and select the appropriate ROI formula components for each applicable measurement category.

    1.3 Compile a list of potential data sources, evaluate the viability of each data source selected, and assign data collection and analysis responsibilities.

    1.4 Communicate progress and proposed ROI formula components to executives and key stakeholders for feedback and/or approval/alignment.

    Outputs

    VMO ROI maturity level and first step of customizing the ROI formula components.

    Second and final step of customizing the ROI formula components…what will actually be measured.

    Viable data sources and assignments for team members.

    A progress report for key stakeholders and executives.

    2 Establish Baseline

    The Purpose

    Set baselines to measure created value against.

    Key Benefits Achieved

    ROI contributions cannot be objectively measured without baselines.

    Activities

    2.1 Gather baseline data.

    2.2 Calculate/set baselines.

    2.3 Set SMART goals.

    2.4 Communicate progress and proposed ROI formula components to executives and key stakeholders for feedback and/or approval/alignment.

    Outputs

    Data to use for calculating baselines.

    Baselines for measuring ROI contributions.

    Value creation goals for the next measurement cycle.

    An updated progress report for key stakeholders and executives.

    3 Measure and Monitor Results

    The Purpose

    Calculate the VMO’s ROI.

    Key Benefits Achieved

    An understanding of whether the VMO is paying for itself.

    Activities

    3.1 Assemble the data and calculate the VMO’s ROI.

    3.2 Organize the data for the reporting step.

    Outputs

    The VMO’s ROI expressed in terms of how many times it pays for itself (e.g. 1X, 3X, 5X).

    Determine which supporting data will be reported.

    4 Report Results

    The Purpose

    Report results to stakeholders.

    Key Benefits Achieved

    Stakeholders understand the value of the VMO.

    Activities

    4.1 Create a reporting template.

    4.2 Determine reporting frequency.

    4.3 Decide how the reports will be distributed or presented.

    4.4 Send out a draft report and update based on feedback.

    Outputs

    A template for reporting ROI and supporting data.

    A decision about quarterly or annual reports.

    A decision regarding email, video, and in-person presentation of the ROI reports.

    Final ROI reports.

    Improve IT-Business Alignment Through an Internal SLA

    • Buy Link or Shortcode: {j2store}455|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Operations Management
    • Parent Category Link: /i-and-o-process-management
    • The business is rarely satisfied with IT service levels, yet there is no clear definition of what is acceptable.
    • Dissatisfaction with service levels is often based on perception. Your uptime might be four 9s, but the business only remembers the outages.
    • IT is left trying to hit a moving target with a limited budget and no agreement on where services levels need to improve.

    Our Advice

    Critical Insight

    • Business leaders have service level expectations regardless of whether there is a formal agreement. The SLA process enables IT to manage those expectations.
    • Track current service levels and report them in plain language (e.g. hours and minutes of downtime, not “how many 9s” which then need to be translated) to gain a clearer mutual understanding of current versus desired service levels.
    • Use past incidents to provide context (how much that hour of downtime actually impacted the business) in addition to a business impact analysis to define appropriate target service levels based on actual business need.

    Impact and Result

    Create an effective internal SLA by following a structured process to report current service levels and set realistic expectations with the business. This includes:

    • Defining the current achievable service level by establishing a metrics tracking and monitoring process.
    • Determining appropriate (not ideal) business needs.
    • Creating an SLA that clarifies expectations to reduce IT-business friction.

    Improve IT-Business Alignment Through an Internal SLA Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should create an internal SLA, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Scope the pilot project

    Establish the SLA pilot project and clearly document the problems and challenges that it will address.

    • Improve IT-Business Alignment Through an Internal SLA – Phase 1: Scope the Pilot Project
    • Internal SLA Process Flowcharts (PDF)
    • Internal SLA Process Flowcharts (Visio)
    • Build an Internal SLA Project Charter Template
    • Internal SLA Maturity Scorecard Tool

    2. Establish current service levels

    Expedite the SLA process by thoroughly, carefully, and clearly defining the current achievable service levels.

    • Improve IT-Business Alignment Through an Internal SLA – Phase 2: Determine Current Service Levels
    • Availability and Reliability SLA Metrics Tracking Template
    • Service Desk SLA Metrics Tracking Template
    • Service Catalog SLA Metrics Tracking Template

    3. Identify target service levels and create the SLA

    Create a living document that aligns business needs with IT targets by discovering the impact of your current service level offerings through a conversation with business peers.

    • Improve IT-Business Alignment Through an Internal SLA – Phase 3: Set Target Service Levels and Create the SLA
    • SLA Project Roadmap Tool
    • Availability Internal Service Level Agreement Template
    • Service Catalog Internal Service Level Agreement Template
    • Service Desk Internal Service Level Agreement Template
    • Internal SLA Executive Summary Presentation Template
    [infographic]

    Select a Sourcing Partner for Your Development Team

    • Buy Link or Shortcode: {j2store}508|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Application Development
    • Parent Category Link: /application-development
    • You have identified that a change to your sourcing strategy is required, based on market and company factors.
    • You are ready to select a new sourcing partner to drive innovation, time to market, increased quality, and improved financial performance.
    • Taking on a new partner is a significant investment and risk, and you must get it right the first time.
    • You need to make a change now to prevent losing clients and falling further behind your performance targets and your market.

    Our Advice

    Critical Insight

    Selecting a sourcing partner is a function of matching complex factors to your own firm. It is not a simple RFP exercise; it requires significant introspection, proactive planning, and in-depth investigation of potential partners to choose the right fit.

    Impact and Result

    Choosing the right sourcing partner is a four-step process:

    1. Assess your companies' skills and processes in the key areas of risk to sourcing initiatives.
    2. Based on the current situation, define a profile for the matching sourcing partner.
    3. Seek matching partners from the market, either in terms of vendor partners or in terms of sourcing locations.
    4. Based on the choice of partner, build a plan to implement the partnership, define metrics to measure success, and a process to monitor.

    Select a Sourcing Partner for Your Development Team Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Select a Sourcing Partner for Your Development Team Storyboard – Use this presentation to select a partner to best fit your sourcing needs and deliver long-term value.

    This project helps select a partner for sourcing of your development team so that you can realize the benefits from changing your sourcing strategy.

    • Select a Sourcing Partner for Your Development Team Storyboard

    2. Select a Sourcing Partner for Your Development Team Presentation Template – Use this template to build a presentation to detail your decision on a sourcing partner for your development team.

    This presentation template is designed to capture the results from the exercises within the storyboard and allow users to build a presentation to leadership showing how selection was done.

    • Select a Sourcing Partner for Your Development Team Presentation Template

    3. Select a Sourcing Partner for Your Development Team Presentation Example – Use this as a completed example of the template.

    This presentation template portrays what the completed template looks like by showing sample data in all tables. It allows members to see how each exercise leads to the final selection of a partner.

    • Select a Sourcing Partner for Your Development Team Example Template
    [infographic]

    Further reading

    Select a Sourcing Partner for Your Application Development Team

    Choose the right partner to enable your firm to maximize the value realized from your sourcing strategy.

    Analyst Perspective

    Selecting the right partner for your sourcing needs is no longer a cost-based exercise. Driving long-term value comes from selecting the partner who best matches your firm on a wide swath of factors and fits your needs like a glove.

    Sourcing in the past dealt with a different kind of conversation involving two key questions:

    Where will the work be done?

    How much will it cost?

    How people think about sourcing has changed significantly. People are focused on gaining a partner, and not just a vendor to execute a single transaction. They will add skills your team lacks, and an ability to adapt to your changing needs, all while ensuring you operate within any constraints based on your business.

    Selecting a sourcing partner is a matching exercise that requires you to look deep into yourself, understand key factors about your firm, and then seek the partner who best meets your profile.

    The image contains a picture of Dr. Suneel Ghei.

    Dr. Suneel Ghei
    Principal Research Director, Application Development
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Common Obstacles

    Info-Tech’s Approach
    • You have identified that a change to your sourcing strategy is required based on market and company factors.
    • You are ready to select a new sourcing partner to drive innovation, time to market, increased quality, and improve financial performance.
    • Taking on a new partner is a significant investment and risk, and you must get it right the first time.
    • You need to make a change now to avoid falling further behind your performance targets and your market, and losing clients.

    Almost half of all sourcing initiatives do not realize the projected savings, and the biggest reason is the choice of partner.

    The market for Application Development partners has become more diverse, increasing choice and the risk of making a costly mistake by choosing the wrong partner.

    Firms struggle with how best to support the sourcing partner and allocate resources with the right skills to maximize success, increasing the cost and time to implement, and limiting benefits.

    Making the wrong choice means inferior products, and higher costs and losing both clients and reputation.
    • Choosing the right sourcing partner is a four-step process:
    1. Assess your company's skills and processes in the key areas of risk to sourcing initiatives.
    2. Based on the current situation, define a profile for the matching sourcing partner.
    3. Seek matching partners from the market, either in terms of vendor partners or in terms of sourcing locations.
    4. Based on your choice of partner, build a plan to implement the partnership, and define metrics to measure success and a process to monitor.

    Info-Tech Insight

    Successfully selecting a sourcing partner is not a simple RFP exercise to choose the lowest cost. It is a complex process of introspection, detailed examination of partners and locations, and matching the fit. It requires you to seek a partner that is the Yin to your Yang, and failure is not an option.

    You need a new source for development resources

    You are facing immediate challenges that require a new approach to development resourcing.

    • Your firm is under fire; you are facing pressures financially from clients and your competitors.
    • Your pace of innovation and talent sourcing is too slow and too limiting.
    • Your competition is moving faster and your clients are considering their options.
    • Revenues and costs of development are trending in the wrong direction.
    • You need to act now to avoid spiraling further.

    Given how critical our applications are to the business and our clients, there is no room for error in choosing our partner.

    A study of 121 firms outsourcing various processes found that 50% of those surveyed saw no gains from the outsourcing arrangement, so it is critical to make the right choice the first time.

    Source: Zhang et al

    Big challenges await you on the journey

    The road to improving sourcing has many potholes.

    • In a study of 121 firms who moved development offshore, almost 50% of all outsourcing and offshoring initiatives do not achieve the desired results.
    • In another study focused on large corporations, it was shown that 70% of respondents saw negative outcomes from offshoring development.
    • Globalization of IT Services and the ability to work from anywhere have contributed to a significant increase in the number of development firms to choose from.
    • Choosing and implementing a new partner is costly, and the cost of choosing the wrong partner and then trying to correct your course is significant in dollars and reputation:
      • Costs to find a new partner and transition
      • Lost revenue due to product issues
      • Loss of brand and reputation due to poor choice
    • The wrong choice can also cost you in terms of your own resources, increasing the risk of losing more knowledge and skills.

    A survey of 25 large corporate firms that outsourced development offshore found that 70% of them had negative outcomes.

    (Source: University of Oregon Applied Information Management, 2019)

    Info-Tech’s approach

    Selecting the right partner is a matching exercise.

    Selecting the right partner is a complex exercise with many factors

    1. Look inward. Assess your culture, your skills, and your needs.
    • Market
    • People
    • Culture
    • Technical aspects
  • Create a profile for the perfect partner to fit your firm.
    • Sourcing Strategy
    • Priorities
    • Profile
  • Find the partner that best fits your needs
    • Define RFx
    • Target Partners
    • Evaluate
  • Implement the partner and put in metrics and process to manage.
    • Contract Partner
    • Develop Goals
    • Create Process and Metrics

    The Info-Tech difference:

    1. Assess your own organization’s characteristics and capabilities in four key areas.
    2. Based on these characteristics and the sourcing strategy you are seeking to implement, build a profile for your perfect partner.
    3. Define an RFx and assessment matrix to survey the market and select the best partner.
    4. Implement the partner with process and controls to manage the relationship, built collaboratively and in place day 1.

    Insight summary

    Overarching insight

    Successfully selecting a sourcing partner is not a simple RFP exercise to choose the lowest cost. It is a complex process of introspection, detailed examination of partners and locations, and matching the fit. It requires you to seek a partner that is the Yin to your Yang, and failure is not an option.

    Phase 1 insight

    Fitting each of these pieces to the right partner is key to building a long-term relationship of value.

    Selecting a partner requires you to look at your firm in depth from a business, technical, and organizational culture perspective.

    Phase 2 insight

    The factors we have defined serve to build us a profile for the ideal partner to engage in sourcing our development team. This profile will lead us to be able to define our RFP / RFI and assess respondents.

    Phase 3/4 insight

    Implement the relationship the same way you want it to work, as one team. Work together on contract mechanism, shared goals, metrics, and performance measurement. By making this transparent you hasten the development of a joint team, which will lead to long-term success.

    Tactical insight

    Ensure you assess not just where you are but where you are going, in choosing a partner. For example, you must consider future markets you might enter when choosing the right sourcing, or outsourcing location to maintain compliance.

    Tactical insight

    Sourcing is not a replacement for your full team. Skills must be maintained in house as well, so the partner must be willing to work with the in-house team to share knowledge and collaborate on deliverables.

    Addressing the myth – Single country offshoring or outsourcing

    Research shows that a multi-country approach has a higher chance of success.

    • Research shows that firms trying their own captive development centers fail 20% of the time. ( Journal of Information Technology, 2008)
    • Further, the overall cost of ownership for an offshore center has shown to be significantly higher than the cost of outsourcing, as the offshore center requires more internal management and leadership.
    • Research shows that offshoring requires the offshore location to also house business team members to allow key relationships to be built and ensure more access to expertise. (Arxiv, 2021)
    • Given the specificity of employment laws, cultural differences, and leadership needs, it is very beneficial to have a Corporate HR presence in countries where an offshore center is being set up. (Arxiv, 2021)
    • Lastly, given the changing climate on security, geopolitical changes, and economic factors, our research with service providers and corporate clients shows a need to have more diversity in provider location than a single center can provide.

    Info-Tech Insight

    Long-term success of sourcing requires more than a development center. It requires a location that houses business and HR staff to enable the new development team to learn and succeed.

    Addressing the myth – Outsourcing is a simple RFP for skills and lowest cost

    Success in outsourcing is an exercise in finding a match based on complex factors.

    • In the past, outsourcing was a simple RFP exercise to find the cheapest country with the skills.
    • Our research shows this is no longer true; the decision is now more complex.
    • Competition has driven costs higher, while time business integration and security constraints have served to limit the markets available.
    • Company culture fit is key to the ability to work as one team, which research shows is a key element in delivery of long-term value. (University of Oregon, 2019).
    • These are some of the many factors that need to be considered as you choose your outsourcing partner.
    • The right decision is to find the vendor that best matches the current state of your culture, meets your market constraints, and will allow for best integration to your team – it's not about cheapest or pure skills. (IEEE Access, 2020)

    Info-Tech Insight

    Finding the right outsourcing vendor is an exercise in knowing yourself and then finding the best match to align with your key traits. It's not just costs and skills, but the partner who best matches with your ability to mitigate the risks of outsourcing.

    Phase 1

    Look inward to gain insight on key factors

    Introspection

    1.1 Assess your market factors

    1.2 Determine your people factors

    1.3 Review your current culture

    1.4 Document your technical factors

    Profiling

    2.1 Recall your sourcing strategy

    2.2 Prioritize your company factors

    2.3 Create target profile

    Partner selection

    3.1 Review your RFx

    3.2 Identify target vendors

    3.3 Evaluate vendor

    responses

    Implementation

    4.1 Engage partner to choose contract mechanism

    4.2 Engage partner team to define goals

    4.3 Choose your success

    metrics

    This phase will walk you through assessing and documenting the key driving factors about your firm and the current situation.

    By defining these factors, you will be able to apply this information in the matching process to select the best fit in a partner.

    This phase involves the following participants:

    Line of Business leaders

    Technology leaders

    Key criteria to assess your firm

    Research shows firms must assess themselves in different areas.

    Market factors

    • Who are your clients and your competitors, and what legal constraints do you face?

    People / Process factors

    • What employee skills are you seeking, what is your maturity in product management and stakeholder engagement, and what languages are spoken most predominantly?

    Cultural factors

    • What is your culture around communications, collaboration, change management, and conflict resolution?

    Technical factors

    • What is your current / future technical platform, and what is the maturity of your applications?

    Info-Tech Best Practice

    When assessing these areas, consider where you are today and where you want to go tomorrow, as choosing a partner is a long-term endeavor.

    Step 1.1

    Assess your market factors

    Activities

    1.1.1 Review your client list and future projections to determine your market factors.

    1.1.2 Review your competitive analysis to determine your competitive factors

    This step involves the following participants:

    Business leaders

    Product Owners

    Technology leaders

    Outcomes of this step

    Details of key market factors that will drive the selection of the right partner.

    Market factors

    The Market has a lot to say about the best match for your application development partner.

    Research in the space has defined key market-based factors that are critical when selecting a partner.

    1. Market sectors you service or plan to service – This is critical, as many market sectors have constraints on where their data can be accessed or stored. These restrictions also change over time, so they must be consistently reviewed.
    • E.g. Canadian government data must be stored and only accessed in Canada.
    • E.g. US Government contracts require service providers to avoid certain countries.
  • Your competitors – Your competitors can often seize on differences and turn them to differentiators; for example, offshoring to certain countries can be played up as a risk by a competitor who does all their work in a particular country.
  • Your clients – Research shows that clients can have very distinct views on services being performed in certain countries due to perceived risk, culture, and geopolitical factors. Understanding the views of major clients on globalization of services is a key factor in maintaining client satisfaction.

    • Info-Tech Insight

    Understanding your current and future market factors ensure that your business can not only be successful with the chosen partner today, but also in the future.

    1.1.1 Assess your market factors

    30 min

    Market factors

    1. Group your current client list into three categories:
      1. Those that have no restrictions on data security, privacy or location.
      2. Those that ask for assurances on data security, privacy and location.
      3. Those clients who have compliance restrictions related to data security, privacy, and location.
    2. Categorize future markets into the same three categories.
    3. Based on revenue projections, estimate the revenue from each category as a percentage of your total revenue.

    Download the Select a Sourcing Partner Presentation Template

    Input Output
    • Current client list
    • Future market plans
    • Competitive analysis
    • Completion of the Market Factors chart in the Select a Sourcing Partner for Your Development Team template
    Materials Participants
    • Select a Sourcing Partner for Your Development Team Presentation template
    • Technology leaders
    • Product owners
    • Line of business leaders
    • Finance leaders

    Assess your market factors

    Market and sector

    Market share and constraints

    Market category

    Sector – Public, private or both

    Market share of category

    Key areas of concern

    Not constrained by data privacy, security or location

    Private

    50%

    Require assurances on data security, privacy or location

    Public

    		45%

    Data access

    Have constraints that preclude choices related to data security, privacy and location

    Public

    		5%

    Data residency

    1.1.2 Review your competitive factors

    30 min

    Competitive factors

    1. List your largest competitors.
    2. Document their sourcing strategies for their development team – are they all onshore or nearshore? Do they outsource?
    3. Based on this, identify competitive threats based on changing sourcing strategies.

    Download the Select a Sourcing Partner Presentation Template

    Input Output
    • Current client list
    • Future market plans
    • Competitive analysis
    • Completion of the Market Factors chart in the Select a Sourcing Partner for Your Development Team template
    Materials Participants
    • Select a Sourcing Partner for Your Development Team Presentation template
    • Technology leaders
    • Product owners
    • Line of business leaders
    • Finance leaders

    Review your competitive factors

    Competitors

    Competitor sourcing strategy

    Competitive threats

    Competitor

    Where is the market?

    Is this onshore / near shore / offshore?

    Data residency

    How could competitors take advantage of a change in our sourcing strategy?

    Competitor X

    Canada / US

    All work done in house and onshore

    Kept in Canada / US

    If we source offshore, we will face a Made in Canada / US threat

    Step 1.2

    Consider your people-related factors

    Activities

    1.2.1 Define your people factors

    1.2.2 Assess your process factors

    This step involves the following participants:

    Technical leaders

    Outcomes of this step

    Details of key people factors that will drive the selection of the right partner.

    People / process factors

    People and process have a large hand in the success or failure of a partner relationship.

    • Alignment of people and process are critical to the success of the partner relationship over the long term.
    • In research on outsourcing / offshoring, Rahman et al identified ten factors that directly impact success or failure in offshoring or outsourcing of development.
    • Key among them are the following:
      • Employee skills
      • Project management
      • Maturity of process concerning product and client management
      • Language barrier

    Info-Tech Insight

    People are a critical resource in any sourcing strategy. Making sure the people and the processes will mesh seamlessly is how to ensure success.

    1.2.1 Define your people factors

    30 min

    Skills Inventory

    1. List skills needed in the development team to service current needs.
    2. Based on future innovation and product direction, add skills you foresee needing in the next 12-24 months. Where do you see a new technology platform (e.g. move from .NET to Java) or innovation (addition of Mobile)?
    3. List current skills present in the team.
    4. Identify skills gaps.

    Download the Select a Sourcing Partner Presentation Template

    InputOutput
    • Product plans for current and future products
    • Technology platform plans for current products
    • Future innovation plans
    • People- and process-related factors that influence sourcing decisions
    MaterialsParticipants
    • Select a Sourcing Partner for Your Development Team Presentation template
    • Technology leaders
    • Product owners
    • Solution architects

    Assess your people - Skills inventory

    Skills required

    Strategic value

    Skills present

    Skill you are seeking

    Required today or in the future

    Rate the skill level required in this area

    Is this a strategic focus for the firm for future targets?

    Is this skill present in the team today?

    Rate current skill level (H/M/L)

    Java Development

    Future

    High

    Yes

    No

    Low

    .Net Development

    Today

    Med

    No

    		 Yes

    High

    1.2.2 Assess your process factors

    30 min

    Process factors

    1. Do you have a defined product ownership practice?
    2. How mature is the product ownership for the product you are seeking to change sourcing for (H/M/L)?
    3. Do you have project management principles and governance in place for software releases?
    4. What is the relative maturity / skill in the areas you are seeking sourcing for (H/M/L)?

    Download the Select a Sourcing Partner Presentation Template

    InputOutput
    • Product plans for current and future products
    • Technology platform plans for current products
    • Future innovation plans
    • People- and process-related factors that influence sourcing decisions
    MaterialsParticipants
    • Select a Sourcing Partner for Your Development Team Presentation template
    • Technology leaders
    • Product owners
    • Solution architects

    Assess your process factors

    Product ownership

    Project management

    Product where sourcing is being changed

    Product ownership in place?

    Skills / maturity rating (H/M/L)

    Project management / governance in place for software releases

    Rate current maturity / skill level (H/M/L)

    ABC

    Yes

    High

    Yes

    High

    SQW

    No

    Low

    Yes

    		High

    Step 1.3

    Review your current culture

    Activities

    1.3.1 Assess your communications factors

    1.3.2 Assess your conflict resolution factors

    This step involves the following participants:

    Technical leaders

    Product owners

    Project managers

    Outcomes of this step

    Details of key culture factors that will drive the selection of the right partner.

    Cultural factors

    Organization culture fit is a driver of collaboration between the teams, which drives success.

    • In their study of country attractiveness for sourcing development, Kotlarsky and Oshri point to the ability of the client and their sourcing partner to work as one team as a key to success.
    • This requires synergies in many cultural factors to avoid costly miscommunications and misinterpretations that damage collaboration.
    • Key factors in achieving this are:
      • Communications methodology and frequency; managing and communicating to the teams as one team vs two, and communicating at all levels, vs top down.
      • Managing the team as one integrated team, with collaboration enabled between all resources, rather than the more adversarial client vs partner approach.
      • Conflict resolution strategies must align so all members of the extended team work together to resolve conflict vs the traditional “Blame the Contractors”.
      • Strong change management is required to keep all team members aligned.

    Info-Tech Insight

    Synergy of culture is what enables a good partner selection to become a long-term relationship of value.

    1.3.1 Assess your communications factors

    30 min

    1. List all the methods you use to communicate with your development team – face to face, email, conference call, written.
    2. For each form of communication confirm frequency, medium, and audience (team vs one-on-one)
    3. Confirm if these communications take into account External vs Internal resources and different time zones, languages, and cultures.
    4. Is your development team broken up into teams by function, by location, by skill, etc., or do you operate as one team?

    Download the Select a Sourcing Partner Presentation Template

    Input Output
    • Communication process with existing development team
    • Examples of how external staff have been integrated into the process
    • Examples of conflicts and how they were resolved
    • Documentation of key cultural characteristics that need to be part of provider profiling
    Materials Participants
    • Select a Sourcing Partner for Your Development Team Presentation template
    • Technology leaders
    • Product owners
    • Project managers

    Assess your communications strategy

    Communications

    Type

    Frequency

    Audience

    One communication or one per audience?

    Level of two-way dialogue

    Face-to-face team meetings

    Weekly

    All developers

    One

    High

    Daily standup

    Daily

    Per team

    One per audience

    Low

    1.3.2 Assess your conflict resolution factors

    30 min

    1. How does your organization handle the following types of conflict? Rate from 1-5, with 1 being hierarchical and 5 being openly collaborative.
      1. Developers on a team disagree.
      2. Development team disagrees with manager.
      3. Development team disagrees with product owner.
      4. Development team disagrees with line of business.
    2. Rate each conflict resolution strategy based on effectiveness.
    3. Confirm if this type of strategy is used for internal and external resources, or internal only.

    Download the Select a Sourcing Partner Presentation Template

    InputOutput
    • Communication process with existing development team
    • Examples of how external staff have been integrated into the process
    • Examples of conflicts and how they were resolved
    • Documentation of key cultural characteristics that need to be part of provider profiling
    MaterialsParticipants
    • Select a Sourcing Partner for Your Development Team Presentation template
    • Technology leaders
    • Product owners
    • Project managers

    Assess your conflict resolution strategy

    Conflict

    Resolution strategy

    Effectiveness

    Audience

    Conflict type

    Rate the resolution strategy from hierarchical to collaborative (1-5)

    How effective is this method of resolution from 1-5?

    Is this strategy used for external parties as well as internal?

    Developer to product owner

    		44

    Yes

    Developer to manager

    		12

    Yes

    Step 1.4

    Document your technical factors

    Activities

    1.4.1 Document your product / platform factors

    1.4.2 Document your environment details

    This step involves the following participants:

    Technical leaders

    Product owners

    Outcomes of this step

    Details of key technical factors that will drive the selection of the right partner.

    Technical factors

    Technical factors are still the foundation for a Development sourcing relationship.

    • While there are many organizational factors to consider, the matching of technological factors is still the root on which the sourcing relationship is built; the end goal is to build better software.
    • Key technical Items that need to be aligned based on the research are:
      • Technical infrastructure
      • Development environments
      • Development methodology and tools
      • Deployment methodology and tools
      • Lack of/poor-quality technical documentation
    • Most RFPs focus purely on skills, but without alignment on the above items, work becomes impossible to move forward quickly, limiting the chances of success.

    Info-Tech Insight

    Technical factors are the glue that enables teams to function together. Ensuring that they are fully integrated is what enables team integration; seams in that integration represent failure points.

    1.4.1 Document your product / platform factors

    30 mins

    1. How many environments does each software release go through from the start of development through release to production?
    2. What is the infrastructure and development platform?

    Download the Select a Sourcing Partner Presentation Template

    InputOutput
    • Development process
    • Deployment process
    • Operations process
    • IT security policies
    • Documentation of key technical characteristics that need to be part of provider profiling
    MaterialsParticipants
    • Select a Sourcing Partner for Your Development Team Presentation template
    • Development leaders
    • Deployment team leaders
    • Infrastructure leaders
    • IT operations leaders
    • Product owners
    • Project managers

    Document your product / platform

    Product / Platform

    Product you are seeking a sourcing solution for

    What is the current infrastructure platform?

    How many environments does the product pass through?

    What is the current development toolset?

    ABC

    Windows

    Dev – QA – Preprod - Prod

    .Net / Visual Studio

    1.4.2 Document your environment details

    30 min

    For each environment detail the following:

    1. Environment on premises or in cloud
    2. Access allowed to external parties
    3. Production data present and unmasked
    4. Deployment process: automated or manual
    5. Tools used for automated deployment
    6. Can the environment be restored to last known state automatically?
    7. Does documentation exist on the environment, processes and procedures?

    Download the Select a Sourcing Partner Presentation Template

    InputOutput
    • Development process
    • Deployment process
    • Operations process
    • IT security policies
    • Documentation of key technical characteristics that need to be part of provider profiling
    MaterialsParticipants
    • Select a Sourcing Partner for Your Development Team Presentation template
    • Development leaders
    • Deployment team leaders
    • Infrastructure leaders
    • IT operations leaders
    • Product owners
    • Project managers

    Document Your Environment Details

    Environment

    Location

    Access

    Deployment

    Data

    Name of Environment

    Is the environment on premises or in the cloud (which cloud)?

    Is external access allowed?

    Is deployment automated or manual?

    Tool used for deployment

    Is reset automated?

    Does the environment contain unmasked production data?

    Dev

    Cloud

    Yes

    Automated

    Azure DevOps

    Yes

    No

    QA

    Cloud

    Yes

    Automated

    Azure DevOps

    Yes

    No

    Preprod

    On Premises

    No

    Manual

    N/A

    No

    Yes

    Phase 2

    Introspection

    1.1 Assess your market factors

    1.2 Determine your people factors

    1.3 Review your current culture

    1.4 Document your technical factors

    Profiling

    2.1 Recall your sourcing strategy

    2.2 Prioritize your company factors

    2.3 Create target profile

    Partner selection

    3.1 Review your RFx

    3.2 Identify target vendors

    3.3 Evaluate vendor

    responses

    Implementation

    4.1 Engage partner to choose contract mechanism

    4.2 Engage partner team to define goals

    4.3 Choose your success

    metrics

    This phase will help you to build a profile of the partner you should target in your search for a sourcing partner.

    This phase involves the following participants:

    Technology leaders

    Procurement leaders

    Product owners

    Project managers

    Build a profile for the right partner

    • Finding the perfect partner is a puzzle to solve, an exercise between the firm and the partners.
    • It is necessary to be able to prioritize and to identify opportunities where you can adapt to create a fit.
    • You must also bring forward the sourcing model you are seeking and prioritize factors based on that; for example, if you are seeking a nearshore partner, language may be less of a factor.

    Review factors based on sourcing choice

    Different factors are more important depending on whether you are insourcing or outsourcing.

    Key risks for insourcing

    • Alignment on communication strategy and method
    • Ability to align culturally
    • Need for face-to-face relationship building
    • Need for coaching skills

    Key risks for outsourcing

    • Giving control to the vendor
    • Legal and regulatory issues
    • Lack of knowledge at the vendor
    • Language and cultural fit

    Assessing your firm's position

    • The model you derived from the Sourcing Strategy research will inform the prioritization of factors for matching partners.

    Info-Tech Insight

    To find the best location for insourcing, or the best vendor for outsourcing, you need to identify your firm's positions on key risk areas.

    Step 2.1

    Recall your sourcing strategy

    Activities

    2.1.1 Define the key factors in your sourcing strategy

    This step involves the following participants:

    Technology Leaders

    Outcomes of this step

    Documentation of the Sourcing Strategy you arrived at in the Define a Sourcing Strategy exercises

    Choosing the right model

    The image contains a screenshot of the legend that will be used down below. The legend contains circles, from the left there is a empty circle, a one quarter filled circle, half filled circle, three-quarter filled circle , and a fully filled in circle.

    Determinant

    Key Questions to Ask

    Onshore

    Nearshore

    Offshore

    Outsource role(s)

    Outsource team

    Outsource product(s)

    Business dependence

    How much do you rely on business resources during the development cycle?

    		 The image contains a screenshot of the filled in whole circle to demonstrate high. The image contains a screenshot of the three-quarter filled circle to demonstrate medium high. The image contains a screenshot of the one-quarter filled circle to demonstrate medium low. The image contains a screenshot of the half filled circle to demonstrate medium. The image contains a screenshot of the one-quarter filled circle to demonstrate medium low. The image contains a screenshot of the empty circle to demonstrate low.

    Absorptive capacity

    How successful has the organization been at bringing outside knowledge back into the firm?

    		 The image contains a screenshot of the empty circle to demonstrate low. The image contains a screenshot of the one-quarter filled circle to demonstrate medium low. The image contains a screenshot of the one-quarter filled circle to demonstrate medium low. The image contains a screenshot of the half filled circle to demonstrate medium. The image contains a screenshot of the one-quarter filled circle to demonstrate medium low. The image contains a screenshot of the filled in whole circle to demonstrate high.

    Integration complexity

    How many integrations are required for the product to function – fewer than 5, 5-10, or more than 10?

    		 The image contains a screenshot of the filled in whole circle to demonstrate high. The image contains a screenshot of the three-quarter filled circle to demonstrate medium high. The image contains a screenshot of the three-quarter filled circle to demonstrate medium high. The image contains a screenshot of the half filled circle to demonstrate medium. The image contains a screenshot of the one-quarter filled circle to demonstrate medium low. The image contains a screenshot of the empty circle to demonstrate low.

    Product ownership

    Do you have full-time product owners in place for the products? Do product owners have control of their roadmaps?

    		 The image contains a screenshot of the one-quarter filled circle to demonstrate medium low. The image contains a screenshot of the half filled circle to demonstrate medium. The image contains a screenshot of the three-quarter filled circle to demonstrate medium high. The image contains a screenshot of the half filled circle to demonstrate medium. The image contains a screenshot of the filled in whole circle to demonstrate high. The image contains a screenshot of the filled in whole circle to demonstrate high.

    Organization culture fit

    What are your organization’s communication and conflict resolution strategies? Is your organization geographically dispersed?

    		 The image contains a screenshot of the one-quarter filled circle to demonstrate medium low. The image contains a screenshot of the one-quarter filled circle to demonstrate medium low. The image contains a screenshot of the three-quarter filled circle to demonstrate medium high. The image contains a screenshot of the one-quarter filled circle to demonstrate medium low. The image contains a screenshot of the three-quarter filled circle to demonstrate medium high. The image contains a screenshot of the filled in whole circle to demonstrate high.

    Vendor mgmt skills

    What is your skill level in vendor management? How old are your longest-standing vendor relationships?

    		 The image contains a screenshot of the empty circle to demonstrate low. The image contains a screenshot of the one-quarter filled circle to demonstrate medium low. The image contains a screenshot of the one-quarter filled circle to demonstrate medium low. The image contains a screenshot of the half filled circle to demonstrate medium. The image contains a screenshot of the three-quarter filled circle to demonstrate medium high. The image contains a screenshot of the filled in whole circle to demonstrate high.

    2.1.1 Define the key factors in your sourcing strategy

    30 min

    For each product you are seeking a sourcing strategy for, document the following:

    1. Product or team name.
    2. Sourcing strategy based on Define a Sourcing Strategy.
    3. The primary drivers that led to this selection – Business Dependence, Absorptive Capacity, Integration Complexity, Product Ownership, Culture or Vendor Management.
    4. The reasoning for the selection based on that factor – e.g. we chose nearshoring based on high business dependence by our development team.

    Download the Select a Sourcing Partner Presentation Template

    Input Output
    • Sourcing Strategy from Define a Sourcing Strategy for your Development Team
    • Reasoning that drove the sourcing strategy selection
    Materials Participants
    • Select a Sourcing Partner for Your Development Team Presentation template
    • Technology leadership

    Define sourcing strategy factors

    Sourcing strategy

    Factors that led to selection

    Product you are seeking a sourcing solution for

    Strategy defined

    Key factors that led to that choice

    Reasoning

    ABC

    Outsourcing - Offshore

    • Product ownership
    • Business integration
    • Product maturity
    • Technical environment

    Mature product ownership and low requirement for direct business involvement.

    Mature product with lower environments in cloud.

    Step 2.2

    Prioritize your company factors

    Activities

    2.2.1 Prioritize the factors from your sourcing strategy and confirm if mitigation or adaptation are possible.

    This step involves the following participants:

    IT Leadership team

    Outcomes of this step

    Prioritized list of key factors

    2.2.1 Prioritize your sourcing strategy factors

    30 min

    1. For each of the factors listed in exercise 2.1, prioritize them by importance to the firm.
    2. For each factor, please confirm if there is room to drive change internally to overcome the lack of a match – for example, if the culture being changed in language and conflict resolution is an option, then say Yes for that factor.

    Download the Select a Sourcing Partner Presentation Template

    InputOutput
    • Sourcing Strategy factors from 2.1
    • Prioritized list of sourcing strategy factors
    MaterialsParticipants
    • Select a Sourcing Partner for Your Development Team Presentation template
    • Technology leaders

    Sourcing strategy factors and priority

    Sourcing strategy

    Factors that led to selection

    Priority of factor in decision

    Change possible

    Product you are seeking a sourcing solution for

    Strategy defined

    Key factors that led to your choice

    Reasoning

    Priority of factor 1-x

    Is there an opportunity to adapt this factor to a partner?

    ABC

    Outsourcing - offshore

    • Product ownership
    • Business integration
    • Product maturity
    • Technical environment

    Mature product ownership

    Low requirement for direct business involvement

    Mature product with lower environments in cloud

    2

    1

    3

    N

    N

    Y

    Step 2.3

    Create target profile

    Activities

    2.3.1 Profile your best fit

    This step involves the following participants:

    IT Leadership team

    Outcomes of this step

    Profile of the target partner

    Profiling your best fit

    Creating a target profile will help you determine which partners should be included in the process.

    Given the complexity of all the factors and trying to find the best fit from a multitude of partners, Info-Tech recommends forming a target profile for your best fit of partner.

    This profile provides a detailed assessment matrix to use to review potential partners.

    Profile should be created based on priority; "must haves" are high priority, while properties that have mitigation opportunities are optional or lower priority.

    Criteria

    Priority

    Some US Govt contracts – data and staff in NATO

    		 1

    Windows environment – Azure DEVOPS

    		2

    Clients in FS

    		 3

    Agile SDLC

    		 4

    Collaborative communication and conflict resolution

    		 5

    Mature product management

    		 6

    Languages English and Spanish

    		 7

    Partner Profile

    • Teams in NATO and non-NATO countries
    • Windows skills with Azure
    • Financial Services experience
    • Utilize Agile and willing to plug into our teams
    • Used to collaborating with clients in one team environment
    • One centre in Latin / South America

    Info-Tech Insight

    The factors we have defined serve to build us a profile for the ideal partner to engage in sourcing our development team. This profile will lead us to be able to define our RFP / RFI and assess respondents.

    Case study: Cognizant is partnering with clients on product development

    INDUSTRY: Technology Services

    SOURCE: Interview with Jay MacIsaac, Cognizant

    Cognizant is driving quality solutions for clients

    • Strives to be primarily an industry-aligned organization that delivers multiple service lines in multiple geographies.
    • Seeks to carefully consider client culture to create one team.
    • Value proposition is a consultative approach bringing thought leadership and mutually adding value to the relationship vs the more traditional order taker development partner
    • Wants to share in solution development to facilitate shared successes. Geographic alignment drives knowledge of the client and their challenges, not just about time zone and supportability.
    • Offers one of the largest offshore capabilities in the world, supported by local and nearshore resources to drive local knowledge.
    • Realizes today’s clients don’t typically want a black box, they are sophisticated and want transparency around the process and solution, to have a partner.
    • Understands that clients do want to know where the work is being delivered from and how it's being delivered, and want to help manage expectations and overall risk.

    Synergy with Info-Tech’s approach

    • Best relationship comes when teams operate as one.
    • Clients are seeking value, not a development black box.
    • Clients want to have a partner they can engage with, not just an order taker.
    • Goal is a one-team culture with shared goals and delivering business value.
    • Ideal is a partner that will add to their thinking, not echo it.

    Results of this approach

    • Cognizant is continuing to deliver double-digit growth and continues to strive for top quartile performance.
    • Growth in the client base has seen the company grow to over 340,000 associates worldwide.

    Case study: Cabot Technology Solutions uses industry knowledge to drive successful partnerships

    INDUSTRY: Technology Services

    SOURCE: Interview with Shibu Basheer, Cabot Technology Solutions

    Cabot Technology Solutions findings

    • Cabot Technology Solutions looks to partner with clients and deliver expertise and value, not just application development.
      • Focus on building deep knowledge in their chosen vertical, Healthcare.
      • Focus on partnering with clients in this space who are seeking a partner to provide industry knowledge and use this to propel them forward.
      • Look to work with clients seeking a one team philosophy.
      • Avoid clients looking for a cheap provider.
    • Recognizing the initial apprehension to India as a location, they have built a practice in Ontario that serves as a bridge for their offshore team.
    • Cabot overcame initial views and built trust, while integrating the India team in parallel.

    Synergy with Info-Tech approach

    • Preference is partners, not a client/vendor relationship.
    • Single country model is set aside in favor of mix of near and offshore.
    • Culture is a one team approach, not the more adversarial order-taker approach.
    • Goal is to build long-term relationships of value, not task management.

    Results of this approach

    • Cabot is a recognized as a top software development company in many markets across the USA.
    • Cabot continues to drive growth and build referenceable client relationships across North America.

    2.3.1 Profile your best fit

    30 min

    1. Document the list of skills you are seeking from the People Factors – Skills Inventory in Section 1.2 – these represent the skills you are seeking in a partner.
    2. Document the culture you are looking for in a partner with respect to communications and conflict resolution in the culture section of the requirements – this comes from Section 1.3.
    3. Confirm the type of partner you are seeking – nearshore, offshore, or outsourcing based on the sourcing strategy priorities in Section 2.2.
    4. Confirm constraints that the partner must work under based on constraints from your market and competitor factors in Section 1.1.
    5. Confirm your technical requirements in terms of environments, tools, and processes that the vendor must align to from Section 1.4.

    Download the Select a Sourcing Partner Presentation Template

    Input Output

    All exercises done in Steps 11-1.4 and 2.1-2.2

    Profile of a target partner to drive the RFx Criteria
    Materials Participants

    Select a Sourcing Partner for Your Development Team Presentation template

    Development leaders

    Deployment team leaders

    Infrastructure leaders

    IT operations leaders

    Product owners

    Project managers

    RFP skills requirement

    People skills required

    Product ownership

    Project management

    Skill

    Skill level required

    Tools / platform requirement

    Details of product management methodology and skills

    Details of firm's project management methodology

    .NET

    Medium

    Windows

    Highly mature, high skill

    Highly mature, high skill

    Java

    High

    Windows

    Low

    High

    RFx cultural characteristics

    Communication strategy

    Conflict resolution

    Organization / management

    Communication mediums supported

    Frequency of meetings expected

    Conflict resolutions strategies used at the firm

    Management methodology

    Face to face

    Weekly

    Collaborative

    Online

    Daily

    Hierarchical with manager

    Hierarchical

    RFx market constraints

    Constraints

    Partner proposal

    Constraint type

    Restrictions

    Market size required for

    Reasoning

    Data residency

    Data must stay in Canada for Canadian Gov't clients

    5% Canada public sector

    Competitive

    Offshoring dev means competition can take advantage

    95% Clients

    Need strategy to show data and leadership in NA, but delivering more innovation at lower cost by going offshore

    RFx technical requirements

    Technical environments

    Infrastructure

    Alignment of SDLC

    Tools required for development team

    Access control software required

    Infrastructure location

    Number of environments from development to production

    .Net Visual Studio

    Microsoft

    Azure

    		 4

    RFx scope of services

    Work being sourced

    Team sizing

    Work being sourced

    Skill level required

    Average size of release

    Releases per year

    Java development of new product

    High

    3-month development

    		6

    .NET staff augmentation

    Medium

    ½-month development

    		12

    Phase 3

    Choose the partner that will best enable you to move forward as one integrated team.

    Introspection

    1.1 Assess your market factors

    1.2 Determine your people factors

    1.3 Review your current culture

    1.4 Document your technical factors

    Profiling

    2.1 Recall your sourcing strategy

    2.2 Prioritize your company factors

    2.3 Create target profile

    Partner selection

    3.1 Review your RFx

    3.2 Identify target vendors

    3.3 Evaluate vendor

    responses

    Implementation

    4.1 Engage partner to choose contract mechanism

    4.2 Engage partner team to define goals

    4.3 Choose your success

    metrics

    For more details on Partner Selection, please refer to our research blueprint entitled Select an ERP Partner

    This phase will help you define your RFx for your provider search

    This phase involves the following participants:

    Vendor Management Team

    IT Leadership

    Finance Team

    Finding the right fit should always come before rates to determine value

    The right fit

    Determined in previous activities

    Negotiating will eventually bring the two together

    Value

    Rates

    Determined by skill and location

    Statement of Work (SOW) quality

    A quality SOW is the result of a quality RFI/RFP (RFx).

    The process up to now has been gathering the materials needed to build a quality RFx. Take this opportunity to review the outputs of the preceding activities to ensure that:

    • All the right stake holders have been engaged.
    • The requirements are complete.

    Info-Tech’s RFP Review as a Service looks for key items to ensure your RFx will generate quality responses and SOWs.

    • Is it well-structured with a consistent use of fonts and bullets?
    • Is it laid out in sections that are easily identifiable and progress from high-level to more detailed information?
    • Can a vendor quickly identify the ten (or fewer) things that are most important to you?

    The image contains a screenshot of the Request for Proposal Review as a Service.

    Step 3.1

    Review your RFx

    Activities

    3.1.1 Select your RFx template

    3.1.2 Finalize your RFx

    3.1.3 Weight each evaluation criteria

    This step involves the following participants:

    • Project team
    • Evaluation team
    • Vendor management team
    • CIO

    Outcomes of this step

    • Completed RFx

    Info-Tech’s RFI/RFP process

    Info-Tech has well-established vendor management templates and practices

    • Identify Need
    • Define Business Requirements
    • Gain Business Authorization
    • Perform RFI/RFP
    • Negotiate Agreement
    • Purchase Goods and Services
    • Assess and Measure Performance

    Info-Tech Best Practice

    You’ll want to customize templates for your organization, but we strongly suggest that you take whatever you feel best meets your needs from both the long- and short-form RFPs presented in this blueprint.

    The secret to managing an RFP is to make it manageable. And the secret to making an RFP manageable is to treat it like any other aspect of business – by developing a process. With a process in place, you are better able to handle whatever comes your way, because you know the steps you need to follow to produce a top-notch RFP.

    Your RFP process should be tailored to fit the needs and specifics of your organization and IT.

    Info-Tech Insight

    Create a better RFP process using Info-Tech’s well-established templates and methodology.

    Create a Better RFP Process

    In a hurry? Consider an enhanced RFI instead of an RFP.

    While many organizations rarely use RFIs, they can be an effective tool in the vendor manager’s toolbox when used at the right time in the right way. RFIs can be deployed in competitive targeted negotiations. An enhanced RFI (ERFI) is a two-stage strategy that speeds up the typical RFP process. The first stage is like an RFI on steroids, and the second stage is targeted competitive negotiation.

    Stage 1:

    Create an RFI with all the customary components. Next, add a few additional RFP-like requirements (e.g. operational and technical requirements). Make sure you include a request for budgetary pricing and provide any significant features and functionality requirements so that the vendors have enough information to propose solutions. In addition, allow the vendors to ask questions through your single point of coordination and share answers with all the vendors. Finally, notify the vendors that you will not be doing an RFP – this is it!

    Stage 2:

    Review the vendors’ proposals and select the best two. Negotiate with both vendors and then make your decision.

    The ERFI shortens the typical RFP process, maintains leverage for your organization, and works great with low- to medium-spend items (however your organization defines them). You’ll get clarification on vendors’ competencies and capabilities, obtain a fair market price, and meet your internal clients’ aggressive timelines while still taking steps to protect your organization.

    RFI Template

    The image contains a screenshot of the RFI Template.

    Use this template to create your RFI baseline template. Be sure to modify and configure the template to your organization’s specifications.

    Request for Information Template

    Long-Form RFP Template

    Configure Info-Tech’s Long-Form RFP Template for major initiatives

    The image contains a screenshot of the long-form RFP Template.

    A long-form or major RFP is an excellent tool for more complex and complicated requirements. This example is for a baseline RFP.

    It starts with best-in-class RFP terms and conditions that are essential to maintaining your control throughout the RFP process. The specific requirements for the business, functional, technical, and pricing areas should be included in the exhibits at the end of the template. That makes it easier to tailor the RFP for each deal, since you and your team can quickly identify specific areas that need modification. Grouping the exhibits together also makes it convenient for both your team to review, and the vendors to respond.

    You can use this sample RFP as the basis for your template RFP, taking it all as is or picking and choosing the sections that best meet the mission and objectives of the RFP and your organization.

    Source: Info-Tech’s The Art of Creating a Quality RFP

    Short-Form RFP Template

    Configure Info-Tech’s Short-Form RFP Template for minor or smaller initiatives

    The image contains a screenshot of the Short-Form RFP Template.

    This example is for a less complex RFP that has relatively basic requirements and perhaps a small window in which the vendors can respond. As with the long-form RFP, exhibits are placed at the end of the RFP, an arrangement that saves time for both your team and the vendors. Of course, the short-form RFP contains fewer specific instructions, guidelines, and rules for vendors’ proposal submissions.

    We find that short-form RFPs are a good choice when you need to use something more than a request for quote (RFQ) but less than an RFP running 20 or more pages. It’s ideal, for example, when you want to send an RFP to only one vendor or to acquire items such as office supplies, contingent labor, or commodity items that require significant vendor's risk assessment.

    Source: The Art of Creating a Quality RFP

    3.1.1 Select your RFx template

    1-3 hours

    1. As a group, download the RFx templates from the previous three slides.
    2. Review your RFx process as a group. Be sure to include the vendor management team.
    3. Be sure to consider organization-specific procurement guidelines. These can be included. The objective here is to find the template that is the best fit. We will finalize the template in the next activity.
    4. Determine the best template for this project.
    Input Output
    • RFx templates
    • The RFx template that will be used for this project
    Materials Participants
    • Info-Tech’s Enhanced RFI Template, Long-Form RFP Template, and Short-Form RFP Template
    • Vendor management team
    • Project team
    • Project manager

    Finalize your RFx

    Key insights

    Leverage the power of the RFP

    • Too often RFPs fail to achieve their intended purposes, and your organization feels the effects of a poorly created RFP for many years.
    • If you are faced with a single source vendor, you can perform an RFP to one to create the competitive leverage.

    Make the response and evaluation process easier

    • Being strategic in your wording and formatting makes it easier on both parties – easier for the vendors to submit meaningful proposals, and easier for customer teams to evaluate.
    • Create a level playing field to encourage competition. Without multiple proposals, your options are limited and your chances for a successful project plummet.

    Maximize the competition

    • Leverage a pre-proposal conference to resolve vendor questions and to ensure all vendors receive the same answers to all questions. No vendor should have an information advantage.

    Do’s

    • Leverage your team’s knowledge.
    • Document and explain your RFP process to stakeholders and vendors.
    • Include contract terms in your RFP.
    • Measure and manage performance after contract award.
    • Seek feedback from the RFP team on your process and improve it as necessary.

    Don'ts

    • Reveal your budget.
    • Do an RFP in a vacuum.
    • Send an RFP to a vendor your team is not willing to award the business to.
    • Hold separate conversations with candidate vendors during your RFP process.
    • Skimp on the requirements definition to speed the process.
    • Tell the vendor they are selected before negotiating.

    3.1.2 Finalize your RFx

    1-3 hours

    1. As a group, review the selected RFI or RFP template.
    2. This is YOUR document. Modify it to suit the needs of the organization and even add sections from the other RFP templates that are relevant to your project.
    3. Use the Supplementary RFx Material as a guide.
    4. Add the content created in Steps 1 and 2.
    5. Add any organization-specific clauses or requirements.
    6. Have the project team review and comment on the RFP.
    7. Optional: Use Info-Tech’s RFP Review Concierge Service.

    Download the RFx Vendor Evaluation Tool

    Download the Supplementary RFx Material

    InputOutput
    • RFx template
    • Organizational specific guidelines
    • Materials from Steps 1 and 2
    • Supplementary RFx Material
    • Finalized RFx
    MaterialsParticipants
    • Electronic RFP document for editing
    • Vendor management team
    • Project team
    • Project manager

    3.1.2 Bring it all together

    Supplementary RFx Material

    		 The image contains a screenshot of Supplementary RFx Material.

    Review the sample content to get a feel for how to incorporate the results of the activities you have worked through into the RFx template.

    RFx Templates

    Use one of our templates to build a ready-for-distribution implementation partner RFx tailored to the unique success factors of your implementation.

    Exercises in Steps 1 and 2

    		 The image contains a screenshot of Exercises in Steps 1 and 2

    Use the material gathered during each activity to inform and populate the implementation partner requirements that are specific for your organization and project.

    		 The image contains a screenshot of the Long Form RFx template.The image contains a screenshot of the Short Form RFx template.

    3.1.3 Weight each evaluation criteria

    1-3 hours

    1. As a group, review the selected RFI or RFP template.
    2. This is your document. Modify it to suit the needs of the organization and even add sections from the other RFP templates that are relevant to your project.
    3. Use the Supplementary RFx Material as a guide.
    4. Utilize the content defined in Steps 1 and 2.
    5. Add any organization-specific clauses or requirements.
    6. Have the project team review and comment on the RFP.
    7. Optional: Use Info-Tech’s RFP Review Concierge Service.

    Download the Supplementary RFx Material

    InputOutput

    RFx Vendor Evaluation Tool

    Exercises from Steps 1 and 2

    • Weighted scoring tool to evaluate responses
    MaterialsParticipants
    • RFx Vendor Evaluation Tool
    • Supplementary RFx Material
    • Vendor management team
    • Project team
    • Project manager

    3.1.3 Apply weight to each evaluation criteria

    Use this tool to weight each critical success factor based on results of the activities within the vendor selection workbook for later scoring results.

    The image contains a screenshot of the RFx Vendor Evaluation Tool.

    Download the RFx Vendor Evaluation Tool

    Step 3.2

    Identify target vendors

    Activities

    3.2.1 Identify target vendors

    3.2.2 Define your RFx timeline

    This step involves the following participants:

    • Project team
    • Vendor management team

    Outcomes of this step

    • Targeted vendor list
    • Initial RFx timeline

    3.2.1 Identify target vendors

    1-3 hours

    1. Based on the profile defined in Step 2.3, research potential partners that fit the profile, starting with those you may have used in the past. From this, build your initial list of vendors to target with your RFx.
    2. Break into smaller groups (or continue as a single group if it is already small) and review each shortlisted vendor to see if they will likely respond to the RFx.
    Input Output
    • Websites
    • Peers
    • Advisory groups
    • A shortlist of vendors to target with your RFx
    Materials Participants
    • RFx Vendor Evaluation Tool
    • CIO
    • Vendor management team
    • Project team
    • Evaluation team

    Download the RFx Vendor Evaluation Tool

    Define your RFx timeline

    Provider RFx timelines need to be clearly defined to keep the project and participants on track. These projects and processes can be long. Set yourself up for success by identifying the time frames clearly and communicating them to participants.

    1. Current
    • Concurrent ERP product selection
    • RFx preparation
    • Release of RFX
  • Near-term
    • Responses received
    • Scoring responses
    • Shortlisting providers
    • Provider interviews
    • Provider selection
    • Provider contract negotiations
    • Contract with provider
  • Future
    • Initiation of knowledge transfer
    • Joint development period
    • Cutover to provider team

    89% of roadmap views have at least some representation of time. (Roadmunk, n.d.)

    Info-Tech Insight

    The true value of time horizons is in dividing your timeline and applying different standards and rules, which allows you to speak to different audiences and achieve different communication objectives.

    3.2.2 Define your RFx timeline

    1-3 hours

    1. As a group identify an appropriate timeline for your RFP process. Info-Tech recommends no less than three months from RFx release to contract signing.

      Keep in mind that you need to allow for time to engage the team and perform some level of knowledge transfer, and to seed the team with internal resources for the initial period.
    2. Leave enough time for vendor responses, interviews, and reference checks.
    3. Once the timeline is finalized, document it and communicate it to the organization.

    Download the RFx Vendor Evaluation Tool

    Input Output
    • RFx template
    • Provider RFx timeline
    Materials Participants
    • RFx Vendor Evaluation Tool
    • Vendor management team
    • Project team
    • Project manager

    Define your RFx timeline

    The image contains a screenshot of an example of an RFx timeline.

    Step 3.3

    Evaluate vendor responses

    Activities

    3.3.1 Evaluate responses

    This step involves the following participants:

    • Evaluation team

    Outcomes of this step

    • Vendor submission scores

    3.3.1 Evaluate responses

    1-3 hours

    1. Use the RFx Vendor Evaluation Tool to collect and record the evaluation team's scores for each vendor's response to your RFx.
    2. Then record and compare each team member's scores to rank the vendors' responses.
    3. The higher the score, the closer the fit.

    Download the RFx Vendor Evaluation Tool

    InputOutput
    • Vendor responses
    • Vendor presentations
    • Vendor scores
    MaterialsParticipants
    • RFx Vendor Evaluation Tool
    • Evaluation team

    3.3.1 Score vendor results

    Use the RFx Vendor Evaluation Tool to score the vendors' responses to your RFx using the weighted scale from Activity 3.1.3.

    The image contains a screenshot of the RFx Vendor Evaluation Tool.

    Download the RFx Vendor Evaluation Tool

    Phase 4

    Measuring the new relationship

    Introspection

    1.1 Assess your market factors

    1.2 Determine your people factors

    1.3 Review your current culture

    1.4 Document your technical factors

    Profiling

    2.1 Recall your sourcing strategy

    2.2 Prioritize your company factors

    2.3 Create target profile

    Partner selection

    3.1 Review your RFx

    3.2 Identify target vendors

    3.3 Evaluate vendor

    responses

    Implementation

    4.1 Engage partner to choose contract mechanism

    4.2 Engage partner team to define goals

    4.3 Choose your success

    metrics

    This phase will allow you to define the relationship with your newly chosen partner, including choosing the right contract mechanism, defining shared goals for the relationship, and selecting the metrics and processes to measure performance.

    This phase involves the following participants:

    IT leadership

    Procurement team

    Product owners

    Project managers

    Implementing the Partner

    Implementing the new partner is an exercise in collaboration

    • Successfully implementing your new partner is an exercise in working together
    1. Define a contract mechanism that is appropriate for the relationship, but is not meant as punitive, contract-based management – this sets you up for failure.
    2. Engage with your team and your partner as one team to build shared, measurable goals
    3. Work with the team to define the metrics and processes by which progress against these goals will be measured
  • Goals, metrics and process should be transparent to the team so all can see how their performance ties to success
  • Make sure to take time to celebrate successes with the whole team as one

    • Info-Tech Insight

    Implement the relationship the same way you want it to work: as one team. Work together on contract mechanism, shared goals, metrics, and performance measurement. This transparency and collaboration will build a one team view, leading to long-term success.

    Step 4.1

    Engage partner to choose contract mechanism

    Activities

    4.1.1 Confirm your contract mechanism

    This step involves the following participants:

    IT leadership

    Procurement team

    Vendor team

    Outcomes of this step

    Contract between the vendor and the firm for the services

    Negotiate agreement

    Evaluate your RFP responses to see if they are complete and if the vendor followed your instructions.

    Then:

    Plan negotiation(s) with one or more vendors based on your questions and opportunities identified during evaluation.

    Select finalist(s).

    Apply selection criteria.

    Resolve vendors' exceptions.

    Negotiate before you select your vendor:

    Negotiating with two or more vendors will maintain your competitive leverage while decreasing the time it takes to negotiate the deal.

    Perform legal reviews as necessary.

    Use sound competitive negotiations principles.

    Info-Tech Insight

    Be certain to include any commitments made in the RFP, presentations, and proposals in the agreement, as the standard for an underperforming vendor.

    Info-Tech Insight

    Providing contract terms in an RFP can dramatically reduce time for this step by understanding the vendor’s initial contractual position for negotiation.

    Leverage ITRG's negotiation process research for additional information

    For more details on this process please see our research Drive Successful Sourcing Outcomes with a Robust RFP Process

    4.1.1 Confirm your contract mechanism

    30 min

    1. Does the firm have prior experience with this type of sourcing arrangement?
    2. Does the firm have an existing services agreement with the selected partner?
    3. What contract mechanisms have been used in the past for these types of arrangements?
    4. What mechanism was proposed by the partner in their RFP response?

    Download the Select a Sourcing Partner Presentation Template

    Input Output
    • Past sourcing agreements from Procurement
    • Proposed agreement from partner
    • Agreed upon contract mechanism
    Materials Participants
    • Select a Sourcing Partner for Your Development Team Presentation template
    • Technology leaders
    • Vendor management group
    • Partner leaders

    Choose the appropriate contract method

    Work being sourced

    Partner proposal

    Agreed-upon mechanism

    Work being sourced

    Vendor management experience with type

    Partner proposed contract method

    Agreed-upon contract method

    Java development team to build new product

    Similar work done with fixed price with another vendor

    Time and materials per scrum team

    Time and materials per scrum team to avoid vendor conflicts inherent in fixed price which limit innovation

    Step 4.2

    Engage partner team to define shared goals

    Activities

    4.2.1 Define your shared goals

    This step involves the following participants:

    IT leadership

    Vendor leadership

    Outcomes of this step

    Shared goals for the team

    Define success and shared goals

    Work together to define how you will measure yourselves.

    One team

    • Treating the new center and the existing team as one team is critical to long-term success.
    • Having a plan that allows for teams to meet frequently face-to-face "get to know you" and "stay connected" sessions will help the team gel.

    Shared goals

    • New group must share common goals and measurements.

    Common understanding

    • New team must have a common understanding and culture on key facets such as:
      • Measurement of quality
      • Openness to feedback and knowledge sharing
      • Culture of collaboration
      • Issue and Risk Management

    4.2.1 Define your shared goals

    30 min

    1. List each item in the scope of work for the sourcing arrangement – e.g. development of product XXX.
    2. For each scope item, detail the benefit expected by the firm – e.g. development cost expected to drop by 10% per year, or customer satisfaction improvement.
    3. For each benefit define how you will measure success – e.g. track cost of development for the development team assigned, or track Customer Satisfaction Survey results.
    4. For each measure, define a target for this year – e.g. 10% decrease over last year's cost, or customer satisfaction improvement from 6 to 7.

    Download the Select a Sourcing Partner Presentation Template

    InputOutput
    • Services being procured from RFx
    • Benefits expected from the sourcing strategy
    • Baseline scores for measurements
    • Shared goals agreed upon between team and partner
    MaterialsParticipants
    • Select a Sourcing Partner for Your Development Team Presentation template
    • Technology leaders
    • Partner leaders

    Define goals collaboratively

    Role and benefit

    Goals and objectives

    Role / work being sourced

    Benefit expected

    Measure of success

    Year over year targets

    Java development team to build new product

    New product to replace aging legacy

    Launch of new product

    Agree on launch schedule and MVP for each release / roadmap

    Step 4.3

    Choose your success metrics

    Activities

    4,3.1 Define metrics and process to monitor

    This step involves the following participants:

    IT leadership

    Product owners

    Project managers

    Vendor leaders

    Outcomes of this step

    Metrics and process to measure performance

    4.3.1 Define metrics and process to monitor

    30 min

    1. For each goal defined and measure of success, break down the measure into quantifiable, measurable factors – e.g. Development cost is defined as all the costs tracked to the project including development, deployment, project management, etc.
    2. For each factor choose the metric that can be reported on – e.g. project actuals.
    3. For each metric define the report and reporting frequency – e.g. monthly project actuals from project manager.

    Download the Select a Sourcing Partner Presentation Template

    InputOutput
    • Development process
    • Deployment process
    • Operations process
    • IT Security policies
    • Documentation of key technical characteristics that need to be part of provider profiling
    MaterialsParticipants
    • Select a Sourcing Partner for Your Development Team Presentation template
    • Development leaders
    • Deployment team leaders
    • Infrastructure leaders
    • IT operations leaders
    • Product owners
    • Project managers

    Agreed-upon metrics

    Goal

    Metrics and process

    Agreed-upon goal

    Year 1 target

    Metric to measure success

    Measurement mechanism

    Deliver roadmap of releases

    3 releases – MVP in roadmap

    Features and stories delivered

    Measure delivery of stories from Jira

    Research Contributor

    The image contains a picture of Alaisdar Graham.

    Alaisdar Graham

    Executive Counsellor

    Info-Tech Research Group

    During Alaisdar’s 35-year career in information and operational technology, Alaisdar has been CIO for public sector organizations and private sector companies. He has been an entrepreneur with his own consultancy and a founder or business advisor with four cyber-security start-ups, Alaisdar has developed experience across a broad range of industries within a number of different countries and become known for his ability to drive business benefits and improvements through the use of technology.

    Alaisdar has worked with CXO-level executives across different businesses. Whether undertaking a digital transformation, building and improving IT functions across your span of control, or helping you create and execute an integrated technology strategy, Alaisdar can provide insight while introducing you to Info-Tech Research Group’s experts. Alaisdar’s experience with organizational turn- around, governance, project, program and portfolio management, change management, risk and security will support your organization’s success.

    Research Contributor

    The image contains a picture of Richard Nachazel.

    Richard Nachazel

    Executive Counsellor

    Info-Tech Research Group

    • Richard has more than 40 years working in various Fortune 500 organizations. His specialties are collaborating with business and IT executives and senior stakeholders to define strategic goals and transform operational protocols, standards, and methodologies. He has established a reputation at multiple large companies for taking charge of critical, high-profile enterprise projects in jeopardy of failure and turning them around. Colleagues and peers recognize his ability to organize enterprise efforts, build, develop, and motivate teams, and deliver outstanding outcomes.
    • Richard has worked as a Global CISO & Head of IT Governance for a Swiss Insurance company, Richard developed and led a comprehensive Cyber-Security Framework that provided leadership and oversight of the cyber-security program. Additionally, he was responsible for their IT Governance Risk & Compliance Operation and the information data security compliance in a complex global environment. Richard’s experience with organizational turn around, governance, risk, and controls, and security supports technology delivery integration with business success. Richard’s ability to engage executive and senior management decision makers and champion vision will prove beneficial to your organization.

    Research Contributor

    The image contains a picture of Craig Broussard.

    Craig Broussard

    Executive Counsellor

    Info-Tech Research Group

    • Craig has over 35 years of IT experience including software development, enterprise system management, infrastructure, and cyber security operations. Over the last 20 years, his focus has been on infrastructure and security along with IT service management. He’s been an accomplished speaker and panelist at industry trade events over the past decade.
    • Craig has served as Global Infrastructure Director for NCH Corporation, VP of Information Technology at ATOS, and earlier in his career as the Global Head of Data Center Services at Nokia Siemens Networks. Craig also worked for MicroSolutions (a Mark Cuban Company). Additionally, Craig received formal consulting training while working for IBM Global Services.
    • Craig’s deep experience across many aspects of IT from Governance through Delivery makes him an ideal partner for Info-Tech members.

    Bibliography

    Offshore, Onshore or Hybrid–Choosing the Best IT Outsourcing Model. (n.d.).
    Offshore Dedicated Development Team – A Compelling Hiring Guide. (n.d.).
    The Three Non-Negotiables Of IT Offshoring. (n.d.). Forbes.
    Top Ten Countries For Offshoring. Forbes, 2004.
    Nearshoring in Europe: Choose the Best Country for IT Outsourcing - The World Financial Review. (n.d.).
    Select an Offshore Jurisdiction. The Best Countries for Business in 2021-2022! | InternationalWealth.info. (n.d.).
    How to Find the Best Country to Set Up an Offshore Company. (n.d.). biz30.
    Akbar, M. A., Alsanad, A., Mahmood, S., & Alothaim, A. (2021). Prioritization-based taxonomy of global software development challenges: A FAHP based analysis. IEEE Access, 9, 37961–37974
    Ali, S. (2018). Practices in Software Outsourcing Partnership: Systematic Literature Review Protocol with Analysis. Journal of Computers, (February), 839–861
    Baird Georgia, A. (2007). MISQ Research Curation on Health Information Technology 2. Progression of Health IT Research in MIS Quarterly. MIS Quarterly, 2007(June), 1–14.
    Akbar, M. A., Alsanad, A., Mahmood, S., & Alothaim, A. (2021). Prioritization-based taxonomy of global software development challenges: A FAHP based analysis. IEEE Access, 9, 37961–37974
    Ali, S. (2018). Practices in Software Outsourcing Partnership: Systematic Literature Review Protocol with Analysis. Journal of Computers, (February), 839–861
    Baird Georgia, A. (2007). MISQ Research Curation on Health Information Technology 2. Progression of Health IT Research in MIS Quarterly. MIS Quarterly, 2007(June), 1–14.
    Carmel, E., & Abbott, P. (2006). Configurations of global software development: offshore versus nearshore. … on Global Software Development for the Practitioner, 3–7.
    Hanafizadeh, P., & Zare Ravasan, A. (2018). A model for selecting IT outsourcing strategy: the case of e-banking channels. Journal of Global Information Technology Management, 21(2), 111–138.
    Ishizaka, A., Bhattacharya, A., Gunasekaran, A., Dekkers, R., & Pereira, V. (2019). Outsourcing and offshoring decision making. International Journal of Production Research, 57(13), 4187–4193.
    Jeong, J. J. (2021). Success in IT offshoring: Does it depend on the location or the company? Arxiv.
    Joanna Minkiewicz, J. E. (2009). Deakin Research Online Online. 2007, Interrelationships between Innovation and Market Orientation in SMEs, Management Research News, Vol. 30, No. 12, Pp. 878-891., 30(12), 878–891.

    Bibliography

    King, W. R., & Torkzadeh, G. (2016). Special Issue Information Systems Offshoring : Research Status and Issues. MIS Quarterly, 32(2), 205–225.
    Kotlarsky, J., & Oshri, I. (2008). Country attractiveness for offshoring and offshore outsourcing: Additional considerations. Journal of Information Technology, 23(4), 228–231.
    Lehdonvirta, V., Kässi, O., Hjorth, I., Barnard, H., & Graham, M. (2019). The Global Platform Economy: A New Offshoring Institution Enabling Emerging-Economy Microproviders. Journal of Management, 45(2), 567–599.
    Mahajan, A. (2018). Risks and Benefits of Using Single Supplier in Software Development. Oulu University of Applied Sciences. Retrieved from
    Murberg, D. (2019). IT Offshore Outsourcing: Best Practices for U.S.-Based Companies. University of Oregon Applied Information Management, 1277(800), 824–2714.
    Nassimbeni, G., Sartor, M., & Dus, D. (2012). Security risks in service offshoring and outsourcing. Industrial Management and Data Systems, 112(3), 405–440.
    Olson, G. M., & Olson, J. S. (2000). Distance matters. Human-Computer Interaction, 15(2–3), 139–178.
    Pilkova, A., & Holienka, M. (2018). Home-Based Business in Visegrad Countries: Gem Perspective. Innovation Management, Entrepreneurship and Sustainability 2018 Proceedings of the 6th International Conference.
    Rahman, H. U., Raza, M., Afsar, P., Alharbi, A., Ahmad, S., & Alyami, H. (2021). Multi-criteria decision making model for application maintenance offshoring using analytic hierarchy process. Applied Sciences (Switzerland), 11(18).
    Rahman, H. U., Raza, M., Afsar, P., Khan, H. U., & Nazir, S. (2020). Analyzing factors that influence offshore outsourcing decision of application maintenance. IEEE Access, 8, 183913–183926.
    Roadmunk. What is a product roadmap? Roadmunk, n.d. Accessed 12 Oct. 2021.
    Rottman, J. W., & Lacity, M. C. (2006). Proven practices for effectively offshoring IT work. MIT Sloan Management Review.
    Smite, D., Moe, N. B., Krekling, T., & Stray, V. (2019). Offshore Outsourcing Costs: Known or Still Hidden? Proceedings - 2019 ACM/IEEE 14th International Conference on Global Software Engineering, ICGSE 2019, 40–47.
    Welsum, D. Van, & Reif, X. (2005). Potential Offshoring: Evidence from Selected OECD Countries. Brookings Trade Forum, 2005(1), 165–194.
    Zhang, Y., Liu, S., Tan, J., Jiang, G., & Zhu, Q. (2018). Effects of risks on the performance of business process outsourcing projects: The moderating roles of knowledge management capabilities. International Journal of Project Management, 36(4), 627–639.

    Implement an IT Chargeback System

    • Buy Link or Shortcode: {j2store}71|cart{/j2store}
    • member rating overall impact: 8.0/10 Overall Impact
    • member rating average dollars saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • member rating average days saved: Read what our members are saying
    • Parent Category Name: Cost & Budget Management
    • Parent Category Link: /cost-and-budget-management
    • Business units voraciously consume IT services and don’t understand the actual costs of IT. This is due to lack of IT cost transparency and business stakeholder accountability for consumption of IT services.
    • Business units perceive IT costs as uncompetitive, resulting in shadow IT and a negative perception of IT.
    • Business executives have decided to implement an IT chargeback program and IT must ensure the program succeeds.

    Our Advice

    Critical Insight

    Price IT services so that business consumers find them meaningful, measurable, and manageable:

    • The business must understand what they are being charged for. If they can’t understand the value, you’ve chosen the wrong basis for charge.
    • Business units must be able to control and track their consumption levels, or they will feel powerless to control costs and you’ll never attain real buy-in.

    Impact and Result

    • Explain IT costs in ways that matter to the business. Instead of focusing on what IT pays for, discuss the value that IT brings to the business by defining IT services and how they serve business users.
    • Develop a chargeback model that brings transparency to the flow of IT costs through to business value. Demonstrate how a good chargeback model can bring about fair “pay-for-value” and “pay-for-what-you-use” pricing.
    • Communicate IT chargeback openly and manage change effectively. Business owners will want to know how their profit and loss statements will be affected by the new pricing model.

    Implement an IT Chargeback System Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should implement an IT chargeback program, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Launch

    Make the case for IT chargeback, then assess the financial maturity of the organization and identify a pathway to success. Create a chargeback governance model.

    • Implement IT Chargeback – Phase 1: Launch
    • IT Chargeback Kick-Off Presentation

    2. Define

    Develop a chargeback model, including identifying user-facing IT services, allocating IT costs to services, and setting up the chargeback program.

    • Implement IT Chargeback – Phase 2: Define
    • IT Chargeback Program Development & Management Tool

    3. Implement

    Communicate the rollout of the IT chargeback model and establish a process for recovering IT services costs from business units.

    • Implement IT Chargeback – Phase 3: Implement
    • IT Chargeback Communication Plan
    • IT Chargeback Rollout Presentation
    • IT Chargeback Financial Presentation

    4. Revise

    Gather and analyze feedback from business owners, making necessary modifications to the chargeback model and communicating the implications.

    • Implement IT Chargeback – Phase 4: Revise
    • IT Chargeback Change Communication Template
    [infographic]

    Workshop: Implement an IT Chargeback System

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Kick-Off IT Chargeback

    The Purpose

    Make the case for IT chargeback.

    Identify the current and target state of chargeback maturity.

    Establish a chargeback governance model.

    Key Benefits Achieved

    Investigated the benefits and challenges of implementing IT chargeback.

    Understanding of the reasons why traditional chargeback approaches fail.

    Identified the specific pathway to chargeback success.

    Activities

    1.1 Investigate the benefits and challenges of implementing IT chargeback

    1.2 Educate business owners and executives on IT chargeback

    1.3 Identify the current and target state of chargeback maturity

    1.4 Establish chargeback governance

    Outputs

    Defined IT chargeback mandate

    IT chargeback kick-off presentation

    Chargeback maturity assessment

    IT chargeback governance model

    2 Develop the Chargeback Model

    The Purpose

    Develop a chargeback model.

    Identify the customers and user-facing services.

    Allocate IT costs.

    Determine chargeable service units.

    Key Benefits Achieved

    Identified IT customers.

    Identified user-facing services and generated descriptions for them.

    Allocated IT costs to IT services.

    Identified meaningful, measurable, and manageable chargeback service units.

    Activities

    2.1 Identify user-facing services and generate descriptions

    2.2 Allocate costs to user-facing services

    2.3 Determine chargeable service units and pricing

    2.4 Track consumption

    2.5 Determine service charges

    Outputs

    High-level service catalog

    Chargeback model

    3 Communicate IT Chargeback

    The Purpose

    Communicate the implementation of IT chargeback.

    Establish a process for recovering the costs of IT services from business units.

    Share the financial results of the charge cycle with business owners.

    Key Benefits Achieved

    Managed the transition to charging and recovering the costs of IT services from business units.

    Communicated the implementation of IT chargeback and shared the financial results with business owners.

    Activities

    3.1 Create a communication plan

    3.2 Deliver a chargeback rollout presentation

    3.3 Establish a process for recovering IT costs from business units

    3.4 Share the financial results from the charge cycle with business owners

    Outputs

    IT chargeback communication plan

    IT chargeback rollout presentation

    IT service cost recovery process

    IT chargeback financial presentation

    4 Review the Chargeback Model

    The Purpose

    Gather and analyze feedback from business owners on the chargeback model.

    Make necessary modifications to the chargeback model and communicate implications.

    Key Benefits Achieved

    Gathered business stakeholder feedback on the chargeback model.

    Made necessary modifications to the chargeback model to increase satisfaction and accuracy.

    Managed changes by communicating the implications to business owners in a structured manner.

    Activities

    4.1 Address stakeholder pain points and highly disputed costs

    4.2 Update the chargeback model

    4.3 Communicate the chargeback model changes and implications to business units

    Outputs

    Revised chargeback model with business feedback, change log, and modifications

    Chargeback change communication

    Review and Improve Your IT Policy Library

    • Buy Link or Shortcode: {j2store}193|cart{/j2store}
    • member rating overall impact: 9.3/10 Overall Impact
    • member rating average dollars saved: $34,724 Average $ Saved
    • member rating average days saved: 14 Average Days Saved
    • Parent Category Name: IT Governance, Risk & Compliance
    • Parent Category Link: /it-governance-risk-and-compliance
    • Your policies are out of date, disorganized, and complicated. They don’t reflect current regulations and don’t actually mitigate your organization’s current IT risks.
    • Your policies are difficult to understand, aren’t easy to find, or aren’t well monitored and enforced for compliance. As a result, your employees don’t care about your policies.
    • Policy issues are taking up too much of your time and distracting you from the real issues you need to address.

    Our Advice

    Critical Insight

    A dynamic and streamlined policy approach will:

    1. Right-size policies to address the most critical IT risks.
    2. Clearly lay out a step-by-step process to complete daily tasks in compliance.
    3. Obtain policy adherence without having to be “the police.”

    To accomplish this, the policy writer must engage their audience early to gather input on IT policies, increase policy awareness, and gain buy-in early in the process.

    Impact and Result

    • Develop more effective IT policies. Clearly express your policy goals and objectives, standardize the approach to employee problem solving, and write policies your employees will actually read.
    • Improve risk coverage. Ensure full coverage on the risk landscape, including legal regulations, and establish a method for reporting, documenting, and communicating risks.
    • Improve employee compliance. Empathize with your employees and use policy to educate, train, and enable them instead of restricting them.

    Review and Improve Your IT Policy Library Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out how to write better policies that mitigate the risks you care about and get the business to follow them, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Assess

    Assess your risk landscape and design a plan to update your policy network based on your most critical risks.

    • Review and Improve Your IT Policy Library – Phase 1: Assess
    • Policy Management RACI Chart Template
    • Policy Management Tool
    • Policy Action Plan

    2. Draft and implement

    Use input from key stakeholders to write clear, consistent, and concise policies that people will actually read and understand. Then publish them and start generating policy awareness.

    • Review and Improve Your IT Policy Library – Phase 2: Draft and Implement
    • Policy Template
    • Policy Communication Plan Template

    3. Monitor, enforce, revise

    Use your policies to create a compliance culture in your organization, set KPIs, and track policy effectiveness.

    • Review and Improve Your IT Policy Library – Phase 3: Monitor, Enforce, Revise
    [infographic]

    Workshop: Review and Improve Your IT Policy Library

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Establish & Assess

    The Purpose

    Identify the pain points associated with IT policies.

    Establish the policy development process.

    Begin formulating a plan to re-design the policy network.

    Key Benefits Achieved

    Establish the policy process.

    Highlight key issues and pain points regarding policy.

    Assign roles and responsibilities.

    Activities

    1.1 Introduce workshop.

    1.2 Identify the current pain points with policy management.

    1.3 Establish high-level goals around policy management.

    1.4 Select metrics to measure achievement of goals.

    1.5 Create an IT policy working group (ITPWG).

    1.6 Define the scope and purpose of the ITPWG.

    Outputs

    List of issues and pain points for policy management

    Set of six to ten goals for policy management

    Baseline and target measured value

    Amended steering committee or ITPWG charter

    Completed RACI chart

    Documented policy development process

    2 Assess Your Risk Landscape & Map Policies to Risks; Create a Policy Action Plan

    The Purpose

    Identify key risks.

    Develop an understanding of which risks are most critical.

    Design a policy network that best mitigates those risks.

    Key Benefits Achieved

    Use a risk-driven approach to decide which policies need to be written or updated first.

    Activities

    2.1 Identify risks at a high level.

    2.2 Assess each identified risk scenario on impact and likelihood.

    2.3 Map current and required policies to risks.

    2.4 Assess policy effectiveness.

    2.5 Create a policy action plan.

    2.6 Select policies to be developed during workshop.

    Outputs

    Ranked list of IT’s risk scenarios

    Prioritized list of IT risks (simplified risk register)

    Policy action plan

    3 Develop Policies

    The Purpose

    Outline what key features make a policy effective and write policies that mitigate the most critical IT risks.

    Key Benefits Achieved

    Write policies that work and get them approved.

    Activities

    3.1 Define the policy audience, constraints, and in-scope and out-of-scope requirements for a policy.

    3.2 Draft two to four policies

    Outputs

    Drafted policies

    4 Create a Policy Communication and Implementation Plan and Monitor & Reassess the Portfolio

    The Purpose

    Build an understanding of how well the organization’s value creation activities are being supported.

    Key Benefits Achieved

    Identify an area or capability that requires improvement.

    Activities

    4.1 Review draft policies and update if necessary.

    4.2 Create a policy communication plan.

    4.3 Select KPIs.

    4.4 Review root-cause analysis techniques.

    Outputs

    Final draft policies

    Policy communications plan

    KPI tracking log

    Reduce Shadow IT With a Service Request Catalog

    • Buy Link or Shortcode: {j2store}302|cart{/j2store}
    • member rating overall impact: 10.0/10 Overall Impact
    • member rating average dollars saved: $129,999 Average $ Saved
    • member rating average days saved: 35 Average Days Saved
    • Parent Category Name: Asset Management
    • Parent Category Link: /asset-management
    • Shadow IT: The IT team is regularly surprised to discover new products within the organization, often when following up on help desk tickets or requests for renewals from business users or vendors.
    • Renewal Management: The contracts and asset teams need to be aware of upcoming renewals and have adequate time to review renewals.
    • Over-purchasing: Contracts may be renewed without a clear picture of usage, potentially renewing unused applications.

    Our Advice

    Critical Insight

    There is a direct correlation between service delivery dissatisfaction and increases in shadow IT. Whether the goal is to reduce shadow IT or gain control, improved customer service and fast delivery are key to making lasting changes.

    Impact and Result

    Our blueprint will help you design a service that draws the business to use it. If it is easier for them to buy from IT than it is to find their own supplier, they will use IT.

    A heavy focus on customer service, design optimization, and automation will provide a means for the business to get what they need, when they need it, and provide visibility to IT and security to protect organizational interests.

    This blueprint will help you:

    • Design the request service
    • Design the request catalog
    • Build the request catalog
    • Market the service

    Reduce Shadow IT With a Service Request Catalog Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Reduce Shadow IT With a Service Request Catalog – A step-by-step document that walks you through creation of a request service management program.

    Use this blueprint to create a service request management program that provides immediate value.

    • Reduce Shadow IT With a Service Request Catalog Storyboard

    2. Nonstandard Request Assessment – A template for documenting requirements for vetting and onboarding new applications.

    Use this template to define what information is needed to vet and onboard applications into the IT environment.

    • Nonstandard Request Assessment

    3. Service Request Workflows – A library of workflows used as a starting point for creating and fulfilling requests for applications and equipment.

    Use this library of workflows as a starting point for creating and fulfilling requests for applications and equipment in a service catalog.

    • Service Request Workflows

    4. Application Portfolio – A template to organize applications requested by the business and identify which items are published in the catalog.

    Use this template as a starting point to create an application portfolio and request catalog.

    • Application Portfolio

    5. Reduce Shadow IT With a Service Request Catalog Communications Template – A presentation and communications plan to announce changes to the service and introduce a catalog.

    Use this template to create a presentation and communications plan for launching the new service and service request catalog.

    • Reduce Shadow IT with a Service Request Catalog Communications Template
    [infographic]

    Workshop: Reduce Shadow IT With a Service Request Catalog

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Design the Service

    The Purpose

    Collaborate with the business to determine service model.

    Collaborate with IT teams to build non-standard assessment process.

    Key Benefits Achieved

    Designed a service for service requests, including new product intake.

    Activities

    1.1 Identify challenges and obstacles.

    1.2 Complete customer journey map.

    1.3 Design process for nonstandard assessments.

    Outputs

    Nonstandard process.

    2 Design the Catalog

    The Purpose

    Design the service request catalog management process.

    Key Benefits Achieved

    Ensure the catalog is kept current and is integrated with IT service catalog if applicable.

    Activities

    2.1 Determine what will be listed in the catalog.

    2.2 Determine process to build and maintain the catalog, including roles, responsibilities, and workflows.

    2.3 Define success and determine metrics.

    Outputs

    Catalog scope.

    Catalog design and maintenance plan.

    Defined success metrics

    3 Build and Market the Catalog

    The Purpose

    Determine catalog contents and how requests will be fulfilled.

    Key Benefits Achieved

    Catalog framework and service level agreements will be defined.

    Create communications documents.

    Activities

    3.1 Determine how catalog items will be displayed.

    3.2 Complete application categories for catalog.

    3.3 Create deployment categories and SLAs.

    3.4 Design catalog forms and deployment workflows.

    3.5 Create roadmap.

    3.6 Create communications plan.

    Outputs

    Catalog workflows and SLAs.

    Roadmap.

    Communications deck.

    4 Breakout Groups – Working Sessions

    The Purpose

    Create an applications portfolio.

    Prepare to populate the catalog.

    Key Benefits Achieved

    Portfolio and catalog contents created.

    Activities

    4.1 Using existing application inventory, add applications to portfolio and categorize.

    4.2 Determine which applications should be in the catalog.

    4.3 Determine which applications are packaged and can be easily deployed.

    Outputs

    Application Portfolio.

    List of catalog items.

    Further reading

    Reduce Shadow IT With a Service Request Catalog

    Foster business partnerships with sourcing-as-a-service.

    Analyst Perspective

    Improve the request management process to reduce shadow IT.

    In July 2022, Ivanti conducted a study on the state of the digital employee experience, surveying 10,000 office workers, IT professionals, and C-suite executives. Results of this study indicated that 49% of employees are frustrated by their tools, and 26% of employees were considering quitting their jobs due to unsuitable tech. 42% spent their own money to gain technology to improve their productivity. Despite this, only 21% of IT leaders prioritized user experience when selecting new tools.

    Any organization’s workers are expected to be productive and contribute to operational improvements or customer experience. Yet those workers don’t always have the tools needed to do the job. One option is to give the business greater control, allowing them to choose and acquire the solutions that will make them more productive. Info-Tech's blueprint Embrace Business-Managed Applications takes you down this path.

    However, if the business doesn’t want to manage applications, but just wants have access to better ones, IT is positioned to provide services for application and equipment sourcing that will improve the employee experience while ensuring applications and equipment are fully managed by the asset, service, and security teams.

    Improving the request management and deployment practice can give the business what they need without forcing them to manage license agreements, renewals, and warranties.

    Photo of Sandi Conrad

    Sandi Conrad
    ITIL Managing Professional
    Principal Research Director, IT Infrastructure & Operations,
    Info-Tech Research Group

    Your challenge

    This research is designed to help organizations that are looking to improve request management processes and reduce shadow IT.

    Shadow IT: The IT team is regularly surprised to discover new products within the organization, often when following up on help desk tickets or requests for renewals from business users or vendors.

    Renewal management: The contracts and asset teams need to be aware of upcoming renewals and have adequate time to review renewals.

    Over-purchasing and over-spending: Contracts may be renewed without a clear picture of utilization, potentially renewing unused applications. Applications or equipment may be purchased at retail price where corporate, government, or educational discounts exist.

    Info-Tech Insight

    To increase the visibility of the IT environment, IT needs to transform the request management process to create a service that makes it easier for the business to access the tools they need rather than seeking them outside of the organization.

    609
    Average number of SaaS applications in large enterprises

    40%
    On average, only 60% of provisioned SaaS licenses are used, with the remaining 40% unused.

    — Source: Zylo, SaaS Trends for IT Leaders, 2022

    Common obstacles

    Too many layers of approvals and a lack of IT workers makes it difficult to rethink service request fulfillment.

    Delays: The business may not be getting the applications they need from IT to do their jobs or must wait too long to get the applications approved.

    Denials: Without IT’s support, the business is finding alternative options, including SaaS applications, as they can be bought and used without IT’s input or knowledge.

    Threats: Applications that have not been vetted by security or installed without their knowledge may present additional threats to the organization.

    Access: Self-serve isn’t mature enough to support an applications catalog.

    A diagram that shows the number of SaaS applications being acquired outside of IT is increasing year over year, and that business units are driving the majority of SaaS spend.

    8: average number of applications entering the organization every 30 days

    — Source: Zylo, SaaS Trends for Procurement, 2022

    Info-Tech’s approach

    Improve the request management process to create sourcing-as-a-service for the business.

    • Improve customer service
    • Reduce shadow IT
    • Gain control in a way that keeps the business happy

    1. Design the service

    Collaborate with the business

    Identify the challenges and obstacles

    Gain consensus on priorities

    Design the service

    2. Design the catalog

    Determine catalog scope

    Create a process to build and maintain the catalog

    Define metrics for the request management process

    3. Build the catalog

    Determine descriptions for catalog items

    Create definitions for license types, workflows, and SLAs

    Create application portfolio

    Design catalog forms and workflows

    4. Market the service

    Create a roadmap

    Determine messaging

    Build a communications plan

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Communications Presentation

    Photo of Communications Presentation

    Application Portfolio

    Photo of Application Portfolio

    Visio Library

    Photo of Visio Library

    Nonstandard Request Assessment

    Photo of Nonstandard Request Assessment

    Create a request management process and service catalog to improve delivery of technology to the business

    Lay the Strategic Foundations of Your Applications Team

    • Buy Link or Shortcode: {j2store}171|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Architecture & Strategy
    • Parent Category Link: /architecture-and-strategy
    • As an application leader, you are expected to quickly familiarize yourself with the current state of your applications environment.
    • You need to continuously demonstrate effective leadership to your applications team while defining and delivering a strategy for your applications department that will be accepted by stakeholders.

    Our Advice

    Critical Insight

    • The applications department can be viewed as the face of IT. The business often portrays the value of IT through the applications and services they provide and support. IT success can be dominantly driven by the application team’s performance.
    • Conflicting perceptions lead to missed opportunities. Being transparent on how well applications are supporting stakeholders from both business and technical perspectives is critical. This attribute helps validate that technical initiatives are addressing the right business problems or exploiting new value opportunities.

    Impact and Result

    • Get to know what needs to be changed quickly. Use Info-Tech’s advice and tools to perform an assessment of your department’s accountabilities and harvest stakeholder input to ensure that your applications operating model and portfolio meets or exceeds expectations and establishes the right solutions to the right problems.
    • Solidify the applications long-term strategy. Adopt best practices to ensure that you are striving towards the right goals and objectives. Not only do you need to clarify both team and stakeholder expectations, but you will ultimately need buy-in from them as you improve the operating model, applications portfolio, governance, and tactical plans. These items will be needed to develop your strategic model and long-term success.
    • Develop an action plan to show movement for improvements. Hit the ground running with an action plan to achieve realistic goals and milestones within an acceptable timeframe. An expectations-driven roadmap will help establish the critical structures that will continue to feed and grow your applications department.

    Lay the Strategic Foundations of Your Applications Team Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should develop an applications strategy, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Get to know your team

    Understand your applications team.

    • Lay the Strategic Foundations of Your Applications Team – Phase 1: Get to Know Your Team
    • Applications Strategy Template
    • Applications Diagnostic Tool

    2. Get to know your stakeholders

    Understand your stakeholders.

    • Lay the Strategic Foundations of Your Applications Team – Phase 2: Get to Know Your Stakeholders

    3. Develop your applications strategy

    Design and plan your applications strategy.

    • Lay the Strategic Foundations of Your Applications Team – Phase 3: Develop Your Applications Strategy
    [infographic]

    Workshop: Lay the Strategic Foundations of Your Applications Team

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Get to Know Your Team

    The Purpose

    Understand the expectations, structure, and dynamics of your applications team.

    Review your team’s current capacity.

    Gauge the team’s effectiveness to execute their operating model.

    Key Benefits Achieved

    Clear understanding of the current responsibilities and accountabilities of your teams.

    Identification of improvement opportunities based on your team’s performance.

    Activities

    1.1 Define your team’s role and responsibilities.

    1.2 Understand your team’s application and project portfolios.

    1.3 Understand your team’s values and expectations.

    1.4 Gauge your team’s ability to execute your operating model.

    Outputs

    Current team structure, RACI chart, and operating model

    Application portfolios currently managed by applications team and projects currently committed to

    List of current guiding principles and team expectations

    Team effectiveness of current operating model

    2 Get to Know Your Stakeholders

    The Purpose

    Understand the expectations of stakeholders.

    Review the services stakeholders consume to support their applications.

    Gauge stakeholder satisfaction of the services and applications your team provides and supports.

    Key Benefits Achieved

    Grounded understanding of the drivers and motivators of stakeholders that teams should accommodate.

    Identification of improvement opportunities that will increase the value your team delivers to stakeholders.

    Activities

    2.1 Understand your stakeholders and applications services.

    2.2 Define stakeholder expectations.

    2.3 Gauge stakeholder satisfaction of applications services and portfolio.

    Outputs

    Expectations stakeholders have on the applications team and the applications services they use

    List of applications expectations

    Stakeholder satisfaction of current operating model

    3 Develop Your Applications Strategy

    The Purpose

    Align and consolidate a single set of applications expectations.

    Develop key initiatives to alleviate current pain points and exploit existing opportunities to deliver new value.

    Create an achievable roadmap that is aligned to organizational priorities and accommodate existing constraints.

    Key Benefits Achieved

    Applications team and stakeholders are aligned on the core focus of the applications department.

    Initiatives to address the high priority issues and opportunities.

    Activities

    3.1 Define your applications expectations.

    3.2 Investigate your diagnostic results.

    3.3 Envision your future state.

    3.4 Create a tactical plan to achieve your future state.

    3.5 Finalize your applications strategy.

    Outputs

    List of applications expectations that accommodates the team and stakeholder needs

    Root causes to issues and opportunities revealed in team and stakeholder assessments

    Future-state applications portfolio, operating model, supporting people, process, and technologies, and applications strategic model

    Roadmap that lays out initiatives to achieve the future state

    Completed applications strategy

    Develop an IT Asset Management Strategy

    • Buy Link or Shortcode: {j2store}295|cart{/j2store}
    • member rating overall impact: 8.5/10 Overall Impact
    • member rating average dollars saved: $52,211 Average $ Saved
    • member rating average days saved: 31 Average Days Saved
    • Parent Category Name: Asset Management
    • Parent Category Link: /asset-management

    You have a mandate to create an accurate and actionable database of the IT assets in your environment, but:

    • The data you have is often incomplete or wrong.
    • Processes are broken or non-existent.
    • Your tools aren’t up to the task of tracking ever more hardware, software, and relevant metadata.
    • The role of stakeholders outside the core ITAM team isn’t well defined or understood.

    Our Advice

    Critical Insight

    ITAM is a foundational IT service that provides accurate, accessible, actionable data on IT assets. But there’s no value in data for data’s sake. Enable collaboration between IT asset managers, business leaders, and IT leaders to develop an ITAM strategy that maximizes the value they can deliver as service providers.

    Impact and Result

    • Develop an approach and strategy for ITAM that is sustainable and aligned with your business priorities.
    • Clarify the structure for the ITAM program, including scope, responsibility and accountability, centralization vs. decentralization, outsourcing vs. insourcing, and more.
    • Create a practical roadmap to guide improvement.
    • Summarize your strategy and approach using Info-Tech’s templates for review with stakeholders.

    Develop an IT Asset Management Strategy Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Develop an IT Asset Management Strategy – A methodology to create a business-aligned, coherent, and durable approach to ITAM.

    This two-phase, step-by-step methodology will guide you through the activities to build a business-aligned, coherent, and durable approach to ITAM. Review the executive brief at the start of the slide deck for an overview of the methodology and the value it can provide to your organization.

    • Develop an IT Asset Management Strategy – Phases 1-2

    2. ITAM Strategy Template – A presentation-ready repository for the work done as you define your ITAM approach.

    Use this template to document your IT asset management strategy and approach.

    • ITAM Strategy Template

    3. IT Asset Estimations Tracker – A rough-and-ready inventory exercise to help you evaluate the work ahead of you.

    Use this tool to estimate key data points related to your IT asset estate, as well as your confidence in your estimates.

    • IT Asset Estimations Tracker

    Infographic

    Workshop: Develop an IT Asset Management Strategy

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Identify ITAM Priorities & Goals, Maturity, Metrics and KPIs

    The Purpose

    Align key stakeholders to the potential strategic value of the IT asset management practice.

    Ensure the ITAM practice is focused on business-aligned goals.

    Key Benefits Achieved

    Define a business-aligned direction and expected outcomes for your ITAM program.

    Activities

    1.1 Brainstorm ITAM opportunities and challenges.

    1.2 Conduct an executive alignment working session.

    1.3 Set ITAM priorities, goals and tactics.

    1.4 Identify target and current state ITAM maturity.

    Outputs

    ITAM opportunities and challenges

    Align executive priorities with ITAM opportunities.

    ITAM metrics and KPIs

    ITAM maturity

    2 Identify Your Approach to Support ITAM Priorities and Goals

    The Purpose

    Translate goals into specific and coherent actions to enable your ITAM practice to deliver business value.

    Key Benefits Achieved

    A business-aligned approach to ITAM, encompassing scope, structure, tools, audits, budgets, documentation and more.

    A high-level roadmap to achieve your vision for the ITAM practice.

    Activities

    2.1 Define ITAM scope.

    2.2 Acquire ITAM services (outsourcing and contracting).

    2.3 Centralize or decentralize ITAM capabilities.

    2.4 Create a RACI for the ITAM practice.

    2.5 Align ITAM with other service management practices.

    2.6 Evaluate ITAM tools and integrations.

    2.7 Create a plan for internal and external audits.

    2.8 Improve your budget processes.

    2.9 Establish a documentation framework.

    2.10 Create a roadmap and communication plan.

    Outputs

    Your ITAM approach

    ITAM roadmap and communication plan

    Further reading

    Develop an IT Asset Management Strategy

    Define your business-aligned approach to ITAM.

    Table of Contents

    4 Analyst Perspective

    5 Executive Summary

    17 Phase 1: Establish Business-Aligned ITAM Goals and Priorities

    59 Phase 2: Support ITAM Goals and Priorities

    116 Bibliography

    Develop an IT Asset Management Strategy

    Define your business-aligned approach to ITAM.

    EXECUTIVE BRIEF

    Analyst Perspective

    Track hardware and software. Seems easy, right?

    It’s often taken for granted that IT can easily and accurately provide definitive answers to questions like “how many laptops do we have at Site 1?” or “do we have the right number of SQL licenses?” or “how much do we need to budget for device replacements next year?” After all, don’t we know what we have?

    IT can’t easily provide these answers because to do so you must track hardware and software throughout its lifecycle – which is not easy. And unfortunately, you often need to respond to these questions on very short notice because of an audit or to support a budgeting exercise.

    IT Asset Management (ITAM) is the solution. It’s not a new solution – the discipline has been around for decades. But the key to success is to deploy the practice in a way that is sustainable, right-sized, and maximizes value.

    Use our practical methodology to develop and document your approach to ITAM that is aligned with the goals of your organization.

    Photo of Andrew Sharp, Research Director, Infrastructure & Operations Practice, Info-Tech Research Group.

    Andrew Sharp
    Research Director
    Infrastructure & Operations Practice
    Info-Tech Research Group

    		Realize the value of asset management

    Cost optimization, application rationalization and reduction of technical debt are all considered valuable to right-size spending and improve service outcomes. Without access to accurate data, these activities require significant investments of time and effort, starting with creation of point-in-time inventories, which lengthens the timeline to reaching project value and may still not be accurate.

    Cost optimization and reduction of technical debt should be part of your culture and technical roadmap rather than one-off projects. Why? Access to accurate information enables the organization to quickly make decisions and pivot plans as needed. Through asset management, ongoing harvest and redeployment of assets improves utilization-to-spend ratios. We would never see any organization saying, “We’ve closed our year end books, let’s fire the accountants,” but often see this valuable service relegated to the back burner. Similar to the philosophy that “the best time to plant a tree is 20 years ago and the next best time is now,” the sooner you can start to collect, validate, and analyze data, the sooner you will find value in it.

    Photo of Sandi Conrad, Principal Research Director, Infrastructure & Operations Practice, Info-Tech Research Group.

    Sandi Conrad
    Principal Research Director
    Infrastructure & Operations Practice
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    You have a mandate to create an accurate and actionable database of the IT assets in your environment, but:

    • The data you have is often incomplete or wrong.
    • Processes are broken or non-existent.
    • Your tools aren’t up to the task of tracking ever more hardware, software, and relevant metadata.
    • The role of stakeholders outside the core ITAM team isn’t well defined or understood.
    		 Common Obstacles

    It is challenging to make needed changes because:

    • There’s cultural resistance to asset tracking, it’s seen as busywork that doesn’t clearly create value.
    • Decentralized IT teams aren’t generating the data required to track hardware and licenses.
    • ITAM can’t direct needed tool improvements because the admins don’t report to ITAM.
    • It’s hard to find time to improve processes given the day-to-day demands on your time.
    		 Info-Tech’s Approach
    • Develop an approach and strategy for ITAM that is sustainable and aligned with your business priorities.
    • Clarify the structure for the ITAM program, including scope, responsibility and accountability, centralization vs. decentralization, outsourcing vs. insourcing, and more.
    • Create a practical roadmap to guide improvement.
    • Summarize your strategy and approach using Info-Tech’s templates for review with stakeholders.

    Info-Tech Insight

    ITAM is a foundational IT service that provides accurate, accessible, actionable data on IT assets. But there’s no value in data for data’s sake. Enable collaboration between IT asset managers, business leaders, and IT leaders to develop an ITAM strategy that maximizes the value they can deliver as service providers.

    Unlock business value with IT asset management

    • IT asset management (ITAM) is the practice of maintaining accurate, accessible, and actionable data on the assets within the organization’s IT estate. Each IT asset will have a record that tracks it across its lifecycle from purchase to disposal.
    • ITAM’s value is realized through other processes and practice areas that can leverage ITAM data to manage risk, improve IT services, and control costs.
    • Develop an approach to ITAM that maximizes the value delivered to the business and IT. ITAM succeeds when its partners succeed at delivering business value, and it fails when it doesn’t show value to those partners.

    This blueprint will help you develop your approach for the management of IT hardware and software, including cloud services. Leverage other Info-Tech methodologies to dive directly into developing hardware asset management procedures, software asset management procedures, or to implement configuration management best practices.

    Info-Tech Members report significant savings from implementing our hardware and software asset management frameworks. In order to maximize value from the process-focused methodologies below, develop your ITAM strategy first.

    Implement Hardware Asset Management (Based on Info-Tech Measured Value Surveys results from clients working through these blueprints, as of February 2022.)

    9.6/10

    $23k

    32
    Overall Impact Average $ Saved Average Days Saved
    Implement Software Asset Management (Based on Info-Tech Measured Value Surveys results from clients working through these blueprints, as of February 2022.)

    9.0/10

    $12k

    5
    Overall Impact Average $ Saved Average Days Saved

    ITAM provides both early and ongoing value

    ITAM isn’t one-and-done. Properly supported, your ITAM practice will deliver up-front value that will help demonstrate the value ongoing ITAM can offer through the maintenance of an accurate, accessible, and actionable ITAM database.

    Example: Software Savings from ITAM



    This chart shows the money saved between the first quote and the final price for software and maintenance by a five-person ITAM team. Over a year and a half, they saved their organization a total of $7.5 million from a first quote total of $21 million over that period.

    This is a perfect example of the direct value that ITAM can provide on an ongoing basis to the organization, when properly supported and integrated with IT and the business.

    Examples of up-front value delivered in the first year of the ITAM practice:

    • Save money by reviewing and renegotiating critical, high-spend, and undermanaged software and service contracts.
    • Redeploy or dispose of clearly unused hardware and software.
    • Develop and enforce standards for basic hardware and software.
    • Improve ITAM data quality and build trust in the results.

    Examples of long-term value from ongoing governance, management, and operational ITAM activities:

    • Optimize spend: Reallocate unused hardware and software, end unneeded service agreements, and manage renewals and audits.
    • Reduce risk: Provide comprehensive asset data for security controls development and incident management; manage equipment disposal.
    • Improve IT service: Support incident, problem, request, and change management with ITAM data. Develop new solutions with an understanding of what you have already.

    Common obstacles

    The rulebook is available, but hard to follow
    • ITAM takes a village, but stakeholders aren’t aware of their role. ITAM processes rely on technicians to update asset records, vendors to supply asset data, administrators to manage tools, leadership to provide direction and support, and more.
    • Constant change in the IT and business environment undermines the accuracy of ITAM records (e.g. licensing and contract changes, technology changes that break discovery tools, personnel and organizational changes).
    • Improvement efforts are overwhelmed by day-to-day activities. One study found that 83% of SAM teams’ time is consumed by audit-related activities. (Flexera State of ITAM Report 2022) A lack of improvement becomes a vicious cycle when stakeholders who don’t see the value of ITAM decline to dedicate resources for improvement.
    • Stakeholders expect ITAM tools to be a cure-all, but even at their best, they can’t provide needed answers without some level of configuration, manual input, and supervision.
    • There’s often a struggle to connect ITAM to value. For example, respondents to Info-Tech’s Management & Governance Diagnostic consistently rank ITAM as less important than other processes that ITAM directly supports (e.g. budget management and budget optimization). (Info-Tech MGD Diagnostic (n=972 unique organizations))
    		 ITAM is a mature discipline with well-established standards, certifications, and tools, but we still struggle with it.
    • Only 28% of SAM teams track IaaS and PaaS spend, and only 35% of SAM teams track SaaS usage.
    • Increasing SAM maturity is a challenge for 76% of organizations.
    • 10% of organizations surveyed have spent more than $5 million in the last three years in audit penalties and true-ups.
    • Half of all of organizations lack a viable SAM tool.
    • Seventy percent of SAM teams have a shortfall of qualified resources.
      • (Flexera State of ITAM Report 2022)

    Info-Tech's IT Asset Management Framework (ITAM)

    Adopt, manage, and mature activities to enable business value thorugh actionable, accessible, and accurate ITAM data

    Logo for Info-Tech Research Group. Enable Business Value Logo for #iTRG.
    Business-Aligned Spend
    Optimization and Transparency
    Facilitate IT Services
    and Products
    Actionable, Accessible,
    and Accurate Data
    Context-Aware Risk Management
    and Security Controls

    Plan & Govern

    Business Goals, Risks, and Structure
    • ITAM Goals & Priorities
    • Roles, Accountability, Responsibilities
    • Scope
    Ongoing Management Commitment
    • Resourcing & Funding
    • Policies & Enforcement
    • Continuous Improvement
    Culture
    • ITAM Education, Awareness & Training
    • Organizational Change Management
    		 Section title 'Operate' with a cycle surrounding key components of Operate: 'Data Collection & Validation', 'Tool Administration', 'License Management', and 'Lease Management'. The cycle consists of 'Request', 'Procure', 'Receive', 'Deploy', 'Manage', 'Retire & Dispose', and back to 'Request'.

    Build & Manage

    Tools & Data
    • ITAM Tool Selection & Deployment
    • Configuration Management Synchronization
    • IT Service Management Integration
    Process
    • Process Management
    • Data & Process Audits
    • Document Management
    People, Policies, and Providers
    • Stakeholder Management
    • Technology Standardization
    • Vendor & Contract Management

    Info-Tech Insight

    ITAM is a foundational IT service that provides actionable, accessible, and accurate data on IT assets. But there's no value in data for data's sake. Use this methodology to enable collaboration between ITAM, the business, and IT to develop an approach to ITAM that maximizes the value the ITAM team can deliver as service providers.

    Key deliverable

    IT asset management requires ongoing practice – you can’t just implement it and walk away.

    Our methodology will help you build a business-aligned strategy and approach for your ITAM practice with the following outputs:

    • Business-aligned ITAM priorities, opportunities, and goals.
    • Current and target state ITAM maturity.
    • Metrics and KPIs.
    • Roles, responsibilities, and accountability.
    • Insourcing, outsourcing, and (de)centralization.
    • Tools and technology.
    • A documentation framework.
    • Initiatives, a roadmap, and a communication plan.
    		 Each step of this blueprint is designed to help you create your IT asset management strategy:
    Sample of Info-Tech's key deliverable 'IT Asset Management' blueprint.

    Info-Tech’s methodology to develop an IT asset management strategy

    1. Establish business-aligned ITAM goals and priorities 2. Identify your approach to support ITAM priorities and goals
    Phase Steps
    • 1.1 Define ITAM and brainstorm opportunities and challenges.
      • Executive Alignment Working Session:
    • 1.2 Review organizational priorities, strategy, and key initiatives.
    • 1.3 Align executive priorities with ITAM opportunities and priorities.
    • 1.4 Identify business-aligned ITAM goals and target maturity.
    • 1.5 Write mission and vision statements.
    • 1.6 Define ITAM metrics and KPIs.
    • 2.1 Define ITAM scope.
    • 2.2 Acquire ITAM services (outsourcing and contracting).
    • 2.3 Centralize or decentralize ITAM capabilities.
    • 2.4 Create a RACI for the ITAM practice.
    • 2.5 Align ITAM with other service management practices.
    • 2.6 Evaluate ITAM tools and integrations.
    • 2.7 Create a plan for internal and external audits.
    • 2.8 Improve your budget processes.
    • 2.9 Establish a documentation framework.
    • 2.10 Create a roadmap and communication plan.
    Phase Outcomes Defined, business-aligned goals and priorities for ITAM. Establish an approach to achieving ITAM goals and priorities including scope, structure, tools, service management integrations, documentation, and more.
    Project Outcomes Develop an approach and strategy for ITAM that is sustainable and aligned with your business priorities.

    Insight Summary

    There’s no value in data for data’s sake

    ITAM is a foundational IT service that provides accurate, accessible, actionable data on IT assets. Enable collaboration between IT asset managers, business leaders, and IT leaders to develop an approach to ITAM that maximizes the value they can deliver as service providers.

    Service provider to a service provider

    ITAM is often viewed (when it’s viewed at all) as a low-value administrative task that doesn’t directly drive business value. This can make it challenging to build a case for funding and resources.

    Your ITAM strategy is a critical component to help you define how ITAM can best deliver value to your organization, and to stop creating data for the sake of data or just to fight the next fire.

    Collaboration over order-taking

    To align ITAM practices to deliver organizational value, you need a very clear understanding of the organization’s goals – both in the moment and as they change over time.

    Ensure your ITAM team has clear line of sight to business strategy, objectives, and decision-makers, so you can continue to deliver value as priorities change

    Embrace dotted lines

    ITAM teams rely heavily on staff, systems, and data beyond their direct area of control. Identify how you will influence key stakeholders, including technicians, administrators, and business partners.

    Help them understand how ITAM success relies on their support, and highlight how their contributions have created organizational value to encourage ongoing support.

    Project benefits

    Benefits for IT
    • Set a foundation and direction for an ITAM practice that will allow IT to manage risk, optimize spend, and enhance services in line with business requirements.
    • Establish accountability and responsibility for essential ITAM activities. Decide where to centralize or decentralize accountability and authority. Identify where outsourcing could add value.
    • Create a roadmap with concrete, practical next steps to develop an effective, right-sized ITAM practice.
    		 Stock image of a trophy. Benefits for the business
    • Plan and control technology spend with confidence based on trustworthy ITAM data.
    • Enhance IT’s ability to rapidly and effectively support new priorities and launch new projects. Effective ITAM can support more streamlined procurement, deployment, and management of assets.
    • Implement security controls that reflect your total technology footprint. Reduce the risk that a forgotten device or unmanaged software turns your organization into the next Colonial Pipeline.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting
    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI around 12 calls over the course of 6 months.

    What does a typical GI on this topic look like?

    Call #1: Scope requirements, objectives, and your specific challenges.

    Call #2: Review business priorities.

    Call #3: Identify ITAM goals & target maturity.

    		Call #4: Identify metrics and KPIs. Call #5: Define ITAM scope.

    Call #6: Acquire ITAM services.

    		Call #7: ITAM structure and RACI.

    Call #8: ITAM and service management.

    Tools and integrations.

    		Call #10: Internal and external audits.

    Call #11: Budgets & documentation

    Call #12: Roadmap, comms plan. Wrap-up.

    Phase 1 Phase 2

    Workshop Overview
    Contact your account representative for more information.
    workshops@infotech.com1-888-670-8889
    Day 1 Day 2 Day 3 Day 4 Day 5
    Identify ITAM priorities & goals, maturity, metrics and KPIs
    Identify your approach to support ITAM priorities and goals
    Next Steps and wrap-Up (offsite)
    Activities

    1.1 Define ITAM.

    1.2 Brainstorm ITAM opportunities and challenges.

    Conduct an executive alignment working session:

    1.3 Review organizational priorities, strategy, and key initiatives.

    1.4 Align executive priorities with ITAM opportunities.

    1.5 Set ITAM priorities.

    2.1 Translate opportunities into ITAM goals and tactics.

    2.2 Identify target and current state ITAM maturity.

    2.3 Create mission and vision statements.

    2.4 Identify key ITAM metrics and KPIs.

    3.1 Define ITAM scope.

    3.2 Acquire ITAM services (outsourcing and contracting)

    3.3 Centralize or decentralize ITAM capabilities.

    3.4 Create a RACI for the ITAM practice.

    3.5 Align ITAM with other service management practices.

    3.6 Evaluate ITAM tools and integrations.

    4.1 Create a plan for internal and external audits.

    4.2 Improve your budget processes.

    4.3 Establish a documentation framework and identify documentation gaps.

    4.4 Create a roadmap and communication plan.

    5.1 Complete in-progress deliverables from previous four days.

    5.2 Set up review time for workshop deliverables and to discuss next steps.

    Deliverables
    1. ITAM opportunities and challenges.
    2. Align executive priorities with ITAM opportunities.
    3. Set ITAM priorities.
    1. ITAM goals and tactics.
    2. Current and target ITAM maturity.
    3. Mission and vision statements.
    4. ITAM metrics and KPIs.
    1. Decisions that will shape your ITAM approach, including:
      1. What’s in scope (hardware, software, and cloud services).
      2. Where to centralize, decentralize, or outsource ITAM activities.
      3. Accountability, responsibility, and structure for ITAM activities.
      4. Service management alignment, tooling gaps, audit plans, budget processes, and required documentation.
    2. A roadmap and communication plan.
    1. Your completed ITAM strategy template.
    Develop an IT Asset Management Strategy

    Phase 1:

    Establish business-aligned ITAM goals and priorities

    Phase 1

    1.1 Define ITAM and brainstorm opportunities and challenges.

    Executive Alignment Working Session:

    1.2 Review organizational priorities, strategy, and key initiatives.

    1.3 Align executive priorities with ITAM opportunities & priorities.

    1.4 Identify business-aligned ITAM goals and target maturity.

    1.5 Write mission and vision statements.

    1.6 Define ITAM metrics and KPIs.

    Phase 2

    2.1 Define ITAM scope.

    2.2 Acquire ITAM services (outsourcing and contracting).

    2.3 Centralize or decentralize ITAM capabilities.

    2.4 Create a RACI for the ITAM practice.

    2.5 Align ITAM with other service management practices.

    2.6 Evaluate ITAM tools and integrations.

    2.7 Create a plan for internal and external audits.

    2.8 Improve your budget processes.

    2.9 Establish a documentation framework.

    2.10 Create a roadmap and communication plan.

    Phase Outcomes:

    Defined, business-aligned goals, priorities, and KPIs for ITAM. A concise vision and mission statement. The direction you need to establish a practical, right-sized, effective approach to ITAM for your organization.

    Before you get started

    Set yourself up for success with these three steps:
    • This methodology and the related slides are intended to be executed via intensive, collaborative working sessions using the rest of this slide deck.
    • Ensure the working sessions are a success by working through these steps before you start work on your IT asset management strategy.

    1. Identify participants

    Review recommended roles and identify who should participate in the development of your ITAM strategy.

    2. Estimate assets managed today

    Work through an initial assessment to establish ease of access to ITAM data and your level of trust in the data available to you.

    3. Create a working folder

    Create a repository to house your notes and any work in progress, including your copy of the ITAM Strategy Template.

    0.1 Identify participants

    30 minutes

    Output: List of key roles for the strategy exercises outlined in this methodology

    Participants: Project sponsor, Lead facilitator, ITAM manager and SMEs

    This methodology relies on having the right stakeholders in the room to identify ITAM goals, challenges, roles, structure, and more. On each activity slide in this deck, you’ll see an outline of the recommended participants. Use the table below to translate the recommended roles into specific people in your organization. Note that some people may fill multiple roles.

    Role Expectations People
    Project Sponsor Accountable for the overall success of the methodology. Ideally, participates in all exercises in this methodology. May be the asset manager or whoever they report to. Jake Long
    Lead Facilitator Leads, schedules, and manages all working sessions. Guides discussions and ensures activity outputs are completed. Owns and understands the methodology. Has a working knowledge of ITAM. Robert Loblaw
    Asset Manager(s) SME for the ITAM practice. Provides strategic direction to mature ITAM practices in line with organizational goals. Supports the facilitator. Eve Maldonado
    ITAM Team Hands-on ITAM professionals and SMEs. Includes the asset manager. Provide input on tactical ITAM opportunities and challenges. Bruce Wayne, Clark Kent
    IT Leaders & Managers Leaders of key stakeholder groups from across the IT department – the CIO and direct reports. Provide input on what IT needs from ITAM, and the role their teams should play in ITAM activities. May include delegates, particularly those familiar with day-to-day processes relevant to a particular discussion or exercise. Marcelina Hardy, Edmund Broughton
    ITAM Business Partners Non-IT business stakeholders for ITAM. This could include procurement, vendor management, accounting, and others. Zhang Jin, Effie Lamont
    Business Executives Organizational leaders and executives (CFO, COO, CEO, and others) or their delegates. Will participate in a mini-workshop to identify organizational goals and initiatives that can present opportunities for the ITAM practice. Jermaine Mandar, Miranda Kosuth

    0.2 Estimate asset numbers

    1 hour

    Output: Estimates of quantity and spend related to IT assets, Confidence/margin of error on estimates

    Participants: IT asset manager, ITAM team

    What do you know about your current IT environment, and how confident are you in that knowledge?

    This exercise will help you evaluate the size of the challenge ahead in terms of the raw number of assets in your environment, the spend on those assets, and the level of trust your organization has in the ITAM data.

    It is also a baseline snapshot your ability to relay key ITAM metrics quickly and confidently, so you can measure progress (in terms of greater confidence) over time.

    1. Download the estimation tracker below. Add any additional line items that are particularly important to the organization.
    2. Time-box this exercise to an hour. Use your own knowledge and existing data repositories to identify count/spend for each line item, then add a margin of error to your guess. Larger margins of error on larger counts will typically indicate larger risks.
    3. Track any assumptions, data sources used, or SMEs consulted in the comments.

    Download the IT Asset Estimation Tracker

    “Any time there is doubt about the data and it doesn’t get explained or fixed, then a new spreadsheet is born. Data validation and maintenance is critical to avoid the hidden costs of having bad data”

    Allison Kinnaird,
    Operations Practice Lead,
    Info-Tech Research Group

    0.3 Create a working folder

    15 minutes

    Output: A repository for templates and work in progress

    Participants: Lead facilitator

    Create a central repository for collaboration – it seems like an obvious step, but it’s one that gets forgotten about
    1. Download a copy of the ITAM Strategy Template.
      1. This will be the repository for all the work you do in the activities listed in this blueprint; take a moment to read it through and familiarize yourself with the contents.
    2. House the template in a shared repository that can house other related work in progress. Share this folder with participants so they can check in on your progress.
    3. You’ll see this callout box: Add your results to your copy of the ITAM Strategy Template as you work through activities in this blueprint. Copy the output to the appropriate slide in the ITAM Strategy Template.
    		 Stock image of a computer screen with a tiny person putting likes on things.

    Collect action items as you go

    Don’t wait until the end to write down your good ideas.
    • The last exercise in this methodology is to gather everything you’ve learned and build a roadmap to improve the ITAM practice.
    • The output of the exercises will inform the roadmap, as they will highlight areas with opportunities for improvement.
    • Write them down as you work through the exercises, or you risk forgetting valuable ideas.
    • Keep an “idea space” – a whiteboard with sticky notes or a shared document – to which any of your participants can post an idea for improvement and that you can review and consolidate later.
    • Encourage participants to add their ideas at any time during the exercises.
    		 Pad of sticky notes, the top of which reads 'Good ideas go here!'

    Step 1.1: Brainstorm ITAM opportunities and challenges

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers
    • ITAM business partners

    Outcomes

    • Rally the working group around a collection of ideas that, when taken together, create a vision for the future ITAM practice.
    • Identify your organization’s current ITAM challenges.

    “ITAM is a cultural shift more than a technology shift.” (Rory Canavan, SAM Charter)

    What is an IT Asset?

    Any piece of technology can be considered an asset, but it doesn’t mean you need to track everything. Image of three people building a computer from the inside.
    Icon of a power button.

    According to the ISO 19770 standard on ITAM, an IT Asset is “[an] item, thing, or entity that can be used to acquire, process, store and distribute digital information and has potential or actual value to an organization.”
    These are all things that IT is expected to support and manage, or that have the potential to directly impact services that IT supports and manages.

    Icon of a half-full battery.

    IT assets are distinct from capital assets. Some IT assets will also be capital assets, but not all will be. And not all capital assets are IT assets, either.

    Icon of a microphone.

    IT assets are typically tracked by IT, not by finance or accounting.
    IT needs more from their IT asset tracking system than the typical finance department can deliver.
    This can include end-user devices, software, IT infrastructure, cloud-based resources, third-party managed IT services, Internet-of-Things devices, embedded electronics, SCADA equipment, “smart” devices, and more.

    Icon of a fingerprint.

    It’s important to track IT assets in a way that enables IT to deliver value to the business – and an important part of this is understanding what not to track. This list should be aligned to the needs of your organization.

    What is IT asset management?

    • IT asset management is the practice of maintaining accurate, accessible, and actionable data on IT hardware, software, and cloud assets from procurement to disposal.
    • Trustworthy data maintained by an IT asset management practice will help your business meet its goals by managing risk, controlling costs, and enabling IT services and products.
    • ITAM tends to focus on the asset itself – its technical, financial, contractual, lifecycle, and ownership attributes – rather than its interactions or connections to other IT assets, which tends to be part of configuration management.

    What IT Asset Management is NOT:

    Configuration Management: Configuration management databases (CMDBs) often draw from the same data pool as ITAM (many configuration items are assets, and vice versa), but they focus on the interaction, interconnection, and interoperation of configuration items within the IT estate.

    In practice, many configuration items will be IT assets (or parts of assets) and vice versa. Configuration and asset teams should work closely together as they develop different but complementary views of the IT environment. Use Info-Tech’s methodology to harness configuration management superpowers.

    Organizational Data Management: Leverage a different Info-Tech methodology to develop a digital and data asset management program within Info-Tech’s DAM framework.

    “Asset management’s job is not to save the organization money, it’s not to push back on software audits.

    It’s to keep the asset database as up-to-date and as trustworthy as possible. That’s it.” (Jeremy Boerger, Consultant & Author)

    “You can’t make any real decisions on CMDB data that’s only 60% accurate.

    You start extrapolating that out, you’re going to get into big problems.” (Mike Austin, Founder & CEO, MetrixData 360)

    What is an ITAM strategy?

    Our strategy document will outline a coherent, sustainable, business-aligned approach to ITAM.

    No single approach to ITAM fits all organizations. Nor will the same approach fit the same organization at different times. A world-leading research university, a state government, and a global manufacturer all have very different goals and priorities that will be best supported by different approaches to ITAM.

    This methodology will walk you through these critical decisions that will define your approach to ITAM:

    • Business-aligned priorities, opportunities, and goals: What pressing opportunities and challenges do we face as an organization? What opportunities does this create that ITAM can seize?
    • Current and future state maturity, challenges: What is the state of the practice today? Where do we need to improve to meet our goals? What challenges stand in the way of improvement?
    • Responsibility, accountability, sourcing and (de)centralization: Who does what? Who is accountable? Where is there value to outsourcing? What authority will be centralized or decentralized?
    • Tools, policies, and procedures: What technology do we need? What’s our documentation framework?
    • Initiatives, KPIs, communication plan, and roadmap: What do we need to do, in what order, to build the ITAM practice to where we need it to be? How long do we expect this to take? How will we measure success?

    “A good strategy has coherence, coordinating actions, policies, and resources so as to accomplish an important end. Most organizations, most of the time, don’t have this.

    Instead, they have multiple goals and initiatives that symbolize progress, but no coherent approach to accomplish that progress other than ‘spend more and try harder.’” (Good Strategy, Bad Strategy, Richard Rumelt)

    Enable business value with IT asset management

    If you’ve never experienced a mature ITAM program before, it is almost certainly more rewarding than you’d expect once it’s functioning as intended.

    Each of the below activities can benefit from accessible, actionable, and accurate ITAM data.

    • Which of the activities, practices, and initiatives below have value to your organization?
    • Which could benefit most from ITAM data?
    Manage Risk: Effective ITAM practices provide data and processes that help mitigate the likelihood and impact of potentially damaging IT risks.

    ITAM supports the following practices that help manage organizational risk:

    • Security Controls Development
    • Security Incident Response
    • Security Audit Reports
    • Regulatory Compliance Reports
    • IT Risk Management
    • Technical Debt Management
    • M&A Due Diligence
    		 Optimize Spend: Asset data is essential to maintaining oversight of IT spend, ensuring that scarce resources are allocated where they can have the most impact.

    ITAM supports these activities that help optimize spend:

    • Vendor Management & Negotiations
    • IT Budget Management & Variance Analysis
    • Asset Utilization Analysis
    • FinOps & Cloud Spend Optimization
    • Showback & Chargeback
    • Software Audit Defense
    • Application Rationalization
    • Contract Consolidation
    • License and Device Reallocation
    		 Improve IT Services: Asset data can help inform solutions development and can be used by service teams to enhance and improve IT service practices.

    Use ITAM to facilitate these IT services and initiatives:

    • Solution and Enterprise Architecture
    • Service Level Management
    • Technology Procurement
    • Technology Refresh Projects
    • Incident & Problem Management
    • Request Management
    • Change Management
    • Green IT

    1.1 Brainstorm ideas to create a vision for the ITAM practice

    30 minutes

    Input: Stakeholders with a vision of what ITAM could provide, if resourced and funded adequately

    Output: A collection of ideas that, when taken together, create a vision for the future ITAM practice

    Materials: ITAM strategy template, Whiteboard or virtual whiteboard

    Participants: ITAM team, IT leaders and managers, ITAM business partners

    It can be easy to lose sight of long-term goals when you’re stuck in firefighting mode. Let’s get the working group into a forward-looking mindset with this exercise.

    Think about what ITAM could deliver with unlimited time, money, and technology.

    1. Provide three sticky notes to each participant.
    2. Add the headings to a whiteboard, or use a blank slide as a digital whiteboard
    3. On each sticky note, ask participants to outline a single idea as follows:
      1. We could: [idea]
      2. Which would help: [stakeholder]
      3. Because: [outcome]
    4. Ask participants to present their sticky notes and post them to the whiteboard. Ask later participants to group similar ideas together.

    As you hear your peers describe what they hope and expect to achieve with ITAM, a shared vision of what ITAM could be will start to emerge.

    1.1 Identify structural ITAM challenges

    30 minutes

    Input: The list of common challenges on the next slide, Your estimated visibility into IT assets from the previous exercise, The experience and knowledge of your participants

    Output: Identify current ITAM challenges

    Materials: Your working copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers, ITAM business partners

    What’s standing in the way today of delivering the ITAM practices you want to achieve?

    Review the list of common challenges on the next slide as a group.

    1. Delete any challenges that don’t apply to your organization.
    2. Modify any challenges as required to reflect your organization.
    3. Add further challenges that aren’t on the list, as required.
    4. Highlight challenges that are particularly painful.

    Add your results to your copy of the ITAM Strategy Template

    “The problem – the reason why asset management initiatives keep falling on their face – is that people attack asset management as a problem to solve, instead of a practice and epistemological construct.” (Jeremy Boerger, Consultant & Author)

    1.1 Identify structural ITAM challenges

    Review and update the list of common challenges below to reflect your own organization.

    • Leadership and executives don’t understand the value of asset management and don’t fund or resource it.
    • Tools aren’t fit for purpose, don’t scale, or are broken.
    • There’s a cultural tendency to focus on tools over processes.
    • ITAM data is fragmented across multiple repositories.
    • ITAM data is widely viewed as untrustworthy.
    • Stakeholders respond to vendor audits before consulting ITAM, which leads to confusion and risks penalties.
    • No time for improvement; we’re always fighting fires.
    • We don’t audit our own ITAM data for accuracy.
    • End-user equipment is shared, re-assigned, or disposed without notifying or involving IT.
    • No dedicated resources.
    • Lack of clarity on roles and responsibilities.
    • Technicians don’t track assets consistently; ITAM is seen as administrative busywork.
    • Many ITAM tasks are manual and prone to error.
    • Inconsistent organizational policies and procedures.
    • We try to manage too many hardware types/software titles.
    • IT is not involved in the procurement process.
    • Request and procurement is seen as slow and excessively bureaucratic.
    • Hardware/software standards don’t exist or aren’t enforced.
    • Extensive rogue purchases/shadow IT are challenging to manage via ITAM tools and processes.
    What Else?

    Copy results to your copy of the ITAM Strategy Template

    Step 1.2: Review organizational priorities, strategy, initiatives

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers
    • Business executives or their delegates

    Outcomes

    • Review organizational priorities and strategy.
    • Identify key initiatives.

    Enter the executives

    Deliver on leadership priorities

    • Your business’ major transformative projects and executive priorities might seem far removed from hardware and software tracking. Why would we start with business strategy and executive priorities as we’re setting goals for the ITAM program?
    • While business executives have (likely) no interest in how software and hardware is tracked, they are accountable for the outcomes ITAM can enable. They are the most likely to understand why and how ITAM can deliver value to the organization.
    • ITAM succeeds by enabling its stakeholders to achieve business outcomes. The next three activities are designed to help you identify how you can enable your stakeholders, and what outcomes are most important from their point of view. Specifically:
      • What are the business’ planned transformational initiatives?
      • What are your highest priority goals?
      • What should the priorities of the ITAM practice be?
    • The answers to these questions will shape your approach to ITAM. Direct input from your leadership and executives – or their delegates – will help ensure you’re setting a solid foundation for your ITAM practice.

    “What outcomes does the organization want from IT asset management? Often, senior managers have a clear vision for the organization and where IT needs to go, and the struggle is to communicate that down.” (Kylie Fowler, ITAM Intelligence)

    Stock image of many hands with different puzzle pieces.

    Executive Alignment Session Overview

    ITAM Strategy Working Sessions

    • Discover & Brainstorm
    • Executive Alignment Working Session
      • 1.2 Review organizational strategy, priorities, and key initiatives
      • 1.3 Align executive priorities with ITAM opportunities, set ITAM priorities
    • ITAM Practice Maturity, Vision & Mission, Metrics & KPIs
    • Scope, Outsourcing, (De)Centralization, RACI
    • Service Management Integration
    • ITAM Tools
    • Audits, Budgets, Documents
    • Roadmap & Comms Plan

    A note to the lead facilitator and project sponsor:
    Consider working through these exercises by yourself ahead of time. As you do so, you’ll develop your own ideas about where these discussions may go, which will help you guide the discussion and provide examples to participants.

    1.2 Review organizational strategy and priorities

    30 minutes

    Input: Organizational strategy documents

    Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals

    Materials: The diagram in the next slide, and/or a whiteboard, Your copy of the ITAM Strategy Template

    Participants: Asset manager, IT leadership, Business executives or delegates

    Welcome your group to the working session and outline the next few exercises using the previous slide.

    Ask the most senior leader present to provide a summary of the following:

    1. What is the vision for the organization?
    2. What are our priorities and what must we absolutely get right?
    3. What do we expect the organization to look like in three years?

    The facilitator or a dedicated note-taker should record key points on a whiteboard or flipchart paper.

    1.2 Identify transformational initiatives

    30 minutes

    Input: Organizational strategy documents

    Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals

    Materials: The diagram in the next slide, and/or a whiteboard, Your copy of the ITAM Strategy Template

    Participants: Asset manager, IT leadership, Business executives or delegates

    Ask the most senior leader present to provide a summary of the following: What transformative business and IT initiatives are planned? When will they begin and end?

    Using one box per initiative, draw the initiatives in a timeline like the one below.

    Sample timeline for ITAM initiatives.

    Add your results to your copy of the ITAM Strategy Template

    Step 1.3: Set business-aligned ITAM priorities

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers
    • Business executives

    Outcomes

    • Connect executive priorities to ITAM opportunities.
    • Set business-aligned priorities for the ITAM practice.

    1.3 Align executive priorities with ITAM opportunities

    45 minutes

    Input: Organizational strategy documents

    Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals

    Materials: The diagram in the next slide, and/or a whiteboard, Your copy of the ITAM Strategy Template

    Participants: Asset manager, IT leaders and managers, Business executives or delegates

    In this exercise, we’ll use the table on the next slide to identify the top priorities of key business and IT stakeholders and connect them to opportunities for the ITAM practice.

    1. Ask your leadership or executive delegates – what are their goals? What are they trying to accomplish? List roles and related goals in the table.
    2. Brainstorm opportunities for IT asset management to support listed goals:
      1. Can ITAM provide an enhanced level of service, access, or insight?
      2. Can ITAM address an existing issue or mitigate an existing risk?

    Add your results to your copy of the ITAM Strategy Template

    1.3 Align executive priorities with ITAM opportunities (example)

    ITAM is for the… Who wants to… Which presents these ITAM opportunities
    CEO Deliver transformative business initiatives Acquire the right tech at the right time to support transformational initiatives.
    Establish a data-driven culture of stewardship Improve data to increase IT spend transparency.
    COO Improve organizational efficiency Increase asset use.
    Consolidate major software contracts to drive discounts.
    CFO Accurately forecast spending Track and anticipate IT asset spending.
    Control spending Improve data to increase IT spend transparency.
    Consolidate major software contracts to drive discounts.
    CIO Demonstrate IT value Use data to tell a story about value delivered by IT assets.
    Govern IT use Improve data to increase IT spend transparency.
    CISO Manage IT security and compliance risks Identify abandoned or out-of-spec IT assets.
    Provide IT asset data to support controls development.
    Respond to security incidents Support security incident teams with IT asset data.
    Apps Leader Build, integrate, and support applications Identify opportunities to retire applications with redundant functionality.
    Connect applications to relevant licensing and support agreements.
    IT Infra Leader Build and support IT infrastructure. Provide input on opportunities to standardize hardware and software.
    Provide IT asset data to technicians supporting end users.

    1.3 Categorize ITAM opportunities

    10-15 minutes

    Input: The outputs from the previous exercise

    Output: Executive priorities, sorted into the three categories at the right

    Materials: The table in this slide, The outputs from the previous exercise

    Participants: Lead facilitator

    Give your participants a quick break. Quickly sort the identified ITAM opportunities into the three main categories below as best you can.

    We’ll use this table as context for the next exercise.

    Example: Optimize Spend Enhance IT Services Manage Risk
    ITAM Opportunities
    • Improve data to increase IT spend transparency.
    • Consolidate major software contracts to drive discounts.
    • Increase asset utilization.
    • Identify opportunities to retire applications with redundant functionality
    • Acquire the right tech at the right time to support transformational initiatives.
    • Provide IT asset data to technicians supporting end users.
    • Identify abandoned or out-of-spec IT assets.
    • Provide IT asset data to support controls development.
    • Support security incident teams with IT asset data.

    Add your results to your copy of the ITAM Strategy Template

    1.3 Set ITAM priorities

    30 minutes

    Input: Organizational strategy documents

    Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals

    Materials: Whiteboard, The template on the next slide, Your copy of the ITAM Strategy Template

    Participants: Asset manager, IT leaders and managers, Business executives or delegates

    The objective of this exercise is to prioritize the outcomes your organization wants to achieve from its ITAM practice, given the context from the previous exercises.

    Review the image below. The three points of the triangle are the three core goals of ITAM: Enhance IT Service, Manage Risk, and Optimize Spend. This exercise was first developed by Kylie Fowler of ITAM Intelligence. It is an essential exercise to understand ITAM priorities and the tradeoffs associated with those priorities. These priorities aren’t set in stone and should be revisited periodically as technology and business priorities change.

    Draw the diagram on the next slide on a whiteboard. Have the most senior leader in the room place the dot on the triangle – the closer it is to any one of the goals, the more important that goal is to the organization. Note: The center of the triangle is off limits! It’s very rarely possible to deliver on all three at once.
    Track notes on what’s being prioritized – and why – in the template on the next slide.     		Triangle with the points labelled 'Enhance IT Service', 'Manage Risk', and 'Optimize Spend'.

    Add your results to your copy of the ITAM Strategy Template

    1.3 Set ITAM Priorities

    The priorities of the ITAM practice are to:
    • Optimize Spend
    • Manage Risk
    Why?
    • We believe there is significant opportunity right now to rationalize spend by consolidating key software contracts.
    • Major acquisitions are anticipated in the near future. Effective ITAM processes are expected to mitigate acquisition risk by supporting due diligence and streamlined integration of acquired organizations.
    • Ransomware and supply chain security threats have increased demands for a comprehensive accounting of IT assets to support security controls development and security incident response.
    (Update this section with notes from your discussion.)     		Triangle with the points labelled 'Enhance IT Service', 'Manage Risk', and 'Optimize Spend'. There is a dot close to the 'Optimize Spend' corner, a legend labelling the dot as 'Our Target', and a note reading 'Move this dot to reflect your priorities'.

    Step 1.4: Identify ITAM goals, target maturity

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers

    Outcomes

    • Connect executive priorities to ITAM opportunities.
    • Set business-aligned priorities for the ITAM practice.

    “ITAM is really no different from the other ITIL practices: to succeed, you’ll need some ratio of time, treasure, and talent… and you can make up for less of one with more of the other two.” (Jeremy Boerger, Consultant and Author)

    1.4 Identify near- and medium-term goals

    15-30 minutes

    Input: Organizational strategy documents

    Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers

    Narrow down the list of opportunities to identify specific goals for the ITAM practice.

    1. Use one color to highlight opportunities you will seize in the next year.
    2. Use a second color to highlight opportunities you plan to address in the next three years.
    3. Leave blank anything you don’t intend to address in this timeframe.

    The highlighted opportunities are your near- and medium-term objectives.

    Optimize Spend Enhance IT Services Manage Risk
    Priority Critical Normal High
    ITAM Opportunities
    • Improve data to increase IT spend transparency.
    • Increase asset utilization.
    • Consolidate major software contracts to drive discounts.
    • Identify opportunities to retire applications with redundant functionality
    • Acquire the right tech at the right time to support transformational initiatives.
    • Provide IT asset data to technicians supporting end users.
    • Identify abandoned or out-of-spec IT assets.
    • Provide IT asset data to support controls development.
    • Support security incident teams with IT asset data.

    1.4 Connect ITAM goals to tactics

    30 minutes

    Input: Organizational strategy documents

    Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers

    Let’s dig down a little deeper. Connect the list of opportunities from earlier to specific ITAM tactics that allow the team to seize those opportunities.

    Add another row to the earlier table for ITAM tactics. Brainstorm tactics with your participants (e.g. sticky notes on a whiteboard) and align them with the priorities they’ll support.

    Optimize SpendEnhance IT ServicesManage Risk
    PriorityCriticalNormalHigh
    ITAM Opportunities
    • Improve data to increase IT spend transparency.
    • Increase asset utilization.
    • Consolidate major software contracts to drive discounts.
    • Identify opportunities to retire applications with redundant functionality
    • Acquire the right tech at the right time to support transformational initiatives.
    • Provide IT asset data to technicians supporting end users.
    • Identify abandoned or out-of-spec IT assets.
    • Provide IT asset data to support controls development.
    • Support security incident teams with IT asset data.
    ITAM Tactics to Seize Opportunities
    • Review and improve hardware budgeting exercises.
    • Reallocate unused licenses, hardware.
    • Ensure ELP reports are up to date.
    • Validate software usage.
    • Data to support software renewal negotiations.
    • Use info from ITAM for more efficient adds, moves, changes.
    • Integrate asset records with the ticket intake system, so that when someone calls the service desk, the list of their assigned equipment is immediately available.
    • Find and retire abandoned devices or services with access to the organization’s network.
    • Report on lost/stolen devices.
    • Develop reliable disposal processes.
    • Report on unpatched devices/software.

    Add your results to your copy of the ITAM Strategy Template

    1.4 Identify current and target state

    20 minutes

    Input: Organizational strategy documents

    Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers

    We’ll use this exercise to identify the current and one-year target state of ITAM using Info-Tech’s ITAM maturity framework.

    1. Review the maturity framework on the next slide as a group.
    2. In one color, highlight statements that reflect your organization today. Summarize your current state. Are you in firefighter mode? Between “firefighter” and “trusted operator”?
    3. In a second color, highlight statements that reflect where you want to be one year from today, taking into consideration the goals and tactics identified in the last exercise.
    4. During a break, copy the highlighted statements to the table on the slide after next, then add this final slide to your working copy of the ITAM Strategy Template.

    Add your results to your copy of the ITAM Strategy Template

    Establish current and target ITAM maturity

    IT maturity ladder with five color-coded levels. Innovator – Optimized Asset Management
    • All items from Business & Technology Partner, plus:
    • Business and IT stakeholders collaborate regularly with the ITAM team to identify new opportunities to leverage or deploy ITAM practices and data to mitigate risks, optimize spend, and improve service. The ITAM program scales with the business.
    Business & Technology Partner – Proactive Asset Management
    • All items from Trusted Operator, plus:
    • The ITAM data is integral to decisions related to budget, project planning, IT architecture, contract renewal, and vendor management. Software and cloud assets are reviewed as frequently as required to manage costs. ITAM data consumers have self-serve access to ITAM data.
    • Continuous improvement practices strengthen ITAM efficiency and effectiveness.
    • ITAM processes, standards, and related policies are regularly reviewed and updated. ITAM teams work closely with SMEs for key tools/systems integrated with ITAM (e.g. AD, ITSM, monitoring tools) to maximize the value and reliability of integrations.
    Trusted Operator – Controls Assets
    • ITAM data for deployed hardware and software is regularly audited for accuracy.
    • Sufficient staff and skills to support asset tracking, including a dedicated IT asset management role. Teams responsible for ITAM data collection cooperate effectively. Policies and procedures are documented and enforced. Key licenses and contracts are available to the ITAM team. Discovery, tracking, and analysis tools support most important use cases.
    Firefighter – Reactive Asset Tracking
    • Data is often untrustworthy, may be fragmented across multiple repositories, and typically requires significant effort to translate or validate before use.
    • Insufficient staff, fragmented or incomplete policies or documentation. Data tracking processes are extremely highly manual. Effective cooperation for ITAM data collection is challenging.
    • ITAM tools are in place, but additional configuration or tooling is needed.
    Unreliable - Struggles to Support
    • No data, or data is typically unusable.
    • No allocated staff, no cooperation between parties responsible for ITAM data collection.
    • No related policies or documentation.
    • Tools are non-existent or not fit-for-purpose.

    Current and target ITAM maturity

    Today:
    Firefighter
    • Data is often untrustworthy, is fragmented across multiple repositories, and typically requires significant effort to translate or validate before use.
    • Insufficient staff, fragmented or incomplete policies or documentation.
    • Tools are non-existent.
    In One Year:
    Trusted Operator
    • ITAM data for deployed hardware and software is regularly audited for accuracy.
    • Sufficient staff and skills to support asset tracking, including a dedicated IT asset management role.
    • Teams responsible for ITAM data collection cooperate effectively.
    • Discovery, tracking, and analysis tools support most important use cases.
    		IT maturity ladder with five color-coded levels.

    Innovator – Optimized Asset Management

    Business & Technology Partner – Proactive Asset Management

    Trusted Operator – Controls Assets

    Firefighter – Reactive Asset Tracking

    Unreliable - Struggles to Support

    Step 1.5: Write mission and vision statements

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers

    Outcomes

    • Write a mission statement that encapsulates the purpose and intentions of the ITAM practice today.
    • Write a vision statement that describes what the ITAM practice aspires to become and achieve.

    Write vision and mission statements

    Create two statements to summarize the role of the ITAM practice today – and where you want it to be in the future.

    Create two short, compelling statements that encapsulate:
    • The vision for what we want the ITAM practice to be in the future; and
    • The mission – the purpose and intentions – of the ITAM practice today.

    Why bother creating mission and vision statements? After all, isn’t it just rehashing or re-writing all the work we’ve just done? Isn’t that (at best) a waste of time?

    There are a few very important reasons to create mission and vision statements:

    • Create a compass that can guide work today and your roadmap for the future.
    • Focus on the few things you must do, rather than the many things you could do.
    • Concisely communicate a compelling vision for the ITAM practice to a larger audience who (let’s face it) probably won’t read the entire ITAM Strategy deck.

    “Brevity is the soul of wit.” (Hamlet, Act 2, Scene 2)

    “Writing is easy. All you have to do is cross out the wrong words.” (Mark Twain)

    1.5 Write an ITAM vision statement

    30 minutes

    Input: Organizational strategy documents

    Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals

    Materials: A whiteboard, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT Leaders and managers

    Your vision statement describes the ITAM practice as it will be in the far future. It is a target to aspire to, beyond your ability to achieve in the near or medium term.

    Examples of ITAM vision statements:

    Develop the single accurate view of IT assets, available to anyone who needs it.

    Indispensable data brokers that support strategic decisions on the IT environment.

    Provide sticky notes to participants. Write out the three questions below on a whiteboard side by side. Have participants write their answers to the questions and post them below the appropriate question. Give everyone 10 minutes to write and post their ideas.

    1. What’s the desired future state of the ITAM practice?
    2. What needs to be done to achieved this desired state?
    3. How do we want ITAM to be perceived in this desired state?

    Review the answers and combine them into one focused vision statement. Use the 20x20 rule: take no more than 20 minutes and use no more than 20 words. If you’re not finished after 20 minutes, the ITAM manager should make any final edits offline.

    Document your vision statement in your ITAM Strategy Template.

    Add your results to your copy of the ITAM Strategy Template

    1.5 Write an ITAM mission statement

    30 minutes

    Input: Organizational strategy documents

    Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers

    Your ITAM mission statement is an expression of what your IT asset management function brings to your organization today. It should be presented in straightforward language that is compelling, easy to understand, and sharply focused.

    Examples of ITAM mission statements:

    Maintain accurate, actionable, accessible on data on all IT assets.

    Support IT and the business with centralized and integrated asset data.

    Provide sticky notes to participants. Write out the questions below on a whiteboard side by side. Have participants write their answers to the questions and post them below the appropriate question. Give everyone 10 minutes to write and post their ideas.

    1. What is our role as the asset management team?
    2. How do we support the IT and business strategies?
    3. What does our asset management function offer that no one else can?

    Review the answers and combine them into one focused vision statement. Use the 20x20 rule: take no more than 20 minutes and use no more than 20 words. If you’re not finished after 20 minutes, the ITAM manager should make any final edits offline.

    Document your vision statement in your ITAM Strategy Template.

    Add your results to your copy of the ITAM Strategy Template

    Step 1.6: Define ITAM metrics and KPIs

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers

    Outcomes

    • Identify metrics, data, or reports that may be of interest to different consumers of ITAM data.
    • Identify the key performance indicators (KPIs) for the ITAM practice, based on the goals and priorities established earlier.

    Navigate a universe of ITAM metrics

    When you have the data, how will you use it?

    • There’s a dizzying array of potential metrics you can develop and track across your ITAM environment.
    • Different stakeholders will need different data feeds, metrics, reports, and dashboards.
    • Different measures will be useful at different times. You will often need to filter or slice the data in different ways (by department, timeframe, equipment type, etc.)
    • We’ll use the next few exercises to identify the types of metrics that may be useful to different stakeholders and the KPIs to measure progress towards ITAM goals and priorities.

    ITAM Metrics

    • Quantity
      e.g. # of devices or licenses
    • Cost
      e.g. average laptop cost
    • Compliance
      e.g. effective license position reports
    • Progress
      e.g. ITAM roadmap items completed
    • Quality
      e.g. ITAM data accuracy rate
    • Time
      e.g. time to procure/ deploy

    Drill down by:

    • Vendor
    • Date
    • Dept.
    • Product
    • Location
    • Cost Center

    Develop different metrics for different teams

    A few examples:

    • CIOs — CIOs need asset data to govern technology use, align to business needs, and demonstrate IT value. What do we need to budget for hardware and software in the next year? Where can we find money to support urgent new initiatives? How many devices and software titles do we manage compared to last year? How has IT helped the business achieve key goals?
    • Asset Managers — Asset managers require data to help them oversee ITAM processes, technology, and staff, and to manage the fleet of IT assets they’re expected to track. What’s the accuracy rate of ITAM data? What’s the state of integrations between ITAM and other systems and processes? How many renewals are coming up in the next 90 days? How many laptops are in stock?
    • IT Leaders — IT managers need data that can support their teams and help them manage the technology within their mandate. What technology needs to be reviewed or retired? What do we actually manage?
    • Technicians — Service desk technicians need real-time access to data on IT assets to support service requests and incident management – for example, easy access to the list of equipment assigned to a particular user or installed in a particular location.
    • Business Managers and Executives — Business managers and executives need concise, readable dashboards to support business decisions about business use of IT assets. What’s our overall asset spend? What’s our forecasted spend? Where could we reallocate spend?

    1.6 Identify useful ITAM metrics and reports

    60 minutes

    Input: Organizational strategy documents

    Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers

    Use this exercise to identify as many potentially useful ITAM metrics and reports as possible, and narrow them down to a few high-priority metrics. Leverage the list of example metrics on the next slide for your own exercise. If you have more than six participants, consider splitting into two or more groups, and divide the table between groups to minimize overlap.

    1. List potential consumers of ITAM data in the column on the left.
    2. What type of information do we think this role needs? What questions about IT assets do we get on a regular basis from this role or team?
    3. Review and consolidate the list as a group. Discuss and highlight any metrics the group thinks are a particularly high priority for tracking.
    Role Compliance Quality Quantity Cost Time Progress
    IT Asset Manager Owned devices not discovered in last 60 days Discrepancies between discovery data and ITAM DB records # of corporate-owned devices Spend on hardware (recent and future/ planned) Average time, maximum time to deploy end-user devices Number of ITAM roadmap items in progress
    Service Desk

    Add your results to your copy of the ITAM Strategy Template

    Examples of ITAM metrics

    Compliance Quality Quantity Cost Time/Duration/Age Progress
    Owned devices not discovered in last 60 days Discrepancies between discovery data and ITAM DB records # of corporate-owned devices Spend on hardware (recent and future/planned) Average time, maximum time to deploy end-user devices Number of ITAM roadmap items in progress or completed
    Disposed devices without certificate of destruction Breakage rates (in and out of warranty) by vendor # of devices running software title X, # of licenses for software title X Spend on software (recent and future/planned) Average time, maximum time to deploy end user software Number of integrations between ITAM DB and other sources
    Discrepancies between licenses and install count, by software title RMAs by vendor, model, equipment type Number of requests by equipment model or software title Spend on cloud (recent and future/planned) Average & total time spent on software audit responses Number of records in ITAM database
    Compliance reports (e.g. tied to regulatory compliance or grant funding) Tickets by equipment type or software title Licenses issued from license pool in the last 30 days Value of licenses issued from license pool in the last 30 days (cost avoidance) Devices by age Software titles with an up-to-date ELP report
    Reports on lost and stolen devices, including last assigned, date reported stolen, actions taken User device satisfaction scores, CSAT scores Number of devices retired or donated in last year Number of IT-managed capital assets Number of hardware/software request tickets beyond time-to-fulfil targets Number of devices audited (by ITAM team via self-audit)
    Number of OS versions, unpatched systems Number of devices due for refresh in the next year Spend saved by harvesting unused software Number of software titles, software vendors managed by ITAM team
    Audit accuracy rate Equipment in stock Cost savings from negotiations
    # of users assigned more than one device Number of non-standard devices or requests Dollars charged during audit or true-up

    Differentiate between metrics and KPIs

    Key performance indicators (KPIs) are metrics with targets aligned to goals.

    Targets could include one or more of:

    • Target state (e.g. completed)
    • Target magnitude (e.g. number, percent, rate, dollar amount)
    • Target direction (e.g. trending up or down)

    You may track many metrics, but you should have only a few KPIs (typically 2-3 per objective).

    A breached KPI should be a trigger to investigate and remediate the root cause of the problem, to ensure progress towards goals and priorities can continue.

    Which KPIs you track will change over the life of the practice, as ITAM goals and priorities shift. For example, KPIs may initially track progress towards maturing ITAM practices. Once you’ve reached target maturity, KPIs may shift to track whether the key service targets are being met.

    1.6 Identify ITAM KPIs

    20 minutes

    Input: Organizational strategy documents

    Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers

    Good KPIs are a more objective measure of whether you’re succeeding in meeting the identified priorities for the ITAM practice.

    Identify metrics that can measure progress or success against the priorities and goals set earlier. Aim for around three metrics per goal. Identify targets for the metric you think are SMART (specific, measurable, achievable, relevant, and timebound). Track your work using the example table below.

    Goal Metric Target
    Consolidate major software contracts to drive discounts Amount spent on top 10 software contracts Decrease by 10% by next year
    Customer satisfaction scores with enterprise software Satisfaction is equal to or better than last year
    Value of licenses issued from license pool 30% greater than last year
    Identify abandoned or out-of-spec IT assets # of security incidents involving undiscovered assets Zero
    % devices with “Deployed” status in ITAM DB but not discovered for 30+ days ‹1% of all records in ITAM DB
    Provide IT asset data to technicians for service calls Customer satisfaction scores Satisfaction is equal to or better than last year
    % of end-user devices meeting minimum standards 97%

    Add your results to your copy of the ITAM Strategy Template

    Develop an IT Asset Management Strategy

    Phase 2:

    Identify your approach to support ITAM priorities and goals

    Phase 1

    1.1 Define ITAM and brainstorm opportunities and challenges.

    Executive Alignment Working Session:

    1.2 Review organizational priorities, strategy, and key initiatives.

    1.3 Align executive priorities with ITAM opportunities & priorities.

    1.4 Identify business-aligned ITAM goals and target maturity.

    1.5 Write mission and vision statements.

    1.6 Define ITAM metrics and KPIs.

    Phase 2

    2.1 Define ITAM scope.

    2.2 Acquire ITAM services (outsourcing and contracting).

    2.3 Centralize or decentralize ITAM capabilities.

    2.4 Create a RACI for the ITAM practice.

    2.5 Align ITAM with other service management practices.

    2.6 Evaluate ITAM tools and integrations.

    2.7 Create a plan for internal and external audits.

    2.8 Improve your budget processes.

    2.9 Establish a documentation framework.

    2.10 Create a roadmap and communication plan.

    Phase Outcomes:

    Establish an approach to achieving ITAM goals and priorities, including scope, structure, tools, service management integrations, documentation, and more.

    Create a roadmap that enables you to realize your approach.

    Step 2.1: Define ITAM Scope

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers
    • ITAM business partners

    Outcomes

    • Establish what types of equipment and software you’ll track through the ITAM practice.
    • Establish which areas of the business will be in scope of the ITAM practice.

    Determine ITAM Scope

    Focus on what’s most important and then document it so everyone understands where they can provide the most value.

    Not all categories of assets require the same level of tracking, and some equipment and software should be excluded from the ITAM practice entirely.

    In some organizations, portions of the environment won’t be tracked by the asset management team at all. For example, some organizations will choose to delegate tracking multi-function printers (MFPs) or proprietary IoT devices to the department or vendor that manages them.

    Due to resourcing or technical limitations, you may decide that certain equipment or software is out of scope for the moment.

    What do other organizations typically track in detail?
    • Installs and entitlements for major software contracts that represent significant spend and/or are highly critical to business goals.
    • Equipment managed directly by IT that needs to be refreshed on a regular cycle:
      • End-user devices such as laptops, desktops, and tablets.
      • Server, network, and telecoms devices.
    • High value equipment that is not regularly refreshed may also be tracked, but in less detail – for example, you may not refresh large screen TVs, but you may need to track date of purchase, deployed location, vendor, and model for insurance or warranty purposes.

    2.1 Establish scope for ITAM

    45 minutes

    Input: Organizational strategy documents

    Output: ITAM scope, in terms of types of assets tracked and not tracked

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers, ITAM business partners

    Establish the hardware and software that are within the scope of the ITAM program by updating the tables below to reflect your own environment. The “out of scope” category will include asset types that may be of value to track in the future but for which the capability or need don’t exist today.

    Hardware Software Out of Scope
    • End-user devices housing data or with a dollar value of more than $300, which will be replaced through lifecycle refresh.
    • Infrastructure devices, including network, telecom, video conferencing, servers and more
    • End-user software purchased under contract
    • Best efforts on single license purchases
    • Infrastructure software, including solutions used by IT to manage the infrastructure
    • Enterprise applications
    • Cloud (SaaS, IaaS, PaaS)
    • Departmental applications
    • Open-source applications
    • In-house developed applications
    • Freeware & shareware
    • IoT devices

    The following locations will be included in the ITAM program: All North and South America offices and retail locations.

    Add your results to your copy of the ITAM Strategy Template

    Step 2.2: Acquire ITAM Services

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers
    • ITAM business partners

    Outcomes

    • Define the type of work that may be more effectively or efficiently delivered by an outsourcer or contractor.

    “We would like our clients to come to us with an idea of where they want to get to. Why are you doing this? Is it for savings? Because you want to manage your security attack surface? Are there digital initiatives you want to move forward? What is the end goal?” (Mike Austin, MetrixData 360)

    Effectively acquire ITAM services

    Allow your team to focus on strategic, value-add activities by acquiring services that free them from commodity tasks.
    • When determining which asset capabilities and activities are best kept in-house and which ones are better handled by a supplier, it is imperative to keep the value to the business in mind.
    • Activities/capabilities that are challenging to standardize and are critical to enabling business goals are better kept in-house.
    • Activities/capabilities that are (or should be) standardized and automated are ideal candidates for outsourcing.
    • Outsourcing can be effective and successful with a narrow scope of engagement and an alignment to business outcomes.
    • Organizations that heavily weigh cost reduction as a significant driver for outsourcing are far less likely to realize the value they expected to receive.
    		 Business Enablement
    • Supports business-aligned ITAM opportunities & priorities
    • Highly specialized
    • Offers competitive advantages
    		 Map with axes 'Business Enablement' and 'Vendor's Performance Advantage' for determining whether or not to outsource.
    Vendor’s Performance Advantage
    • Talent or access to skills
    • Economies of scale
    • Access to technology
    • Does not require deep knowledge of your business

    Decide what to outsource

    It’s rarely all or nothing.

    Ask yourself:
    • How important is this activity or capability to ITAM, IT, and business priorities and goals?
    • Is it a non-commodity IT service that can improve customer satisfaction?
    • Is it a critical service to the business and the specialized knowledge must remain in-house?
    • Does the function require access to talent or skills not currently available in-house, and is cost-prohibitive to obtain?
    • Are there economies of scale that can help us meet growing demand?
    • Does the vendor provide access to best-of-breed tools and solutions that can handle the integration, management, maintenance and support of the complete system?

    You may ultimately choose to engage a single vendor or a combination of multiple vendors who can best meet your ITAM needs.

    Establishing effective vendor management processes, where you can maximize the amount of service you receive while relying on the vendor’s expertise and ability to scale, can help you make your asset management practice a net cost-saver.

    		ITAM activities and capabilities
    • Contract review
    • Software audit management
    • Asset tagging
    • Asset disposal and recycling
    • Initial ITAM record creation
    • End-user device imaging
    • End-user device deployment
    • End-user software provisioning
    • End-user image management
    • ITAM database administration
    • ELP report creation
    • ITAM process management
    • ITAM report generation
    		 ITAM-adjacent activities and capabilities
    • Tier 1 support/service desk
    • Deskside/field support
    • Tier 3 support
    • IT Procurement
    • Device management/managed IT services
    • Budget development
    • Applications development, maintenance
    • Infrastructure hosting (e.g. cloud or colocation)
    • Infrastructure management and support
    • Discovery/monitoring tools management and support

    2.2 Identify outsourcing opportunities

    1-2 hours

    Input: Understanding of current ITAM processes and challenges

    Output: Understanding of potential outsourcing opportunities

    Materials: The table in this slide, and insight in previous slides, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers, ITAM business partners

    At a high level, discuss which functions of ITAM are good candidates for outsourcing.

    Start with the previous slide for examples of outsourcing activities or capabilities directly related to or adjacent to the ITAM practice. Categorize these activities as follows:

    Outsource Potentially Outsource Insource
    • Asset disposal/recycling
    • ELP report creation
    • ITAM process management

    Go through the list of activities to potentially or definitely outsource and confirm:

    1. Will outsourcing solve a resourcing need for an existing process, or can you deliver this adequately in-house?
    2. Will outsourcing improve the effectiveness and efficiency of current processes? Will it deliver more effective service channels or improved levels of reliability and performance consistency?
    3. Will outsourcing provide or enable enhanced service capabilities that your IT customers could use, and which you cannot deliver in-house due to lack of scale or capacity?

    Answering “no” to more than one of these questions suggests a need to further review options to ensure the goals are aligned with the potential value of the service offerings available.

    Add your results to your copy of the ITAM Strategy Template

    Step 2.3: Centralize or decentralize ITAM capabilities

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers
    • ITAM business partners

    Outcomes

    • Outline where the team(s) responsible for ITAM sit across the organization, who they report to, and who they need to work with across IT and the business.

    Align ITAM with IT’s structure

    ITAM’s structure will typically align with the larger business and IT structure. The wrong structure will undermine your ability to meet ITAM goals and lead to frustration, missed work, inefficiency, and loss of value.

    Which of the four archetypes below reflects the structure you need?

    1. Centralized — ITAM is entirely centralized in a single function, which reports into a central IT department.
    2. Decentralized — Local IT groups are responsible and accountable for ITAM. They may coordinate informally but do not report to any central team.
    3. Hybrid-Shared Services — Local IT can opt in to shared services but must follow centrally set ITAM practices to do so, usually with support from a shared ITAM function.
    4. Hybrid-Federated — Local IT departments are free to develop their own approach to ITAM outside of core, centrally set requirements.

    Centralized ITAM

    Total coordination, control, and oversight

    • ITAM accountability, policies, tools, standards, and expertise – in this model, they’re all concentrated in a single, specialized IT asset management practice. Accountability, authority, and oversight are concentrated in the central function as well.
    • A central ITAM team will benefit from knowledge sharing and task specialization opportunities. They are a visible single point of contact for ITAM-related questions
    • The central ITAM team will coordinate ITAM activities across the organization to optimize spend, manage risk, and enhance service. Any local IT teams are supported by and directly answerable to the central ITAM team for ITAM activities.
    • There is a single, centrally managed ITAM database. Wherever possible, this database should be integrated with other tools to support cross-solution automation (e.g. integrate AD to automatically reflect user identity changes in the ITAM database).
    • This model drives cross-organization coordination and oversight, but it may not be responsive to specific and nuanced local requirements.
    		 Example: Centralized
    Example of a Centralized ITAM.

    Solid line. Direct reporting relationship

    Dotted line. Dotted line working or reporting relationship

    Decentralized ITAM

    Maximize choice

    • ITAM accountability and oversight are entirely devolved to local or regional IT and/or ITAM organizations, which are free to set their own priorities, goals, policies, and standards. This model maximizes the authority of local groups to build practices that meet local requirements.
    • It may be challenging to resource and mature local practices. ITAM maturity will vary from one local organization to the next.
    • It is more likely that ITAM managers are a part-time role, and sometimes even a non-IT role. Local ITAM teams or coordinators may coordinate and share knowledge informally, but specialization can be challenging to build or leverage effectively across the organization.
    • There is likely no central ITAM tool. Local tools may be acquired, implemented, and integrated by local IT departments to suit their own needs, which can make it very difficult to report on assets organization-wide – for example, to establish compliance on an enterprise software contract.
    		Example: Decentralized


    Example of a Decentralized ITAM.

    Solid line. Direct reporting relationship

    Dotted line. Dotted line working or reporting relationship

    Blue dotted line. Informal working relationships, knowledge sharing

    Hybrid: Federation

    Centralization with a light touch

    • A middle ground between centralized and decentralized ITAM, this model balances centralized decision making, specialization, and governance with local autonomy.
    • A central team will define organization-wide ITAM goals, develop capabilities, policies, and standards, and monitor compliance by local and central teams. All local teams must comply with centrally defined requirements, but they can also develop further capabilities to meet local goals.
    • For example, there will typically be a central ITAM database that must be used for at least a subset of assets, but other teams may build their own databases for day-to-day operations and export data to the central database as required.
    • There are often overlapping responsibilities in this model. A strong collaborative relationship between central and local ITAM teams is especially important here, particularly after major changes to requirements, processes, tools, or staffing when issues and breakdowns are more likely.
    		Example: Federation


    Example of a Federation ITAM.

    Solid line. Direct reporting relationship

    Purple solid line. Oversight/governance

    Dotted line. Dotted line working or reporting relationship

    Hybrid: Shared Services

    Optional centralization

    • A special case of federated ITAM that balances central control and local autonomy, but with more power given to local IT to opt out of centralized shared services that come with centralized ITAM requirements.
    • ITAM requirements set by the shared services team will support management, allocation, and may have showback or chargeback implications. Following the ITAM requirements is a condition of service. If a local organization chooses to stop using shared services, they are (naturally) no longer required to adhere to the shared services ITAM requirements.
    • As with the federated model, local teams may develop further capabilities to meet local goals.
    		Example: Shared Services


    Example of a Shared Services ITAM.

    Solid line. Direct reporting relationship

    Dotted line. Dotted line working relationship

    Blue dotted line. Informal working relationships, knowledge sharing

    Structure data collection & analysis

    Consider the implications of structure on data.

    Why centralize?
    • There is a need to build reports that aggregate data on assets organization-wide, rather than just assets within a local environment.
    • Decentralized ITAM tracking isn’t producing accurate or usable data, even for local purposes.
    • Tracking tools have overlapping functionality. There’s an opportunity to rationalize spend, management and support for ITAM tools.
    • Contract centralization can optimize spend and manage risks, but only with the data required to manage those contracts.
    		 Why decentralize?
    • Tracking and reporting on local assets is sufficient to meet ITAM goals; there is limited or no need to track assets organization-wide.
    • Local teams have the skills to track and maintain asset data; subsidiaries have appropriate budgets and tools to support ITAM tracking.
    • Decentralized ITSM/ITAM tools are in place, populated, and accurate.
    • The effort to consolidate tools and processes may outweigh the benefits to data centralization.
    • Lots of variability in types of assets and the environment is stable.
    Requirements for success:
    • A centralized IT asset management solution is implemented and managed.
    • Local teams must understand the why and how of centralized data tracking and be held accountable for assigned responsibilities.
    • The asset tool should offer both centralized and localized views of the data.
    		 Requirements for success:
    • Guidelines and expectations for reporting to centralized asset management team will be well defined and supported.
    • Local asset managers will have opportunity to collaborate with others in the role for knowledge transfer and asset trading, where appropriate.

    Structure budget and contract management

    Contract consolidation creates economies of scale for vendor management and license pooling that strengthen your negotiating position with vendors and optimize spend.

    Why centralize?
    • Budgeting, governance, and accountability are already centralized. Centralized ITAM practices can support the existing governance practices.
    • Centralizing contract management and negotiation can optimize spend and/or deliver access to better service.
    • Centralize management for contracts that cover most of the organization, are highly complex, involve large spend and/or higher risk, and will benefit from specialization of asset staff.
    		 Why decentralize?
    • Budgeting, governance, and accountability rest with local organizations.
    • There may be increased need for high levels of customer responsiveness and support.
    • Decentralize contract management for contracts used only by local groups (e.g. a few divisions, a few specialized functions), and that are smaller, low risk, and come with standard terms and conditions.
    Requirements for success:
    • A centralized IT asset management solution is implemented and managed.
    • Contract terms must be harmonized across the organization.
    • Centralized fulfillment is as streamlined as possible. For example, software contracts should include the right to install at any time and pay through a true-up process.
    		 Requirements for success:
    • Any expectations for harmonization with the centralized asset management team will be well defined and supported.
    • Local asset managers can collaborate with other local ITAM leads to support knowledge transfer, asset swapping, etc.

    Structure technology management

    Are there opportunities to centralize or decentralize support functions?

    Why centralize?
    • Standard technologies are deployed organization-wide.
    • There are opportunities to improve service and optimize costs by consolidating knowledge, service contracts, and support functions.
    • Centralizing data on product supply allows for easier harvest and redeployment of assets by a central support team.
    • A stable, central support function can better support localized needs during seasonal staffing changes, mergers and acquisitions.
    		 Why decentralize?
    • Technology is unique to a local subset of users or customers.
    • Minimal opportunity for savings or better support by consolidating knowledge, service contracts, or support functions.
    • Refresh standards are set at a local level; new tech adoption may be impeded by a reliance on older technologies, local budget shortfalls, or other constraints.
    • Hardware may need to be managed locally if shipping costs and times can’t reasonably be met by a distant central support team.
    Requirements for success:
    • Ensure required processes, technologies, skills, and knowledge are in place to enable centralized support.
    • Keep a central calendar of contract renewals, including reminders to start work on the renewal no less than 90 days prior. Prioritize contracts with high dollar value or high risk.
    • The central asset management solution should be configured to provide data that can enable the central support team.
    		 Requirements for success:
    • Ensure required processes, technologies, skills, and knowledge are in place to enable decentralized support.
    • Decentralized support teams must understand and adhere to ITAM activities that are part of support work (e.g. data entry, data audits).
    • The central asset management solution should be configured to provide data that can enable the central support team, or decentralized asset solutions must be funded, and teams trained on their use.

    2.3 Review ITAM Structure

    1-2 hours

    Input: Understanding of current organizational structure, Understanding of challenges and opportunities related to the current structure

    Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers, ITAM business partners

    Outline the current model for your organization and identify opportunities to centralize or decentralize ITAM-related activities.

    1. What model best describes how ITAM should be structured in your organization? Modify the slide outlining structure as a group to outline your own organization, as required.
    2. In the table below, outline opportunities to centralize or decentralize data tracking, budget and contract management, and technology management activities.
    Centralize Decentralize
    Data collection & analysis
    • Make better use of central ITAM database.
    • Support local IT departments building runbooks for data tracking during lifecycle activities (create templates, examples)
    Budget and contract management
    • Centralize Microsoft contracts.
    • Create a runbook to onboard new companies to MSFT contracts.
    • Create tools and data views to support local department budget exercises.
    Technology management
    • Ensure all end-user devices are visible to centrally managed InTune, ConfigMgr.
    • Enable direct shipping from vendor to local sites.
    • Establish disposal/pickup at local sites.

    Add your results to your copy of the ITAM Strategy Template

    Step 2.4: Create a RACI

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers
    • ITAM business partners

    Outcomes

    • Review the role of the IT asset manager.
    • Identify who’s responsible, accountable, consulted, and informed for key ITAM activities.

    Empower your asset manager

    The asset manager is the critical ITAM role. Ensure they’re positioned to succeed.

    There’s too much change in the technology and business environment to expect ITAM to be “a problem to solve.” It is a practice that requires care and feeding through regular iteration to achieve success. At the helm of this practice is your asset manager, whose approach and past experience will have a significant impact on how you approach ITAM.

    The asset manager role requires a variety of skills, knowledge, and abilities including:

    • Operations, process, and practice management.
    • An ability to communicate, influence, negotiate, and facilitate.
    • Organizational knowledge and relationship management.
    • Contract and license agreement analysis, attention to detail.
    • Natural curiosity and a willingness to learn.
    • A strong understanding of technologies in use by the organization, and how they fit into the asset management program.
    Where the asset manager sits in the organization will also have an impact on their focus and priorities. When the asset manager reports into a service team, their focus will often reflect their team’s focus: end-user devices and software, customer satisfaction, request fulfillment. Asset teams that report into a leadership or governance function will be more likely to focus on organization-wide assets, governance, budget management, and compliance.

    “Where your asset manager sits, and what past experience they have, is going to influence how they do asset management.” (Jeremy Boerger, Consultant & Author)

    “It can be annoying at times, but a good IT asset manager will poke their nose into activities that do not obviously concern them, such as programme and project approval boards and technical design committees. Their aim is to identify and mitigate ITAM risks BEFORE the technology is deployed as well as to ensure that projects and solutions ‘bake in’ the necessary processes and tools that ensure IT assets can be managed effectively throughout their lifecycle.” (Kylie Fowler, ITAM by Design, 2017)

    IT asset managers must have a range of skills and knowledge

    • ITAM Operations, Process, and Practice Management
      The asset manager is typically responsible for managing and improving the ITAM practice and related processes and tools. The asset manager may administer the ITAM tool, develop reports and dashboards, evaluate and implement new technologies or services to improve ITAM maturity, and more.
    • Organizational Knowledge
      An effective IT asset manager has a good understanding of your organization and its strategy, products, stakeholders, and culture.
    • Technology & Product Awareness
      An IT asset manager must learn about new and changing technologies and products adopted by the organization (e.g. IoT, cloud) and develop recommendations on how to track and manage them via the ITAM practice.
    		 A book surrounded by icons corresponding to the bullet points.
    • People Management
      Asset managers often manage a team directly and have dotted-line reports across IT and the business.
    • Communication
      Important in any role, but particularly critical where learning, listening, negotiation, and persuasion are so critical.
    • Finance & Budgeting
      A foundational knowledge of financial planning and budgeting practices is often helpful, where the asset manager is asked to contribute to these activities.
    • Contract Review & Analysis
      Analyze new and existing contracts to evaluate changes, identify compliance requirements, and optimize spend.

    Assign ITAM responsibilities and accountabilities

    Align authority and accountability.
    • A RACI exercise will help you discuss and document accountability and responsibility for critical ITAM activities.
    • When responsibility and accountability are not currently well documented, it’s often useful to invite a representative of the roles identified to participate in this alignment exercise. The discussion can uncover contrasting views on responsibility and governance, which can help you build a stronger management and governance model.
    • The RACI chart can help you identify who should be involved when making changes to a given activity. Clarify the variety of responsibilities assigned to each key role.
    • In the future, you may need to define roles in more detail as you change your hardware and software asset management procedures.

    R

    		 Responsible: The person who actually gets the job done.

    Different roles may be responsible for different aspects of the activity relevant to their role.

    A

    		 Accountable: The one role accountable for the activity (in terms completion, quality, cost, etc.)

    Must have sufficient authority to be held accountable; responsible roles are often accountable to this role.

    C

    		 Consulted: Must have the opportunity to provide meaningful input at certain points in the activity.

    Typically, subject matter experts or stakeholders. The more people you must consult, the more overhead and time you’ll add to a process.

    I

    		 Informed: Receives information regarding the task, but has no requirement to provide feedback.

    Information might relate to process execution, changes, or quality.

    2.4 Conduct a RACI Exercise

    1-2 hours

    Input: An understanding of key roles and activities in ITAM practices, An understanding of your organization, High-level structure of your ITAM program

    Output: A RACI diagram for IT asset management

    Materials: The table in the next slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers, ITAM business partners

    Let’s face it – RACI exercises can be dry. We’ve found that the approach below is more collaborative, engaging, and effective compared to filling out the table as a large group.

    1. Create a shared working copy of the RACI charts on the following slides (e.g. write it out on a whiteboard or provide a link to this document and work directly in it).
    2. Review the list of template roles and activities as a group. Add, change, or remove roles and activities from the table as needed.
    3. Divide into small groups. Assign each group a set of roles, and have them define whether that role is accountable, responsible, consulted, or informed for each activity in the chart. Refer to the previous slide for context on RACI. Give everyone 15 minutes to update their section of the chart.
    4. Come back together as a large group to review the chart. First, check for accountability – there should generally be just one role accountable for each activity. Then, have each small group walk through their section, and encourage participants to ask questions. Is there at least one role responsible for each task, and what are they responsible for? Does everyone listed as consulted or informed really need to be? Make any necessary adjustments.

    Add your results to your copy of the ITAM Strategy Template

    Define ITAM governance activities

    RACI Chart for ITAM governance activities. In the first column is a list of governance activities, and the row headers are positions within a company. Fields are marked with an R, A, C, or I.

    Document asset management responsibilities and accountabilities

    RACI Chart for ITAM asset management responsibilities and accountabilities. In the first column is a list of responsibilities and accountabilities, and the row headers are positions within a company. Fields are marked with an R, A, C, or I.

    Step 2.5: Align ITAM with other Service Management Practices

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers

    Outcomes

    • Establish shared and separate responsibilities for asset and configuration management.
    • Identify how ITAM can support other practices, and how other practices can support ITAM.

    Asset vs. Configuration

    Asset and configuration management look at the same world through different lenses.
    • IT asset management tends to focus on each IT asset in its own right: assignment or ownership, its lifecycle, and related financial obligations and entitlements.
    • Configuration management is focused on configuration items (CIs) that must be managed to deliver a service and the relationships and integrations to other CIs.
    • ITAM and configuration management teams and practices should work closely together. Though asset and configuration management focus on different outcomes, they tend use overlapping tools and data sets. Each practice, when working effectively, can strengthen the other.
    • Many objects will exist in both the CMDB and AMDB, and the data on those shared objects will need to be kept in sync.
    Asset and Configuration Management: An Example

    Configuration Management Database (CMDB)

    A database of uniquely identified configuration items (CIs). Each CI record may include information on:
    Service Attributes

    Supported Service(s)
    Service Description, Criticality, SLAs
    Service Owners
    Data Criticality/Sensitivity

    CI Relationships

    Physical Connections
    Logical Connections
    Dependencies

    		Arrow connector.

    Discovery, Normalization, Dependency Mapping, Business Rules*

    Manual Data Entry
    Arrow connector.
    This shared information could be attached to asset records, CI records, or both, and it should be synchronized between the two databases where it’s tracked in both.
    Hardware Information

    Serial, Model and Specs
    Network Address
    Physical Location

    Software Installations

    Hypervisor & OS
    Middleware & Software
    Software Configurations

    		Arrow connector.

    Asset Management Database (AMDB)

    A database of uniquely identified IT assets. Each asset record may include information on:
    Procurement/Purchasing

    Purchase Request/Purchase Order
    Invoice and Cost
    Cost Center
    Vendor
    Contracts and MSAs
    Support/Maintenance/Warranties

    Asset Attributes

    Model, Title, Product Info, License Key
    Assigned User
    Lifecycle Status
    Last ITAM Audit Date
    Certificate of Disposal

    Arrows connecting multiple fields.

    IT Security Systems

    Vulnerability Management
    Threat Management
    SIEM
    Endpoint Protection

    IT Service Management (ITSM) System

    Change Tickets
    Request Tickets
    Incident Tickets
    Problem Tickets
    Project Tickets
    Knowledgebase

    Financial System/ERP

    General Ledger
    Accounts Payable
    Accounts Receivable
    Enterprise Assets
    Enterprise Contract Database

    (*Discovery, dependency mapping, and data normalization are often features or modules of configuration management, asset management, or IT service management tools.)

    2.5 Integrate ITAM and configuration practices

    45 minutes

    Input: Knowledge of the organization’s configuration management processes

    Output: Define how ITAM and configuration management will support one another

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers, Configuration manager

    Work through the table below to identify how you will collaborate and synchronize data across ITAM and configuration management practices and tools.

    What are the goals (if any currently exist) for the configuration management practice? Connect configuration items to services to support service management.
    How will configuration and asset management teams collaborate? Weekly status updates. As-needed working sessions.
    Shared visibility on each others’ Kanban tracker.
    Create tickets to raise and track issues that require collaboration or attention from the other team.
    How can config leverage ITAM? Connect CIs to financial, contractual, and ownership data.
    How can ITAM leverage config? Connect assets to services, changes, incidents.
    What key fields will be primarily tracked/managed by ITAM? Serial number, unique ID, user, location, PO number, …
    What key fields will be primarily tracked/managed by configuration management? Supported service(s), dependencies, service description, service criticality, network address…

    Add your results to your copy of the ITAM Strategy Template

    ITAM supports service management

    Decoupling asset management from other service management practices can result in lost value. Establish how asset management can support other service management practices – and how those practices can support ITAM.

    Incident Management

    What broke?
    Was it under warranty?
    Is there a service contract?
    Was it licensed?
    Who was it assigned to?
    Is it end-of-life?

    ITAM
    Practice

    		 Request Management

    What can this user request or purchase?
    What are standard hardware and software offerings?
    What does the requester already have?
    Are there items in inventory to fulfil the request?
    Did we save money by reissuing equipment?
    Is this a standard request?
    What assets are being requested regularly?

    What IT assets are related to the known issue?
    What models and vendors are related to the issue?
    Are the assets covered by a service contract?
    Are other tickets related to this asset?
    What end-of-life assets have been tied to incidents recently?

    Problem Management

    What assets are related to the change?
    Is the software properly licensed?
    Has old equipment been properly retired and disposed?
    Have software licenses been returned to the pool?
    Is the vendor support on the change part of a service contract?

    Change Enablement

    2.5. Connect with other IT service practices

    45 minutes

    Input: Knowledge of existing organizational IT service management processes

    Output: Define how ITAM will help other service management processes, and how other service management processes will help ITAM

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers, Service leads

    Complete the table below to establish what ITAM can provide to other service management practices, and what other practices can provide to ITAM.

    Practice ITAM will help Will help ITAM
    Incident Management Provide context on assets involved in an incident (e.g. ownership, service contracts). Track when assets are involved in incidents (via incident tickets).
    Request Management Oversee request & procurement processes. Help develop asset standards. Enter new assets in ITAM database.
    Problem Management Collect information on assets related to known issues. Report back on models/titles that are generating known issues.
    Change Enablement Provide context on assets for change review. Ensure EOL assets are retired and licenses are returned during changes.
    Capacity Management Identify ownership, location for assets at capacity. Identify upcoming refreshes or purchases.
    Availability Management Connect uptime and reliability to assets. Identify assets that are causing availability issues.
    Monitoring and Event Management Provide context to events with asset data. Notify asset of unrecognized software and hardware.
    Financial Management Establish current and predict future spending. Identify upcoming purchases, renewals.

    Add your results to your copy of the ITAM Strategy Template

    Step 2.6: Evaluate ITAM tools and integrations

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers

    Outcomes

    • Create a list of the ITAM tools currently in use, how they’re used, and their current limitations.
    • Identify new tools that could provide value to the ITAM practice, and what needs to be done to acquire and implement them.

    “Everything is connected. Nothing is also connected.” (Dirk Gently’s Holistic Detective Agency)

    Establish current strengths and gaps in your ITAM toolset

    ITAM data quality relies on tools and integrations that are managed by individuals or teams who don’t report directly to the ITAM function.

    Without direct line of sight into tools management, the ITAM team must influence rather than direct improvement initiatives that are in some cases critical to the performance of the ITAM function. To more effectively influence improvement efforts, you must explicitly identify what you need, why you need it, from which tools, and from which stakeholders.

    Data Sources
    Procurement Tools
    Discovery Tools
    Active Directory
    Purchase Documents
    Spreadsheets     		Input To Asset System(s) of Record
    ITAM Database
    ITSM Tool
    CMDB     		Output To Asset Data Consumption
    ITFM Tools
    Security Tools
    TEM Tools
    Accounting Tools
    Spreadsheets
    		“Active Directory plays a huge role in audit defense and self-assessment, but no-one really goes out there and looks at Active Directory.

    I was talking to one organization that has 1,600,000 AD records for 100,000 employees.” (Mike Austin, Founder, MetrixData 360)

    2.6 Evaluate ITAM existing technologies

    30 minutes

    Input: Knowledge of existing ITAM tools

    Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers

    Identify the use, limitations, and next steps for existing ITAM tools, including those not directly managed by the ITAM team.

    1. What tools do we have today?
    2. What are they used for? What are their limitations?
    3. Who manages them?
    4. What actions could we take to maximize the value of the tools?
    Existing Tool Use Constraints Owner Proposed Action?
    ITAM Module
    • Track HW/SW
    • Connect assets to incident, request
    • Currently used for end-user devices only
    • Not all divisions have access
    • SAM capabilities are limited
    		 ITAM Team/Service Management
    • Add license for additional read/write access
    • Start tracking infra in this tool
    Active Directory
    • Store user IDs, organizational data
    		 Major data quality issues IT Operations
    • Work with AD team to identify issues creating data issues

    Add your results to your copy of the ITAM Strategy Template

    2.6 Identify potential new tools

    30 minutes

    Input: Knowledge of tooling gaps, An understanding of available tools that could remediate gaps

    Output: New tools that can improve ITAM capabilities, including expected value and proposed next steps

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers

    Identify tools that are required to support the identified goals of the ITAM practice.

    1. What types of tools do we need that we don’t have?
    2. What could these tools help us do?
    3. What needs to be done next to investigate or acquire the appropriate tool?
    New Tool Expected Value Proposed Next Steps
    SAM tool
    • Automatically calculate licensing entitlements from contract data.
    • Automatically calculate licensing requirements from discovery data.
    • Support gap analyses.
    • Further develop software requirements.
    • Identify vendors in the space and create a shortlist.

    Add your results to your copy of the ITAM Strategy Template

    Step 2.7: Create a plan for internal and external audits

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers
    • ITAM business partners

    Outcomes

    • Establish your approach to internal data audits.
    • Create a high-level response plan for external audits.

    Validate ITAM data via internal audits

    Data audits provide assurance that the records in the ITAM database are as accurate as possible. Consider these three approaches:

    Compare Tool Records

    Audit your data by comparing records in the ITAM system to other discovery sources.

    • Ideally, use three separate data sources (e.g. ITAM database, discovery tool, security tool). Use a common field, such as the host name, to compare across fields. (To learn more about discovery tool analysis, see Jeremy Boerger’s book, Rethinking IT Asset Management.)
    • Run reports to compare records and identify discrepancies. This could include assets missing from one system or metadata differences such as different users or installed software.
    • Over time, discrepancies between tools should be well understood and accepted; otherwise, they should be addressed and remediated.
    		 IT-led Audit

    Conduct a hands-on investigation led by ITAM staff and IT technicians.

    • In-person audits require significant effort and resources. Each audit should be scoped and planned ahead of time to focus on known problem areas.
    • Provide the audit team with exact instructions on what needs to be verified and recorded. Depending on the experience and attention to detail of the audit team, you may need to conduct spot checks to ensure you’re catching any issues in the audit process itself.
    • Automation should be used wherever possible (e.g. through barcodes, scanners, and tables for quick access to ITAM records).
    		 User-led audit

    Have users validate the IT assets assigned to them.

    • Even more than IT-led audits: don’t use this approach too frequently; keep the scope as narrow as possible and the process as simple as possible.
    • Ensure users have all the information and tools they’ll need readily available to complete this task, or the result will be ineffective and will only frustrate your users.
    • Consider a process integrated with your ITSM tool: once a year, when a user logs in to the portal, they will be asked to enter the asset code for their laptop (and provided with instructions on where to find that code). Investigate discrepancies between assignments and ITAM records.

    2.7 Set an approach to internal data audits

    30 minutes

    Input: An understanding of current data audit capabilities and needs

    Output: An outline of how you’ll approach data audits, including frequency, scope, required resources

    Materials: Your copy of the ITAM Strategy Template

    Participants: ITAM team

    Review the three internal data audit approaches outlined on the previous slide, and identify which of the three approaches you’ll use. For each approach, complete the fields in the table below.

    Audit Approach How often? What scope? Who’s involved? Comments
    Compare tool records Monthly Compare ITAM DB, Intune/ConfigMgr, and Vulnerability Scanner Data; focus on end-user devices to start Asset manager will lead at first.
    Work with tool admins to pull data and generate reports.
    IT-led audit Annual End-user devices at a subset of locations Asset manager will work with ITSM admins to generate reports. In-person audit to be conducted by local techs.
    User-led audit Annual Assigned personal devices (start with a pilot group) Asset coordinator to develop procedure with ITSM admin. Run pilot with power users first.

    Add your results to your copy of the ITAM Strategy Template

    Prepare for and respond to external audits and true-ups

    Are you ready when software vendors come knocking?

    • Vendor audits are expensive.
    • If you’re out of compliance, you will at minimum be required to pay the missing license fees. At their discretion, vendors may choose to add punitive fees and require you to cover the hourly cost of their audit teams. If you choose not to pay, the vendor could secure an injunction to cut off your service, which in many cases will be far more costly than the fines. And this is aside from the intangible costs of the disruption to your business and damaged relationships between IT, ITAM, your business, and other partners.
    • Having a plan to respond to an audit is critical to reducing audit risk. Preparation will help you coordinate your audit response, ensure the audit happens on the most favorable possible terms, and even prevent some audits from happening in the first place.
    • The best defense, as they say, is a good offense. Good ITAM and SAM processes will allow you to track acquisition, allocation, and disposal of software licenses; understand your licensing position; and ensure you remain compliant whenever possible. The vendor has no reason to audit you when there’s nothing to find.
    • Know when and where your audit risk is greatest, so you can focus your resources where they can deliver the most value.
    		“If software audits are a big part of your asset operations, you have problems. You can reduce the time spent on audits and eliminate some audits by having a proactive ITAM practice.” (Sandi Conrad, Principal Research Director)

    Info-Tech Insight

    Audit defense starts long before you get audited. For an in-depth review of your audit approach, see Info-Tech’s Prepare and Defend Against a Software Audit.

    Identify areas of higher audit risk

    Watch for these warning signs
    • Your organization is visibly fighting fires. Signs of disorder may signal to vendors that there are opportunities to exploit via an audit. Past audit failures make future audits more likely.
    • You are looking for ways to decrease spend. Vendors may counter attempts to true-down licensing by launching an audit to try to find unlicensed software that provides them leverage to negotiate maintained or even increased spending.
    • Your license/contract terms with the vendor are particularly complex or highly customized. Very complex terms may make it harder to validate your own compliance, which may present opportunities to the vendor in an audit.
    • The vendor has earned a reputation for being particularly aggressive with audits. Some vendors include audits as a standard component of their business model to drive revenue. This may include acquiring smaller vendors or software titles that may not have been audit-driven in the past, and running audits on their new customer base.

    “The reality is, software vendors prey on confusion and complication. Where there’s confusion, there’s opportunity.” (Mike Austin, Founder, MetrixData 360)

    Develop an audit response plan

    You will be on the clock once the vendor sends you an audit request. Have a plan ready to go.
    • Don’t panic: Resist knee-jerk reactions. Follow the plan.
    • Form an audit response team and centralize your response: This team should be led by a member of the ITAM group, and it should include IT leadership, software SMEs, representatives from affected business areas, vendor management, contract management, and legal. You may also need to bring on a contractor with deep expertise with the vendor in question to supplement your internal capabilities. Establish clearly who will be the point of contact with the vendor during the audit.
    • Clarify the scope of the audit: Clearly establish what the audit will cover – what products, subsidiaries, contracts, time periods, geographic regions, etc. Manage the auditors to prevent scope creep.
    • Establish who covers audit costs: Vendors may demand the auditee cover the hourly cost of their audit team if you’re significantly out of compliance. Consider asking the vendor to pay for your team’s time if you’re found to be compliant.
    • Know your contract: Vendors’ contracts change over time, and it’s no guarantee that even your vendor’s licensing experts will be aware of the rights you have in your contract. You must know your entitlements to negotiate effectively.
    1. Bring the audit request received to the attention of ITAM and IT leadership. Assemble the response team.
    2. Acknowledge receipt of audit notice.
    3. Negotiate timing and scope of the audit.
    4. Direct staff not to remove or acquire licenses for software under audit without directly involving the ITAM team first.
    5. Gather installation data and documentation to establish current entitlements, including original contract, current contract, addendums, receipts, invoices.
    6. Compare entitlements to installed software.
    7. Investigate any anomalies (e.g. unexpected or non-compliant software).
    8. Review results with the audit response team.

    2.7 Clarify your vendor audit response plan

    1 hour

    Input: Organizational knowledge on your current audit response procedures

    Output: Audit response team membership, High-level audit checklist, A list of things to start, stop, and continue doing as part of the audit response

    Materials: Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers, ITAM business partners

    1. Who’s on the audit response team, and what’s their role? Who will lead the team? Who will be the point of contact with the auditor?
    2. What are the high-level steps in our audit response workflow? Use the example checklist below as a starting point.
    3. What do we need to start, stop, and continue doing in response to audit requests?

    Example Audit Checklist

    • Bring the audit request received to the attention of ITAM and IT leadership. Assemble the response team.
    • Acknowledge receipt of audit notice.
    • Negotiate timing and scope of the audit.
    • Direct staff not to remove or acquire licenses for software under audit without directly involving the ITAM team first.
    • Gather installation data and documentation to establish current entitlements, including original contract, current contract, addendums, receipts, invoices.
    • Compare entitlements to installed software.
    • Investigate any anomalies (e.g. unexpected or non-compliant software).
    • Review results with the audit response team.

    Add your results to your copy of the ITAM Strategy Template

    Step 2.8: Improve budget processes

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers
    • ITAM business partners

    Outcomes

    • Identify what you need to start, stop, and continue to do to support budgeting processes.

    Improve budgeting and forecasting

    Insert ITAM into budgeting processes to deliver significant value.

    Some examples of what ITAM can bring to the budgeting table:
    • Trustworthy data on deployed assets and spending obligations tied to those assets.
    • Projections of hardware due for replacement in terms of quantity and spend.
    • Knowledge of IT hardware and software contract terms and pricing.
    • Lists of unused or underused hardware and software that could be redeployed to avoid spend.
    • Comparisons of spend year-over-year.

    Being part of the budgeting process positions ITAM for success in other ways:

    • Helps demonstrate the strategic value of the ITAM practice.
    • Provides insight into business and IT strategic projects and priorities for the year.
    • Strengthens relationships with key stakeholders, and positions the ITAM team as trusted partners.

    “Knowing what you have [IT assets] is foundational to budgeting, managing, and optimizing IT spend.” (Dave Kish, Info-Tech, Practice Lead, IT Financial Management)

    Stock image of a calculator.

    2.8 Build better budgets

    20 minutes

    Input: Context on IT budgeting processes

    Output: A list of things to start, stop, and continue doing as part of budgeting exercises

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers, ITAM business partners

    What should we start, stop, and continue doing to support organizational budgeting exercises?

    Start Stop Continue
    • Creating buckets of spend and allocating assets to those buckets.
    • Zero-based review on IaaS instances quarterly.
    • Develop dashboards plugged into asset data for department heads to view allocated assets and spend.
    • Create value reports to demonstrate hard savings as well as cost avoidance.
    • Waiting for business leaders to come to us for help (start reaching out with reports proactively, three months before budget cycle).
    • % increases on IT budgets without further review.
    • Monthly variance budget analysis.
    • What-if analysis for asset spend based on expected headcount increases.

    Add your results to your copy of the ITAM Strategy Template

    Step 2.9: Establish a documentation framework

    Participants

    • Project sponsor and lead facilitator
    • ITAM team

    Outcomes

    • Identify key documentation and gaps in your documentation.
    • Establish where documentation should be stored, who should own it, who should have access, and what should trigger a review.

    Create ITAM documentation

    ITAM documentation will typically support governance or operations.

    Long-term planning and governance
    • ITAM policy and/or related policies (procurement policy, security awareness policy, acceptable use policy, etc.)
    • ITAM strategy document
    • ITAM roadmap or burndown list
    • Job descriptions
    • Functional requirements documents for ITAM tools

    Operational documentation

    • ITAM SOPs (hardware, software) and workflows
    • Detailed work instructions/knowledgebase articles
    • ITAM data/records
    • Contracts, purchase orders, invoices, MSAs, SOWs, etc.
    • Effective Licensing Position (ELP) reports
    • Training and communication materials
    • Tool and integration documentation
    • Asset management governance, operations, and tools typically generate a lot of documentation.
    • Don’t create documentation for the sake of documentation. Prioritize building and maintaining documentation that addresses major risks or presents opportunities to improve the consistency and reliability of key processes.
    • Maximize the value of ITAM documentation by ensuring it is as current, accessible, and usable as it needs to be.
    • Clearly identify where documentation is stored and who should have access to it.
    • Identify who is accountable for the creation and maintenance of key documentation, and establish triggers for reviews, updates, and changes.

    Consider ITAM policies

    Create policies that can and will be monitored and enforced.
    • Certain requirements of the ITAM practice may need to be backed up by corporate policies: formal statements of organizational expectations that must be recognized by staff, and which will lead to sanctions/penalties if breached.
    • Some organizations will choose to create one or more ITAM-specific policies. Others will include ITAM-related statements in other existing policies, such as acceptable use policies, security training and awareness policies, procurement policies, configuration policies, e-waste policies, and more.
    • Ensure that you are prepared to monitor compliance with policies and evenly enforce breaches of policy. Failing to consistently enforce your policies exposes you and your organization to claims of negligence or discriminatory conduct.
    • For a template for ITAM-specific policies, see Info-Tech’s policy templates for Hardware Asset Management and Software Asset Management.

    2.9 Establish documentation gaps

    15-30 minutes

    Input: An understanding of existing documentation gaps and risks

    Output: Documentation gaps, Identified owners, repositories, access rights, and review/update protocols

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, Optional: IT managers, ITAM business partners

    Discuss and record the following:

    • What planning/governance, operational, and tooling documentation do we still need to create? Who is accountable for the creation and maintenance of these documents?
    • Where will the documentation be stored? Who can access these documents?
    • What will trigger reviews or changes to the documents?
    Need to Create Owner Stored in Accessible by Trigger for review
    Hardware asset management SOP ITAM manager ITAM SharePoint site › Operating procedures folder
    • All IT staff
    • Annual review
    • As-needed for major tooling changes that require a documentation update

    Add your results to your copy of the ITAM Strategy Template

    Step 2.10: Create a roadmap and communication plan

    Participants

    • Project sponsor and lead facilitator
    • ITAM team
    • IT leaders and managers

    Outcomes

    • A timeline of key ITAM initiatives.
    • Improvement ideas aligned to key initiatives.
    • A communication plan tailored to key stakeholders.
    • Your ITAM Strategy document.

    “Understand that this is a journey. This is not a 90-day project. And in some organizations, these journeys could be three or five years long.” (Mike Austin, MetrixData 360)

    2.10 Identify key ITAM initiatives

    30-45 minutes

    Input: Organizational strategy documents

    Output: A roadmap that outlines next steps

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers, Project sponsor

    1. Identify key initiatives that are critical to improving practice maturity and meeting business goals.
    2. There should only be a handful of really key initiatives. This is the work that will have the greatest impact on your ability to deliver value. Too many initiatives muddy the narrative and can distract from what really matters.
    3. Plot the target start and end dates for each initiative in the business and IT transformation timeline you created in Phase 1.
    4. Review the chart and consider – what new capabilities should the ITAM practice have once the identified initiatives are complete? What transformational initiatives will you be better positioned to support?

    Add your results to your copy of the ITAM Strategy Template

    Transformation Timeline

    Example transformation timeline with row headers 'Business Inititiaves', 'IT Initiatives', and 'ITAM Initiatives'. Each initiative is laid out along the timeline appropriately.

    2.10 Align improvement ideas to initiatives

    45 minutes

    Input: Key initiatives, Ideas for ITAM improvement collected over the course of previous exercises

    Output: Concrete action items to support each initiative

    Materials: The table in the next slide, Your copy of the ITAM Strategy Template

    Participants: ITAM team, IT leaders and managers, Project sponsor

    As you’ve been working through the previous exercises, you have been tracking ideas for improvement – now we’ll align them to your roadmap.

    1. Review the list of ideas for improvement you’ve produced over the working sessions. Consolidate the list – are there any ideas that overlap or complement each other? Record any new ideas. Frame each idea as an action item – something you can actually do.
    2. Connect the action items to initiatives. It may be that not every action item becomes part of a key initiative. (Don’t lose ideas that aren’t part of key initiatives – track them in a separate burndown list or backlog.)
    3. Identify a target completion date and owner for each action item that’s part of an initiative.

    Add your results to your copy of the ITAM Strategy Template

    Example ITAM initiatives

    Initiative 1: Develop hardware/software standards
    Task Target Completion Owner
    Laptop standards Q1-2023 ITAM manager
    Identify/eliminate contracts for unused software using scan tool Q2-2023 ITAM manager
    Review O365 license levels and standard service Q3-2023 ITAM manager

    Initiative 2: Improve ITAM data quality
    Task Target Completion Owner
    Implement scan agent on all field laptops Q3-2023 Desktop engineer
    Conduct in person audit on identified data discrepancies Q1-2024 ITAM team
    Develop and run user-led audit Q1-2024 Asset manager

    Initiative 3: Acquire & implement a new ITAM tool
    Task Target Completion Owner
    Select an ITAM tool Q3-2023 ITAM manager
    Implement ITAM tool, incl. existing data migration Q1-2024 ITAM manager
    Training on new tool Q1-2024 ITAM manager
    Build KPIs, executive dashboards in new tool Q2-2024 Data analyst
    Develop user-led audit functionality in new tool Q3-2024 ITAM coordinator

    2.10 Create a communication plan

    45 minutes

    Input: Proposed ITAM initiatives, Stakeholder priorities and goals, and an understanding of how ITAM can help them meet those goals

    Output: A high-level communication plan to communicate the benefits and impact of proposed changes to the ITAM program

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: IT asset manager, Project sponsor

    Develop clear, consistent, and targeted messages to key ITAM stakeholders.

    1. Modify the list of stakeholders in the first column.
    2. What benefits should those stakeholders realize from ITAM? What impact may the proposed improvements have on them? Refer back to exercises from Phase 1, where you identified key stakeholders, their priorities, and how ITAM could help them.
    3. Identify communication channels (in-person, email, all-hands meeting, etc.) and timing – when you’ll distribute the message. You may choose to use more than one channel, and you may need to convey the message more than once.
    Group ITAM Benefits Impact Channel(s) Timing
    CFO
    • More accurate IT spend predictions
    • Better equipment utilization and value for money
    • Sponsor integration project between ITAM DB and financial system
    • Support procurement procedures review
    		 Face-to-face – based on their availability Within the next month
    CIO
    • Better oversight into IT spend
    • Data to help demonstrate IT value
    • Resources required to support tool and ITAM process improvements
    		 Standing bi-monthly 1:1 meetings Review strategy at next meeting
    IT Managers
    Field Techs

    Add your results to your copy of the ITAM Strategy Template

    2.10 Put the final touches on your ITAM Strategy

    30 minutes

    Input: Proposed ITAM initiatives, Stakeholder priorities and goals, and an understanding of how ITAM can help them meet those goals

    Output: A high-level communication plan to communicate the benefits and impact of proposed changes to the ITAM program

    Materials: The table in this slide, Your copy of the ITAM Strategy Template

    Participants: IT asset manager, Project sponsor

    You’re almost done! Do a final check of your work before you send a copy to your participants.

    1. Summarize in three points the key findings from the activities you’ve worked through. What have you learned? What are your priorities? What key message do you need to get across? Add these to the appropriate slide near the start of the ITAM Strategy Template.
    2. What are your immediate next steps? Summarize no more than five and add them to the appropriate slide near the start of the ITAM Strategy Template.
      1. Are you asking for something? Approval for ITAM initiatives? Funding? Resources? Clearly identify the ask as part of your next steps.
    3. Are the KPIs identified in Phase 1 still valid? Will they help you monitor for success in the initiatives you’ve identified in Phase 2? Make any adjustments you think are required to the KPIs to reflect the additional completed work.

    Add your results to your copy of the ITAM Strategy Template

    Research Contributors and Experts

    Kylie Fowler
    Principal Consultant
    ITAM Intelligence

    Kylie is an experienced ITAM/FinOps consultant with a track record of creating superior IT asset management frameworks that enable large companies to optimize IT costs while maintaining governance and control.

    She has operated as an independent consultant since 2009, enabling organizations including Sainsbury's and DirectLine Insurance to leverage the benefits of IT asset management and FinOps to achieve critical business objectives. Recent key projects include defining an end-to-end SAM strategy, target operating model, policies and processes which when implemented provided a 300% ROI.

    She is passionate about supporting businesses of all sizes to drive continuous improvement, reduce risk, and achieve return on investment through the development of creative asset management and FinOps solutions.

    		Rory Canavan
    Owner and Principal Consultant
    SAM Charter

    Rory is the founder, owner, and principal consultant of SAM Charter, an internationally recognized consultancy in enterprise-wide Software & IT Asset Management. As an industry leader, SAM Charter is uniquely poised to ensure your IT & SAM systems are aligned to your business requirements.

    With a technical background in business and systems analysis, Rory has a wide range of first-hand experience advising numerous companies and organizations on the best practices and principles pertaining to software asset management. This experience has been gained in both military and civil organizations, including the Royal Navy, Compaq, HP, the Federation Against Software Theft (FAST), and several software vendors.

    Research Contributors and Experts

    Jeremy Boerger
    Founder, Boerger Consulting
    Author of Rethinking IT Asset Management

    Jeremy started his career in ITAM fighting the Y2K bug at the turn of the 21st century. Since then, he has helped companies in manufacturing, healthcare, banking, and service industries build and rehabilitate hardware and software asset management practices.

    These experiences prompted him to create the Pragmatic ITAM method, which directly addresses and permanently resolves the fundamental flaws in current ITAM and SAM implementations.

    In 2016, he founded Boerger Consulting, LLC to help business leaders and decision makers fully realize the promises a properly functioning ITAM can deliver. In his off time, you will find him in Cincinnati, Ohio, with his wife and family.

    		Mike Austin
    Founder and CEO
    MetrixData 360

    Mike Austin leads the delivery team at MetrixData 360. Mike brings more than 15 years of Microsoft licensing experience to his clients’ projects. He assists companies, from Fortune 500 to organizations with as few as 500 employees, with negotiations of Microsoft Enterprise Agreements (EA), Premier Support Contracts, and Select Agreements. In addition to helping negotiate contracts, he helps clients build and implement software asset management processes.

    Previously, Mike was employed by Microsoft for more than 8 years as a member of the global sales team. With Microsoft, Mike successfully negotiated more than a billion dollars in new and renewal EAs. Mike has also negotiated legal terms and conditions for all software agreements, developed Microsoft’s best practices for global account management, and was awarded Microsoft’s Gold Star Award in 2003 and Circle of Excellence in 2008 for his contributions.

    Bibliography

    “Asset Management.” SFIA v8. Accessed 17 March 2022.

    Boerger, Jeremy. Rethinking IT Asset Management. Business Expert Press, 2021.

    Canavan, Rory. “C-Suite Cheat Sheet.” SAM Charter, 2021. Accessed 17 March 2022.

    Fisher, Matt. “Metrics to Measure SAM Success.” Snow Software, 26 May 2015. Accessed 17 March 2022.

    Flexera (2021). “State of ITAM Report.” Flexera, 2021. Accessed 17 March 2022.

    Fowler, Kylie. “ITAM by design.” BCS, The Chartered Institute for IT, 2017. Accessed 17 March 2022.

    Fowler, Kylie. “Ch-ch-ch-changes… Is It Time for an ITAM Transformation?” ITAM Intelligence, 2021. Web. Accessed 17 March 2022.

    Fowler, Kylie. “Do you really need an ITAM policy?” ITAM Accelerate, 15 Oct. 2021. Accessed 17 March 2022.

    Hayes, Chris. “How to establish a successful, long-term ITAM program.” Anglepoint, Sept. 2021. Accessed 17 March 2022.

    ISO/IEC 19770-1-2017. IT Asset Management Systems – Requirements. Third edition. ISO, Dec 2017.

    Joret, Stephane. “IT Asset Management: ITIL® 4 Practice Guide”. Axelos, 2020.

    Jouravlev, Roman. “IT Service Financial Management: ITIL® 4 Practice Guide”. Axelos, 2020.

    Pagnozzi, Maurice, Edwin Davis, Sam Raco. “ITAM Vs. ITSM: Why They Should Be Separate.” KPMG, 2020. Accessed 17 March 2022.

    Rumelt, Richard. Good Strategy, Bad Strategy. Profile Books, 2013.

    Stone, Michael et al. “NIST SP 1800-5 IT Asset Management.” Sept, 2018. Accessed 17 March 2022.

    Deliver a Customer Service Training Program to Your IT Department

    • Buy Link or Shortcode: {j2store}484|cart{/j2store}
    • member rating overall impact: 10.0/10 Overall Impact
    • member rating average dollars saved: $4,339 Average $ Saved
    • member rating average days saved: 6 Average Days Saved
    • Parent Category Name: Service Desk
    • Parent Category Link: /service-desk
    • The scope of service that the service desk must provide has expanded. With the growing complexity of technologies to support, it becomes easy to forget the customer service side of the equation. Meanwhile, customer expectations for prompt, frictionless, and exceptional service from anywhere have grown.
    • IT departments struggle to hire and retain talented service desk agents with the right mix of technical and customer service skills.
    • Some service desk agents don’t believe or understand that customer service is an integral part of their role.
    • Many IT leaders don’t ask for feedback from users to know if there even is a customer service problem.

    Our Advice

    Critical Insight

    • There’s a common misconception that customer service skills can’t be taught, so no effort is made to improve those skills.
    • Even when there is a desire to improve customer service, it’s hard for IT teams to make time for training and improvement when they’re too busy trying to keep up with tickets.
    • A talented service desk agent with both great technical and customer service skills doesn’t have to be a rare unicorn, and an agent without innate customer service skills isn’t a lost cause. Relevant and impactful customer service habits, techniques, and skills can be taught through practical, role-based training.
    • IT leaders can make time for this training through targeted, short modules along with continual on-the-job coaching and development.

    Impact and Result

    • Good customer service is critical to the success of the service desk. How a service desk treats its customers will determine its customers' satisfaction with not only IT but also the company as a whole.
    • Not every technician has innate customer service skills. IT managers need to provide targeted, practical training on what good customer service looks like at the service desk.
    • One training session is not enough to make a change. Leaders must embed the habits, create a culture of engagement and positivity, provide continual coaching and development, regularly gather customer feedback, and seek ways to improve.

    Deliver a Customer Service Training Program to Your IT Department Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should deliver customer service training to your team, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Deliver a Customer Service Training Program to Your IT Department – Executive Brief
    • Deliver a Customer Service Training Program to Your IT Department Storyboard

    1. Deliver customer service training to your IT team

    Understand the importance of customer service training, then deliver Info-Tech's training program to your IT team.

    • Customer Service Training for the Service Desk – Training Deck
    • Customer Focus Competency Worksheet
    • Cheat Sheet: Service Desk Communication
    • Cheat Sheet: Service Desk Written Communication
    [infographic]

    Legacy Active Directory Environment

    • Buy Link or Shortcode: {j2store}471|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Cloud Strategy
    • Parent Category Link: /cloud-strategy

    You are looking to lose your dependency on Active Directory (AD), and you need to tackle infrastructure technical debt, but there are challenges:

    • Legacy apps that are in maintenance mode cannot shed their AD dependency or have hardware upgrades made.
    • You are unaware of what processes depend on AD and how integrated they are.
    • Departments invest in apps that are integrated with AD without informing you until they ask for Domain details after purchasing.

    Our Advice

    Critical Insight

    • Remove your dependency on AD one application at a time. If you are a cloud-first organization, rethink your AD strategy to ask “why” when you add a new device to your Active Directory.
    • With the advent of hybrid work, AD is now a security risk. You need to shore up your security posture. Think of zero trust architecture.
    • Take inventory of your objects that depend on Kerberos and NTML and plan on removing that barrier through applications that don’t depend on AD.

    Impact and Result

    Don’t allow Active Directory services to dictate your enterprise innovation and modernization strategies. Determine if you can safely remove objects and move them to a cloud service where your Azure AD Domain Services can handle your authentication and manage users and groups.

    Legacy Active Directory Environment Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Legacy Active Directory Environment Deck – Legacy AD was never built for modern infrastructure. Understand the history and future of Active Directory and what alternatives are in the market.

    Build all new systems with cloud integration in mind. Many applications built in the past had built-in AD components for access, using Kerberos and NTLM. This dependency has prevented organizations from migrating away from AD. When assessing new technology and applications, consider SaaS or cloud-native apps rather than a Microsoft-dependent application with AD ingrained in the code.

    • Legacy Active Directory Environment Storyboard
    [infographic]

    Further reading

    Legacy Active Directory Environment

    Kill the technical debt of your legacy Active Directory environment.

    Analyst Perspective

    Understand what Active Directory is and why Azure Active Directory does not replace it.

    It’s about Kerberos and New Technology LAN Manager (NTLM).

    The image contains a picture of John Donovan.

    Many organizations that want to innovate and migrate from on-premises applications to software as a service (SaaS) and cloud services are held hostage by their legacy Active Directory (AD). Microsoft did a good job taking over from Novell back in the late 90s, but its hooks into businesses are so deep that many have become dependent on AD services to manage devices and users, when in fact AD falls far short of needed capabilities, restricting innovation and progress.

    Despite Microsoft’s Azure becoming prominent in the world of cloud services, Azure AD is not a replacement for on-premises AD. While Azure AD is a secure authentication store that can contain users and groups, that is where the similarities end. In fact, Microsoft itself has an architecture to mitigate the shortcomings of Azure AD by recommending organizations migrate to a hybrid model, especially for businesses that have an in-house footprint of servers and applications.

    If you are a greenfield business and intend to take advantage of software, infrastructure, and platform as a service (SaaS, IaaS, and PaaS), as well as Microsoft 365 in Azure, then Azure AD is for you and you don’t have to worry about the need for AD.

    John Donovan
    Principal Director, I&O Practice
    Info-Tech Research Group

    Insight Summary

    Legacy AD was never built for modern infrastructure

    When Microsoft built AD as a free component for the Windows Server environment to replace Windows NT before the demise of Novell Directory Services in 2001, it never meant Active Directory to work outside the corporate network with Microsoft apps and devices. While it began as a central managing system for users and PCs on Microsoft operating systems, with one user per PC, the IT ecosystem has changed dramatically over the last 20 years, with cloud adoption, SaaS, IaaS, PaaS, and everything as a service. To make matters worse, work-from-anywhere has become a serious security challenge.

    Build all new systems with cloud integration in mind

    Many applications built in the past had built-in AD components for access, using Kerberos and NTLM. This dependency has prevented organizations from migrating away from AD. When assessing new technology and applications, consider SaaS or cloud-native apps rather than a Microsoft-dependent application with AD ingrained in the code. Ensure you are engaged when the business is assessing new apps. Stop the practice of the business purchasing apps without IT’s involvement; for example, if your marketing department is asking you for your Domain credentials for a vendor when you were not informed of this purchase.

    Hybrid AD is a solution but not a long-term goal

    Economically, Microsoft has no interest in replacing AD anytime soon. Microsoft wants that revenue and has built components like Azure AD Connect to mitigate the AD dependency issue, which is basically holding your organization hostage. In fact, Microsoft has advised that a hybrid solution will remain because, as we will investigate, Azure AD is not legacy AD.

    Executive Summary

    Your Challenge

    Common Obstacles

    Info-Tech’s Approach

    You are looking to lose your dependency on Active Directory, and you need to tackle infrastructure technical debt, but there are challenges.

    • Legacy apps that are in maintenance mode cannot shed their AD dependency or have hardware upgrades made.
    • You are unaware of what processes depend on AD and how integrated they are.
    • Departments invest in apps that are integrated with AD without informing you until they ask for Domain details after purchasing.
    • Legacy applications can prevent you from upgrading servers or may need to be isolated due to security concerns related to inadequate patching and upgrades.
    • You do not see any return on investment in AD maintenance.
    • Mergers and acquisitions can prevent you from migrating away from AD if one company is dependent on AD and the other is fully in the cloud. This increases technical debt.
    • Remove your dependency on AD one application at a time. If you are a cloud-first organization, rethink your AD strategy to ask “why” when you add a new device to your Active Directory.
    • With the advent of hybrid work, AD is now a security risk. You need to shore up your security posture. Think of zero trust architecture.
    • Take inventory of your objects that depend on Kerberos and NTML and plan on removing that barrier through applications that don’t depend on AD.

    Info-Tech Insight

    Don’t allow Active Directory services to dictate your enterprise innovation and modernization strategies. Determine if you can safely remove objects and move them to a cloud service where your Azure AD Domain Services can handle your authentication and manage users and groups.

    The history of Active Directory

    The evolution of your infrastructure environment

    From NT to the cloud

    AD 2001 Exchange Server 2003 SharePoint 2007 Server 2008 R2 BYOD Security Risk All in Cloud 2015
    • Active Directory replaces NT and takes over from Novell as the enterprise access and control plane.
    • With slow WAN links, no cellphones, no tablets, and very few laptops, security was not a concern in AD.
    • In 2004, email becomes business critical.
    • This puts pressure on links, increases replication and domains, and creates a need for multiple identities.
    • Collaboration becomes pervasive.
    • Cross domain authentication becomes prevalent across the enterprise.
    • SharePoint sites need to be connected to multiple Domain AD accounts. More multiple identities are required.
    • Exchange resource forest rolls out, causing the new forest functional level to be a more complex environment.
    • Fine-grained password policies have impacted multiple forests, forcing them to adhere to the new password policies.
    • There are powerful Domain controllers, strong LAN and WAN connections, and an increase in smartphones and laptops.
    • Audits and compliance become a focus, and mergers and acquisitions add complexity. Security teams are working across the board.
    • Cloud technology doesn’t work well with complicated, messy AD environment. Cloud solutions need simple, flat AD architecture.
    • Technology changes after 15+ years. AD becomes the backbone of enterprise infrastructure. Managers demand to move to cloud, building complexity again.

    Organizations depend on AD

    AD is the backbone of many organizations’ IT infrastructure

    73% of organizations say their infrastructure is built on AD.

    82% say their applications depend on AD data.

    89% say AD enables authenticated access to file servers.

    90% say AD is the main source for authentication.

    Source: Dimensions research: Active Directory Modernization :

    Info-Tech Insight

    Organizations fail to move away from AD for many reasons, including:

    • Lack of time, resources, budget, and tools.
    • Difficulty understanding what has changed.
    • Migrating from AD being a low priority.

    Active Directory components

    Physical and logical structure

    Authentication, authorization, and auditing

    The image contains a screenshot of the active directory components.

    Active Directory has its hooks in!

    AD creates infrastructure technical debt and is difficult to migrate away from.

    The image contains a screenshot of an active directory diagram.

    Info-Tech Insight

    Due to the pervasive nature of Active Directory in the IT ecosystem, IT organizations are reluctant to migrate away from AD to modernize and innovate.

    Migration to Microsoft 365 in Azure has forced IT departments’ hand, and now that they have dipped their toe in the proverbial cloud “lake,” they see a way out of the mounting technical debt.

    AD security

    Security is the biggest concern with Active Directory.

    Neglecting Active Directory security

    98% of data breaches came from external sources.

    Source: Verizon, Data Breach Report 2022

    85% of data breach took weeks or even longer to discover.

    Source: Verizon Data Breach Report, 2012

    The biggest challenge for recovery after an Active Directory security breach is identifying the source of the breach, determining the extent of the breach, and creating a safe and secure environment.

    Info-Tech Insight

    Neglecting legacy Active Directory security will lead to cyberattacks. Malicious users can steal credentials and hijack data or corrupt your systems.

    What are the security risks to legacy AD architecture?

    • It's been 22 years since AD was released by Microsoft, and it has been a foundational technology for most businesses over the years. However, while there have been many innovations over those two decades, like Amazon, Facebook, iPhones, Androids, and more, Active Directory has remained mostly unchanged. There hasn’t been a security update since 2016.
    • This lack of security innovation has led to several cyberattacks over the years, causing businesses to bolt on additional security measures and added complexity. AD is not going away any time soon, but the security dilemma can be addressed with added security features.

    AD event logs

    84% of organizations that had a breach had evidence of that breach in their event logs.

    Source: Verizon Data Breach Report, 2012

    What is the business risk

    How does AD impact innovation in your business?

    It’s widely estimated that Active Directory remains at the backbone of 90% of Global Fortune 1000 companies’ business infrastructure (Lepide, 2021), and with that comes risk. The risks include:

    • Constraints of AD and growth of your digital footprint
    • Difficulty integrating modern technologies
    • Difficulty maintaining consistent security policies
    • Inflexible central domains preventing innovation and modernization
    • Inability to move to a self-service password portal
    • Vulnerability to being hacked
    • BYOD not being AD friendly

    AD is dependent on Windows Server

    1. Even though AD is compliant with LDAP, software vendors often choose optional features of LDAP that are not supported by AD. It is possible to implement Kerberos in a Unix system and establish trust with AD, but this is a difficult process and mistakes are frequent.
    2. Restricting your software selection to Windows-based systems reduces innovation and may hamper your ability to purchase best-in-class applications.

    Azure AD is not a replacement for AD

    AD was designed for an on-premises enterprise

    The image contains a screenshot of a Azure AD diagram.

    • Despite Microsoft’s Azure becoming prominent in the world of cloud services, Azure AD is not a replacement for on-premises AD.
    • In fact, Microsoft itself has an architecture to mitigate the shortcomings of Azure AD by recommending organizations migrate to a hybrid model, especially those businesses that have an in-house footprint of servers and applications.
    • If you are a greenfield business and intend to take advantage of SaaS, IaaS, and PaaS, as well as Microsoft 365 in Azure, then Azure AD is for you and you don’t have to worry about the need for AD.

    "Azure Active Directory is not designed to be the cloud version of Active Directory. It is not a domain controller or a directory in the cloud that will provide the exact same capabilities with AD. It actually provides many more capabilities in a different way.

    That’s why there is no actual ‘migration’ path from Active Directory to Azure Active Directory. You can synchronize your on-premises directories (Active Directory or other) to Azure Active Directory but not migrate your computer accounts, group policies, OU etc."

    – Gregory Hall,
    Brand Representative for Microsoft
    (Source: Spiceworks)

    The hybrid model for AD and Azure AD

    How the model works

    The image contains a screenshot of a hybrid model for AD and Azure AD.

    Note: AD Federated Services (ADFS) is not a replacement for AD. It’s a bolt-on that requires maintenance, support, and it is not a liberating service.

    Many companies are:

    • Moving to SaaS solutions for customer relationship management, HR, collaboration, voice communication, file storage, and more.
    • Managing non-Windows devices.
    • Moving to a hybrid model of work.
    • Enabling BYOD.

    Given these trends, Active Directory is becoming obsolete in terms of identity management and permissions.

    The difference between AD Domain Services and Azure AD DS

    One of the core principles of Azure AD is that the user is the security boundary, not the network.

    Kerberos is the default authentication and authorization protocol for AD. Kerberos is involved in nearly everything from the time you log on to accessing Sysvol, which is used to deliver policy and logon scripts to domain members from the Domain Controller.

    Info-Tech Insight

    If you are struggling to get away from AD, Kerberos and NTML are to blame. Working around them is difficult. Azure AD uses SAML2.0 OpenID Connect and OAuth2.0.

    Feature Azure AD DS Self-managed AD DS
    Managed service
    Secure deployments Administrator secures the deployment
    DNS server ✓ (managed service)
    Domain or Enterprise administrator privileges
    Domain join
    Domain authentication using NTLM and Kerberos
    Kerberos-constrained delegation Resource-based Resource-based and account-based
    Custom OU structure
    Group Policy
    Schema extensions
    AD domain/forest trusts ✓ (one-way outbound forest trusts only)
    Secure LDAP (LDAPS)
    LDAP read
    LDAP write ✓ (within the managed domain)
    Geo-distributed deployments

    Source: “Compare self-managed Active Directory Domain Services...” Azure documentation, 2022

    Impact of work-from-anywhere

    How AD poses issues that impact the user experience

    IT organizations are under pressure to enable work-from-home/work-from-anywhere.

    • IT teams regard legacy infrastructure, namely Active Directory, as inadequate to securely manage remote workloads.
    • While organizations previously used VPNs to access resources through Active Directory, they now have complex webs of applications that do not reside on premises, such as AWS, G-Suite, and SaaS customer relationship management and HR management systems, among others. These resources live outside the Windows ecosystem, complicating user provisioning, management, and security.
    • The work environment has changed since the start of COVID-19, with businesses scrambling to enable work-from-home. This had a huge impact on on-premises identity management tools such as AD, exposing their limitations and challenges. IT admins are all too aware that AD does not meet the needs of work-from-home.
    • As more IT organizations move infrastructure to the cloud, they have the opportunity to move their directory services to the cloud as well.
      • JumpCloud, OneLogin, Okta, Azure AD, G2, and others can be a solution for this new way of working and free up administrators from the overloaded AD environment.
      • Identity and access management (IAM) can be moved to the cloud where the modern infrastructure lives.
      • Alternatives for printers using AD include Google Cloud Print, PrinterOn, and PrinterLogic.

    How AD can impact your migration to Microsoft 365

    The beginning of your hybrid environment

    • Businesses that have a large on-premises footprint have very few choices for setting up a hybrid environment that includes their on-premises AD and Azure AD synchronization.
    • Microsoft 365 uses Azure AD in the background to manage identities.
    • Azure AD Connect will need to be installed, along with IdFix to identify errors such as duplicates and formatting problems in your AD.
    • Password hash should be implemented to synchronize passwords from on-premises AD so users can sign in to Azure without the need for additional single sign-on infrastructure.
    • Azure AD Connect synchronizes accounts every 30 minutes and passwords within two minutes.

    Alternatives to AD

    When considering retiring Active Directory from your environment, look at alternatives that can assist with those legacy application servers, handle Kerberos and NTML, and support LDAP.

    • JumpCloud: Cloud-based directory services. JumpCloud provides LDAP-as-a-Service and RADIUS-as-a-Service. It authenticates, authorizes, and manages employees, their devices, and IT applications. However, domain name changes are not supported.
    • Apache Directory Studio Pro: Written in Java, it supports LDAP v3–certified directory services. It is certified by Eclipse-based database utilities. It also supports Kerberos, which is critical for legacy Microsoft AD apps authentication.
    • Univention Corporate Server (UCS): Open-source Linux-based solution that has a friendly user interface and gets continuous security and feature updates. It supports Kerberos V5 and LDAP, works with AD, and is easy to sync. It also supports DNS server, DHCP, multifactor authentication and single sign-on, and APIs and REST APIs. However, it has a limited English knowledgebase as it is a German tool.

    What to look for

    If you are embedded in Windows systems but looking for an alternative to AD, you need a similar solution but one that is capable of working in the cloud and on premises.

    Aside from protocols and supporting utilities, also consider additional features that can help you retire your Active Directory while maintaining highly secure access control and a strong security posture.

    These are just a few examples of the many alternatives available.

    Market drivers to modernize your infrastructure

    The business is now driving your Active Directory migration

    What IT must deal with in the modern world of work:

    • Leaner footprint for evolving tech trends
    • Disaster recovery readiness
    • Dynamic compliance requirements
    • Increased security needs
    • The need to future-proof
    • Mergers and acquisitions
    • Security extending the network beyond Windows

    Organizations are making decisions that impact Active Directory, from enabling work-from-anywhere to dealing with malicious threats such as ransomware. Mergers and acquisitions also bring complexity with multiple AD domains.
    The business is putting pressure on IT to become creative with security strategies, alternative authentication and authorization, and migration to SaaS and cloud services.

    Activity

    Build a checklist to migrate off Active Directory.

    Discovery

    Assessment

    Proof of Concept

    Migration

    Cloud Operations
    ☐ Catalog your applications.

    ☐ Define your users, groups and usage.

    ☐ Identify network interdependencies and complexity.

    ☐ Know your security and compliance regulations.

    ☐ Document your disaster recovery plan and recovery point and time objectives (RPO/RTO).

    ☐ Build a methodology for migrating apps to IaaS.

    ☐ Develop a migration team using internal resources and/or outsourcing.

    ☐ Use Microsoft resources for specific skill sets.

    ☐ Map on-premises third-party solutions to determine how easily they will migrate.

    ☐ Create a plan to retire and archive legacy data.

    ☐ Test your workload: Start small and prove value with a phased approach.

    ☐ Estimate cloud costs.

    ☐ Determine the amount and size of your compute and storage requirements.

    ☐ Understand security requirements and the need for network and security controls.

    ☐ Assess network performance.

    ☐ Qualify and test the tools and solutions needed for the migration.

    ☐ Create a blueprint of your desired cloud environment.

    ☐ Establish a rollback plan.

    ☐ Identify tools for automating migration and syncing data.

    ☐ Understand the implications of the production-day data move.

    ☐ Keep up with the pace of innovation.

    ☐ Leverage 24/7 support via skilled Azure resources.

    ☐ Stay on top of system maintenance and upgrades.

    ☐ Consider service-level agreement requirements, governance, security, compliance, performance, and uptime.

    Related Info-Tech Research

    Manage the Active Directory in the Service Desk

    • Build and maintain your Active Directory with good data.
    • Actively maintaining the Active Directory is a difficult task that only gets more difficult with issues like stale accounts and privilege creep.

    SoftwareReviews: Microsoft Azure Active Directory

    • The Azure Active Directory (Azure AD) enterprise identity service provides SSO and multifactor authentication to help protect your users from 99.9% of cybersecurity attacks

    Define Your Cloud Vision

    • Don’t think about the cloud as an inevitable next step for all workloads. The cloud is merely another tool in the toolbox, ready to be used when appropriate and put away when it’s not needed. Cloud-first isn’t always the way to go.

    Bibliography

    “2012 Data Breach Investigations Report.” Verizon, 2012. Web.
    “2022 Data Breach Investigations Report.” Verizon, 2012. Web.
    “22 Best Alternatives to Microsoft Active Directory.” The Geek Page, 16 Feb 2022. Accessed 12 Sept. 2022.
    Altieri, Matt. “Infrastructure Technical Debt.” Device 42, 20 May 2019. Accessed Sept 2022.
    “Are You Ready to Make the Move from ADFS to Azure AD?’” Steeves and Associates, 29 April 2021. Accessed 28 Sept. 2022.
    Blanton, Sean. “Can I Replace Active Directory with Azure AD? No, Here’s Why.” JumpCloud, 9 Mar 2021. Accessed Sept. 2022.
    Chai, Wesley, and Alexander S. Gillis. “What is Active Directory and how does it work?” TechTarget, June 2021. Accessed 10 Sept. 2022.
    Cogan, Sam. “Azure Active Directory is not Active Directory!” SamCogan.com, Oct 2020. Accessed Sept. 2022.
    “Compare Active Directory to Azure Active Directory.” Azure documentation, Microsoft Learn, 18 Aug. 2022. Accessed 12 Sept. 2022.
    "Compare self-managed Active Directory Domain Services, Azure Active Directory, and managed Azure Active Directory Domain Services." Azure documentation, Microsoft Learn, 23 Aug. 2022. Accessed Sept. 2022.
    “Dimensional Research, Active Directory Modernization: A Survey of IT Professionals.” Quest, 2017. Accessed Sept 2022.
    Grillenmeier, Guido. “Now’s the Time to Rethink Active Directory Security.“ Semperis, 4 Aug 2021. Accessed Oct. 2013.
    “How does your Active Directory align to today’s business?” Quest Software, 2017, accessed Sept 2022
    Lewis, Jack “On-Premises Active Directory: Can I remove it and go full cloud?” Softcat, Dec.2020. Accessed 15 Sept 2022.
    Loshin, Peter. “What is Kerberos?” TechTarget, Sept 2021. Accessed Sept 2022.
    Mann, Terry. “Why Cybersecurity Must Include Active Directory.” Lepide, 20 Sept. 2021. Accessed Sept. 2022.
    Roberts, Travis. “Azure AD without on-prem Windows Active Directory?” 4sysops, 25 Oct. 2021. Accessed Sept. 2022.
    “Understanding Active Directory® & its architecture.” ActiveReach, Jan 2022. Accessed Sept. 2022.
    “What is Active Directory Migration?” Quest Software Inc, 2022. Accessed Sept 2022.

    Stakeholder Relations

    • Buy Link or Shortcode: {j2store}25|cart{/j2store}
    • Related Products: {j2store}25|crosssells{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Strategy and Governance
    • Parent Category Link: /strategy-and-governance
    • byline: Make proper stakeholder management a habit.

    The challenge

    • Stakeholders come in a wide variety, often with competing and conflicting demands.
    • Some stakeholders are hard to identify. Those hidden agendas may derail your efforts.
    • Understanding your stakeholders' relative importance allows you to prioritize your IT agenda according to the business needs.

    Our advice

    Insight

    • Stakeholder management is an essential factor in how successful you will be.
    • Stakeholder management is a continuous process. The landscape constantly shifts.
    • You must also update your stakeholder management plan and approach on an ongoing basis.

    Impact and results 

    • Use your stakeholder management process to identify, prioritize, and manage key stakeholders effectively.
    • Continue to build on strengthening your relationships with stakeholders. It will help to gain easier buy-in and support for your future initiatives. 

    The roadmap

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    Make the case

    Identify stakeholders

    • Stakeholder Management Analysis Tool (xls)

    Analyze your stakeholders

    Assess the stakeholder's influence, interest, standing, and support to determine priority for future actions 

    Manage your stakeholders

    Develop your stakeholder management and communication plans

    • Stakeholder Management Plan Template (doc)
    • Communication Plan Template (doc)

    Monitor your stakeholder management plan performance

    Measure and monitor the success of your stakeholder management process.

     

     

    Manage Service Catalogs

    • Buy Link or Shortcode: {j2store}44|cart{/j2store}
    • Related Products: {j2store}44|crosssells{/j2store}
    • member rating overall impact: 9.0/10
    • member rating average dollars saved: $3,956
    • member rating average days saved: 24
    • Parent Category Name: Service Planning and Architecture
    • Parent Category Link: /service-planning-and-architecture
    • byline: Design and build a customer-facing service catalog.

    The challenge

    • Your business users may not be aware of the full scope of your services.
    • Typically service information is written in technical jargon. For business users, this means that the information will be tough to understand.
    • Without a service catalog, you have no agreement o what is available, so business will assume that everything is.

    Our advice

    Insight

    • Define your services from a user's or customer perspective.
      • When your service catalog contains too much information that does not apply to most users, they will not use it.
    • Separate the line-of-business services from enterprise services. It simplifies your documentation process and makes the service catalog more comfortable to use.

    Impact and results 

    • Our approach helps you organize your service catalog in a business-friendly way while keeping it manageable for IT.
    • And manageable also means that your service catalog remains a living document. You can update your service records easily.
    • Your service catalog forms a visible bridge between IT and the business. Improve IT's perception by communicating the benefits of the service catalog.

    The roadmap

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    Get started

    Our concise executive brief shows you why building a service catalog is a good idea for your company. We'll show you our methodology and the ways we can help you in handling this.

    Minimize the risks from attrition through an effective knowledge transfer process.

    Launch the initiative

    Our launch phase will walk you through the charter template, build help a balanced team, create your change message and communication plan to obtain buy-in from all your organization's stakeholders.

    • Design & Build a User-Facing Service Catalog – Phase 1: Launch the Project (ppt)
    • Service Catalog Project Charter (doc)

    Identify and define the enterprise services

    Group enterprise services which you offer to everyone in the company, logically together.

    • Design & Build a User-Facing Service Catalog – Phase 2: Identify and Define Enterprise Services (ppt)
    • Sample Enterprise Services (ppt)

    Identify and define your line-of-business (LOB) services

    These services apply only to one business line. Other business users should not see them in the catalog.

    • Design & Build a User-Facing Service Catalog – Phase 3: Identify and Define Line of Business Services (ppt)
    • Sample LOB Services – Industry Specific (ppt)
    • Sample LOB Services – Functional Group (ppt)

    Complete your services definition chart

    Complete this chart to allow the business to pick what services to include in the service catalog. It also allows you to extend the catalog with technical services by including IT-facing services. Of course, separated-out only for IT.

    • Design & Build a User-Facing Service Catalog – Phase 4: Complete Service Definitions (ppt)
    • Services Definition Chart (xls)

    Cookie Notice

    Gert Taeymans BV wants to inform you about our cookie notice on the Gert Taeymans BV websites via this document. Please also see the privacy policy which you can find here.

    This website is owned by Gert Taeymans BV

    Contact details:
    Gert Taeymans BV
    Koning Albertstraat 136
    2070 Burcht
    Belgium
    Company number: 0685974694
    Phone: +32 3 289 41 09
    email: gtbvba@gerttaeymans.com

    Site Scope

    The websites in scope of this notice are:

    • tymansgroup.com
    • gerttaeymans.consulting
    • gerttaeymans.site
    • gerttaeymans.audio

    Cookie Types

    We differentiate 4 types of cookies

    • Necessary cookies
      Necessary cookies help make our website usable by enabling basic functions like page navigation and access to secure areas of the website. While you can decline them, The website cannot function properly without these cookies.
    • Preferences cookies
      Preference cookies enable our website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in. They may include cookies from 3rd party providers whose content we show or reference on our site. Those cookies are outside of our control and these providers may change their terms and policies at any time.
    • Statistics cookies
      Statistic cookies help our company to understand how visitors interact with our website by collecting and reporting statistical information pseudonymously. That means that eg. your IP address is scrambled in such a way that it will always be the same upon each subsequent visit to our site, so that Google can process the visit as a return visit. This helps with basic statistics, but also is a factor in how well we rank in future searches. Many returning visitors means that you like our site and that is a ranking element.
      Due to the ECJ striking down the  EU-US Privacy Shield agreement, this leaves us with a open gap. The resulting implications and actions to take are not yet clear. However, when agreeing to statistics cookies, you agree that your data may be processed in the United States under less strict privacy laws and that your data will be exposed to all associated risks. Such risks include the US government being able to investigate you, simply for being a non-US citizen due to provision 702 of the FISA act, which they are able to do anyway, with or without the cookie. Also, the laws in the United States are less strict with regards to selling information to third parties.
    • Marketing cookies
      Marketing cookies are used to track you across websites. The intention is to display ads that are relevant and engaging for you and thereby more valuable for publishers and third party advertisers. At this point we do not allow ads to display on our site, so no third-party trackers are defined on our site. We may add a 1st party (us) tracker to our site at any time.

    Actual cookies used

    Necessary cookies (all sites in site scope)

    Name     Contents Expiration Reason for the cookie
    Session cookie (displayed as a long series of numbers and letters) The active session ID When you close your broser, clear your cookie's cache in your browser or after 60 minutes of inactivity on the site. The cookie may remain in your machine but is no longer valid after the mentioned tile of inactivity    

    The browser cookie is simply a random string of characters to identify the visitor. There are no personally identifable details in the cookie and no real data of use at all. The cookie is marked as a 'session' type of cookie, which means it will expire (be deleted automatically) when the browser is closed or cleaned by the browser after a set period of non-use; for instance, you haven't visited a page on the site that has used the cookie for 1 week. This latter case is useful for people that leave their computer running and never close their browser.

    The use of a cookie is what gives your website a short-term memory. By providing it with each request, Joomla can look up the history of the current viewing session in the database record below.
    cookieconsent_status allow 1 year This cookie stores that you have consented to the use of cookies on our site. It is there to avoid that you have to give your consent again at every page load.

    Preferences cookies

    Site Name     Contents Expiration Reason for the cookie
    gerttaeymans.consulting None at this stage N/A N/A   N/A
    tymansgroup.com None at this stage N/A N/A N/A
             
             

    Statistical cookies

    Site Name     Contents Expiration Reason for the cookie
    All Scope _ga Google Analytics type and account identifier 2 years This cookie identifies our domain (gerttaeymans.consulting) and sends visit information to Google. information may include, but not limited to: browser identifiable information, page visited, visit duration, etc. This information does not contain user identifiable information
    All Scope _gat_gtag_UA_140807308_3 Google Analytics type and account identifier 2 years This cookie also identifies our domain (gerttaeymans.consulting) and sends visit information to Google. information may include, but not limited to: browser identifiable information, page visited, visit duration, etc. This information does not contain user identifiable information
    All Scope _gid Google Analytics type and account identifier 1 day This cookie also identifies our domain (gerttaeymans.consulting) and sends visit information to Google. information may include, but not limited to: browser identifiable information, page visited, visit duration, etc. This information does not contain user identifiable information
             
             

    Marketing cookies

    Name     Contents Expiration Reason for the cookie
    None at this stage N/A N/A N/A
           
           

     

    Managing cookies

    You are not required to accept any cookies . Our cookies toolbar allows you to fine tune which cookies you accespt or want to revoke consent for. The resulting experience may however be affected by your decision not to accept cookies.

    Eg. not accepting or revoking consent for the “Necessary” category cookies will result in your inability to log into the site, even if you have previously accepted the cookies and paid for service.

    Not accepting or revoking consent for “Preference” category cookies may impede on your ability to watch instructional videos on our site, even if you have previously accepted the cookies and paid for service.

    Not accepting or revoking consent for ‘Statistical” category cookies will result in us not seeing where visitors stay longer or shorter on our site. While the immediate experience will not degrade for you, it may impede us in better understanding where we need to improve our service, thereby denying you a potentially improved experience in the future.

    Not accepting or revoking consent for “Marketing” category cookies may result in you seeing irrelevant ads, if we make the decision to allow carefully selected partners to offer their services through our site.

    Removing cookies from your device

    You can delete all cookies that are already on your device by clearing the browsing history of your browser. This will remove all cookies from all websites you have visited.

    Be aware though that you may also lose some saved information (e.g. saved login details, site preferences).

    Managing site-specific cookies

    For more detailed control over site-specific cookies, check the privacy and cookie settings in your preferred browser

    Blocking cookies

    You can set most modern browsers to prevent any cookies being placed on your device, but you may then have to manually adjust some preferences every time you visit a site/page. And some services and functionalities may not work properly at all (e.g. profile logging-in).

    Embed Security Into the DevOps Pipeline

    • Buy Link or Shortcode: {j2store}265|cart{/j2store}
    • member rating overall impact: 9.3/10 Overall Impact
    • member rating average dollars saved: $31,515 Average $ Saved
    • member rating average days saved: 26 Average Days Saved
    • Parent Category Name: Secure Cloud & Network Architecture
    • Parent Category Link: /secure-cloud-network-architecture
    • Your organization is starting its DevOps journey and is looking to you for guidance on how to ensure that the outcomes are secure.
    • Or, your organization may have already embraced DevOps but left the security team behind. Now you need to play catch-up.

    Our Advice

    Critical Insight

    • Shift security left. Identify opportunities to embed security earlier in the development pipeline.
    • Start with minimum viable security. Use agile methodologies to further your goals of secure DevOps.
    • Treat “No” as a finite resource. The role of security must transition from that of naysayer to a partner in finding the way to “Yes.”

    Impact and Result

    • Leverage the CLAIM (Culture, Learning, Automation, Integration, Measurement) Framework to identify opportunities to close the gaps.
    • Collaborate to find new ways to shift security left so that it becomes part of development rather than an afterthought.
    • Start with creating minimum viable security by developing a DevSecOps implementation strategy that focuses initially on quick wins.

    Embed Security Into the DevOps Pipeline Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should secure the DevOps pipeline, review Info-Tech’s methodology, and understand the ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Identify opportunities

    Brainstorm opportunities to secure the DevOps pipeline using the CLAIM Framework.

    • Embed Security Into the DevOps Pipeline – Phase 1: Identify Opportunities

    2. Develop strategy

    Assess opportunities and formulate a strategy based on a cost/benefit analysis.

    • Embed Security Into the DevOps Pipeline – Phase 2: Develop Strategy
    • DevSecOps Implementation Strategy Template
    [infographic]

    Manage Third-Party Service Security Outsourcing

    • Buy Link or Shortcode: {j2store}539|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Security Processes & Operations
    • Parent Category Link: /security-processes-and-operations
    • A lack of high-skill labor increases the cost of internal security, making outsourcing more appealing.
    • It is unclear what processes could or should be outsourced versus what functions should remain in-house.
    • It is not feasible to have 24/7/365 monitoring in-house for most firms.

    Our Advice

    Critical Insight

    • You are outsourcing support, not accountability, unless you preface that with your customer.
    • For most of you, you won’t have a choice – you’ll have to outsource high-end security skills to meet future needs.
    • Third-party service providers may be able to more effectively remediate threats because of their large, disparate customer base and wider scope.

    Impact and Result

    • Documented obligations and processes. This will allow you to determine which solution (outsourcing vs. insourcing) allows for the best use of resources, and maintains your brand reputation.
    • A list of variables and features to rank potential third-party providers vs. internal delivery to find which solution provides the best fit for your organization.
    • Current limitations of your environment and the limitations of third parties identified for the environments you are looking to mature.
    • Security responsibilities determined that can be outsourced, and which should be outsourced in order to gain resource allocation and effectiveness, and to improve your overall security posture.
    • The limitations or restrictions for third-party usage understood.

    Manage Third-Party Service Security Outsourcing Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to understand how to avoid common mistakes when it comes to outsourcing security, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. What to outsource

    Identify different responsibilities/functions in your organization and determine which ones can be outsourced. Complete a cost analysis.

    • Manage Third-Party Service Security Outsourcing – Phase 1: What to Outsource
    • Insourcing vs. Outsourcing Costing Tool

    2. How to outsource

    Identify a list of features for your third-party provider and analyze.

    • Manage Third-Party Service Security Outsourcing – Phase 2: How to Outsource
    • MSSP Selection Tool
    • Checklist for Third-Party Providers

    3. Manage your third-party provider

    Understand how to align third-party providers to your organization.

    • Manage Third-Party Service Security Outsourcing – Phase 3: Manage Your Third-Party Provider
    • Security Operations Policy for Third-Party Outsourcing
    • Third-Party Security Policy Charter Template
    [infographic]

    External audit company

    External IT audit of your company

    Based on experience
    Implementable advice
    human-based and people-oriented

    Do you seek an external expert to help you prepare for a thorough IT audit of your company? Tymans Group serves as a consulting company with extensive expertise in helping small and medium enterprises. Read on and learn more about how our consulting firm can help your company with an external IT audit.

    Why should you organize an external IT audit of your company?

    Regularly preparing for an IT audit of your company with the help of of an experienced consultancy company like Tymans Group is a great way to discover any weaknesses within your IT and data security management systems, as well as your applications and data architecture, before the real audits by your regulator happen After all, you can only tackle any possible issues when you know their exact nature and origin. Additionally, the sooner you are aware of any security threats in your company thanks to an external audit, the smaller the chances outside forces will be able to take advantage of these threats to harm your business.

    Security and risk management

    Our security and risk services

    Security strategy

    Security Strategy

    Embed security thinking through aligning your security strategy to business goals and values

    Read more

    Disaster Recovery Planning

    Disaster Recovery Planning

    Create a disaster recovey plan that is right for your company

    Read more

    Risk Management

    Risk Management

    Build your right-sized IT Risk Management Program

    Read more

    Check out all our services

    Receive practical solutions when using our guides to prepare you for an external audit.

    If you hire our consultancy firm to prepare for an external IT audit in your firm, our guides will allow you to thoroughly analyze your systems and protocols to discover flaws and threats. Based on this analysis, your firm will receive concrete advice and practical solutions on dealing with the findings of in advance of an external audit. Besides identifying threats, the findings of will also offer your business insights in possible optimizations and processes which could benefit from automation. As such, you benefit from our consultancy company’s extensive experience in corporate security management and IT.

    Book an appointment with our consultancy company to get ahead of an external audit.

    If you hire our consulting company to help you prepare for an IT audit of your firm, you will receive guides that enable you to make a critical analysis of your IT security, as well as practical solutions based on our holistic approach. We are happy to tell you more about our services for small and medium business and to offer insights into any issues you may be facing. Our help is available offline and online, through one-hour talks with our expert Gert Taeymans. Contact us to set up an appointment online or on-site now.

    Register to read more …

    Streamline Application Management

    • Buy Link or Shortcode: {j2store}403|cart{/j2store}
    • member rating overall impact: 9.5/10 Overall Impact
    • member rating average dollars saved: $64,272 Average $ Saved
    • member rating average days saved: 40 Average Days Saved
    • Parent Category Name: Maintenance
    • Parent Category Link: /maintenance
    • Today’s rapidly scaling and increasingly complex products create mounting pressure on delivery teams to release new features and changes quickly and with sufficient quality.
    • Many organizations lack the critical management capabilities to balance maintenance with new development and ensure high product value.
    • Application management is often viewed as a support function rather than an enabler of business growth. Focus and investments are only placed on management when it becomes a problem.
    • The lack of governance and practice accountability leaves application management in a chaotic state: politics take over, resources are not strategically allocated, and customers are frustrated.

    Our Advice

    Critical Insight

    • New features, fixes, and enhancements are all treated the same and managed in a single backlog. Teams need to focus on prioritizing their efforts on what is valuable to the organization, not to a single department.
    • Business integration is not optional. The business (i.e. product owners) must be represented in guiding delivery efforts and performing ongoing validation and verification of new features and changes.

    Impact and Result

    • Justify the necessity to optimize application management. Gain a grounded understanding of stakeholder objectives and validate their achievability against the current maturity of application management.
    • Strengthen backlog management practices. Obtain a holistic picture of the business and technical impacts, risks, value, complexity, and urgency of each backlog item in order to justify its priority and relevance. Apply the appropriate management approach to each software product according to its criticality and value to the business.
    • Establish and govern a repeatable process. Develop a management process with well-defined steps, quality controls, and roles and responsibilities, and instill good practices to improve the success of delivery.

    Streamline Application Management Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should sustain your application management practice, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define your priorities

    State the success criteria of your application management practice through defined objectives and metrics. Assess your maturity.

    • Streamline Application Management – Phase 1: Define Your Priorities
    • Application Management Strategy Template
    • Application Management Maturity Assessment Tool

    2. Govern application management

    Structure your application management governance model with the right process and roles. Inject product ownership into your practice.

    • Streamline Application Management – Phase 2: Govern Application Management

    3. Build your optimization roadmap

    Build your application management optimization roadmap to achieve your target state.

    • Streamline Application Management – Phase 3: Build Your Optimization Roadmap
    [infographic]

    Workshop: Streamline Application Management

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Define Your Priorities

    The Purpose

    State the success criteria of your application management practice through defined objectives and metrics.

    Assess your maturity.

    Key Benefits Achieved

    Grounded stakeholder expectations

    Application management maturity and identification of optimization opportunities

    Activities

    1.1 Set your objectives.

    1.2 Assess your maturity.

    Outputs

    Application management objectives and metrics

    Application management maturity and optimization opportunities

    2 Govern Application Management

    The Purpose

    Structure your application management governance model with the right process and roles.

    Inject product ownership into your practice.

    Key Benefits Achieved

    Management approach aligned to product value and criticality

    Management techniques to govern the product backlog

    Target-state application management process and roles

    Activities

    2.1 Select your management approach.

    2.2 Manage your single product backlog.

    2.3 Optimize your management process.

    2.4 Define your management roles.

    Outputs

    Application management approach for each application

    Product backlog management practices

    Application management process

    Application management roles and responsibilities and communication flow

    3 Build Your Optimization Roadmap

    The Purpose

    Build your application management optimization roadmap to achieve your target state.

    Key Benefits Achieved

    Optimization opportunities

    Application management optimization roadmap

    Activities

    3.1 Build your optimization roadmap.

    Outputs

    Application management optimization roadmap

    Cybersecurity Priorities in Times of Pandemic

    • Buy Link or Shortcode: {j2store}381|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Security Processes & Operations
    • Parent Category Link: /security-processes-and-operations
    • Novel coronavirus 2019 (COVID-19) has thrown organizations around the globe into chaos as they attempt to continue operations while keeping employees safe.
    • IT needs to support business continuity – juggling available capacity and ensuring that services are available to end users – without clarity of duration, amid conditions that change daily, on a scale never seen before.
    • Security has never been more important than now. But…where to start? What are the top priorities? How do we support remote work while remaining secure?

    Our Advice

    Critical Insight

    • There is intense pressure to enable employees to work remotely, as soon as possible. IT is scrambling to enable access, source equipment to stage, and deploy products to employees, many of whom are unfamiliar with working from home.
    • There is either too much security to allow people to be productive or too little security to ensure that the organization remains protected and secure.
    • These events are unprecedented, and no plan currently exists to sufficiently maintain a viable security posture during this interim new normal.

    Impact and Result

    • Don’t start from scratch. Leverage your current security framework, processes, and mechanisms but tailor them to accommodate the new way of remote working.
    • Address priority security items related to remote work capability and its implications in a logical sequence. Some security components may not be as time sensitive as others.
    • Remain diligent! Circumstances may have changed, but the importance of security has not. In fact, IT security is likely more important now than ever before.

    Cybersecurity Priorities in Times of Pandemic Research & Tools

    Start here – read our Cybersecurity Priorities research.

    Our recommendations and the accompanying checklist tool will help you quickly get a handle on supporting a remote workforce while maintaining security in your organization.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Cybersecurity Priorities in Times of Pandemic Storyboard
    • Cybersecurity Priorities Checklist Tool
    [infographic]

    Tactics to Retain IT Talent

    • Buy Link or Shortcode: {j2store}549|cart{/j2store}
    • member rating overall impact: N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Engage
    • Parent Category Link: /engage
    • Regrettable turnover is impacting organizational productivity and leading to significant costs associated with employee departures and the recruitment required to replace them.
    • Many organizations focus on increasing engagement to improve retention, but this approach doesn’t address the entire problem.

    Our Advice

    Critical Insight

    • Engagement surveys mask the volatility of the employee experience and hide the reason why individual employees leave. You must also talk to employees to understand the moments that matter and engage managers to understand turnover triggers.

    Impact and Result

    • Build the case for creating retention plans by leveraging employee data and feedback to identify the key reasons for turnover that need to be addressed.
    • Target employee segments and work with management to develop solutions to retain top talent.

    Tactics to Retain IT Talent Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Tactics to Retain IT Talent Storyboard – Use this storyboard to develop a targeted talent retention plan to retain top and core talent in the organization.

    Integrate data from exit surveys and interviews, engagement surveys, and stay interviews to understand the most commonly cited reasons for employee departure in order to select and prioritize tactics that improve retention. This blueprint will help you identify reasons for regrettable turnover, select solutions, and create an action plan.

    • Tactics to Retain IT Talent Storyboard

    2. Retention Plan Workbook – Capture key information in one place as you work through the process to assess and prioritize solutions.

    Use this tool to document and analyze turnover data to find suitable retention solutions.

    • Retention Plan Workbook

    3. Stay Interview Guide – Managers will use this guide to conduct regular stay interviews with employees to anticipate and address turnover triggers.

    The Stay Interview Guide helps managers conduct interviews with current employees, enabling the manager to understand the employee's current engagement level, satisfaction with current role and responsibilities, suggestions for potential improvements, and intent to stay with the organization.

    • Stay Interview Guide

    4. IT Retention Solutions Catalog – Use this catalog to select and prioritize retention solutions across the employee lifecycle.

    Review best-practice solutions to identify those that are most suitable to your organizational culture and employee needs. Use the IT Retention Solutions Catalog to explore a variety of methods to improve retention, understand their use cases, and determine stakeholder responsibilities.

    • IT Retention Solutions Catalog
    [infographic]

    Workshop: Tactics to Retain IT Talent

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Identify Reasons for Regrettable Turnover

    The Purpose

    Identify the main drivers of turnover at the organization.

    Key Benefits Achieved

    Find out what to explore during focus groups.

    Activities

    1.1 Review data to determine why employees join, stay, and leave.

    1.2 Identify common themes.

    1.3 Prepare for focus groups.

    Outputs

    List of common themes/pain points recorded in the Retention Plan Workbook.

    2 Conduct Focus Groups

    The Purpose

    Conduct focus groups to explore retention drivers.

    Key Benefits Achieved

    Explore identified themes.

    Activities

    2.1 Conduct four 1-hour focus groups with the employee segment(s) identified in the pre-workshop activities.

    2.2 Info-Tech facilitators independently analyze results of focus groups and group results by theme.

    Outputs

    Focus group feedback.

    Focus group feedback analyzed and organized by themes.

    3 Identify Needs and Retention Initiatives

    The Purpose

    Home in on employee needs that are a priority.

    Key Benefits Achieved

    A list of initiatives to address the identified needs

    Activities

    3.1 Create an empathy map to identify needs.

    3.2 Shortlist retention initiatives.

    Outputs

    Employee needs and shortlist of initiatives to address them.

    4 Prepare to Communicate and Launch

    The Purpose

    Prepare to launch your retention initiatives.

    Key Benefits Achieved

    A clear action plan for implementing your retention initiatives.

    Activities

    4.1 Select retention initiatives.

    4.2 Determine goals and metrics.

    4.3 Plan stakeholder communication.

    4.4 Build a high-level action plan.

    Outputs

    Finalized list of retention initiatives.

    Goals and associated metrics recorded in the Retention Plan Workbook.

    Further reading

    Tactics to Retain IT Talent

    Keep talent from walking out the door by discovering and addressing moments that matter and turnover triggers.

    Executive Summary

    Your Challenge

    Many organizations are facing an increase in voluntary turnover as low unemployment, a lack of skilled labor, and a rise in the number of vacant roles have given employees more employment choices.

    Common Obstacles

    Regrettable turnover is impacting organizational productivity and leading to significant costs associated with employee departures and the recruitment required to replace them.

    Many organizations tackle retention from an engagement perspective: Increase engagement to improve retention. This approach doesn't consider the whole problem.

    Info-Tech's Approach

    Build the case for creating retention plans by leveraging employee data and feedback to identify the key reasons for turnover that need to be addressed.

    Target employee segments and work with management to develop solutions to retain top talent.

    Info-Tech Insight

    Engagement surveys mask the volatility of the employee experience and hide the reason why individual employees leave. You must also talk to employees to understand the moments that matter and engage managers to understand turnover triggers.

    This research addresses regrettable turnover

    This is an image of a flow chart with three levels. The top level has only one box, labeled Turnover. the Second level has 2 boxes, labeled Voluntary, and Involuntary. The third level has two boxes under Voluntary, labeled Non-regrettable: The loss of employees that the organization did not wish to keep, e.g. low performers, and Regrettable: The loss of employees that the organization wishes it could have kept.

    Low unemployment and rising voluntary turnover makes it critical to focus on retention

    As the economy continues to recover from the pandemic, unemployment continues to trend downward even with a looming recession. This leaves more job openings vacant, making it easier for employees to job hop.

    This image contains a graph of the US Employment rate between 2020 - 2022 from the US Bureau of Economic Analysis and Bureau of Labor Statistics (BLS), 2022, the percentage of individuals who change jobs every one to five years from 2022 Job Seeker Nation Study, Jobvite, 2022, and voluntary turnover rates from BLS, 2022

    With more employees voluntarily choosing to leave jobs, it is more important than ever for organizations to identify key employees they want to retain and put plans in place to keep them.

    Retention is a challenge for many organizations

    The number of HR professionals citing retention/turnover as a top workforce management challenge is increasing, and it is now the second highest recruiting priority ("2020 Recruiter Nation Survey," Jobvite, 2020).

    65% of employees believe they can find a better position elsewhere (Legaljobs, 2021). This is a challenge for organizations in that they need to find ways to ensure employees want to stay at the organization or they will lose them, which results in high turnover costs.

    Executives and IT are making retention and turnover – two sides of the same coin – a priority because they cost organizations money.

    • 87% of HR professionals cited retention/turnover as a critical and high priority for the next few years (TINYpulse, 2020).
    • $630B The cost of voluntary turnover in the US (Work Institute, 2020).
    • 66% of organizations consider employee retention to be important or very important to an organization (PayScale, 2019).

    Improving retention leads to broad-reaching organizational benefits

    Cost savings: the price of turnover as a percentage of salary

    • 33% Improving retention can result in significant cost savings. A recent study found turnover costs, on average, to be around a third of an employee's annual salary (SHRM, 2019).
    • 37.9% of employees leave their organization within the first year. Employees who leave within the first 90 days of being hired offer very little or no return on the investment made to hire them (Work Institute, 2020).

    Improved performance

    Employees with longer tenure have an increased understanding of an organization's policies and processes, which leads to increased productivity (Indeed, 2021).

    Prevents a ripple effect

    Turnover often ripples across a team or department, with employees following each other out of the organization (Mereo). Retaining even one individual can often have an impact across the organization.

    Transfer of knowledge

    Retaining key individuals allows them to pass it on to other employees through communities of practice, mentoring, or other knowledge-sharing activities.

    Info-Tech Insight

    Improving retention goes beyond cost savings: Employees who agree with the statement "I expect to be at this organization a year from now" are 71% more likely to put in extra hours and 32% more likely to accomplish more than what is expected of their role (McLean & Company Engagement Survey, 2021; N=77,170 and 97,326 respectively).

    However, the traditional engagement-focused approach to retention is not enough

    Employee engagement is a strong driver of retention, with only 25% of disengaged employees expecting to be at their organization a year from now compared to 92% of engaged employees (McLean & Company Engagement Survey, 2018-2021; N=117,307).

    Average employee Net Promoter Score (eNPS)

    This image contains a graph of the Average employee Net Promoter Score (eNPS)

    Individual employee Net Promoter Scores (eNPS)

    This image contains a graph of the Individual employee Net Promoter Scores (eNPS)

    However, engagement surveys mask the volatility of the employee experience and hide the reason why individual employees leave.

    This analysis of McLean & Company's engagement survey results shows that while an organization's average employee net promoter score (eNPS) stays relatively static, at an individual level there is a huge amount of volatility.

    This demonstrates the need for an approach that is more capable of responding to or identifying employees' in-the-moment needs, which an annual engagement survey doesn't support.

    Turnover triggers and moments that matter also have an impact on retention

    Retention needs to be monitored throughout the employee lifecycle. To address the variety of issues that can appear, consider three main paths to turnover:

    1. Employee engagement – areas of low engagement.
    2. Turnover triggers that can quickly lead to departures.
    3. Moments that matter in the employee experience (EX).

    Employee engagement

    Engagement drivers are strong predictors of turnover.

    Employees who are highly engaged are 3.6x more likely to believe they will be with the organization 12 months from now than disengaged employees (McLean & Company Engagement Survey, 2018-2021; N=117,307).

    Turnover triggers

    Turnover triggers are events that act as shocks or catalysts that quickly lead to an employee's departure.

    Turnover triggers are a cause for voluntary turnover more often than accumulated issues (Lee et al.).

    Moments that matter

    Employee experience is the employee's perception of the accumulation of moments that matter within their employee lifecycle.

    Retention rates increase from 21% to 44% when employees have positive experiences in the following categories: belonging, purpose, achievement, happiness, and vigor at work. (Workhuman, 2020).

    While managers do not directly impact turnover, they do influence the three main paths to turnover

    Research shows managers do not appear as one of the common reasons for employee turnover.

    Top five most common reasons employees leave an organization (McLean & Company, Exit Survey, 2018-2021; N=107 to 141 companies,14,870 to 19,431 responses).

    Turnover factorsRank
    Opportunities for career advancement1
    Satisfaction with my role and responsibilities2
    Base pay3
    Opportunities for career-related skill development4
    The degree to which my skills were used in my job5

    However, managers can still have a huge impact on the turnover of their team through each of the three main paths to turnover:

    Employee engagement

    Employees who believe their managers care about them as a person are 3.3x more likely to be engaged than those who do not (McLean & Company, 2021; N=105,186).

    Turnover triggers

    Managers who are involved with and aware of their staff can serve as an early warning system for triggers that lead to turnover too quickly to detect with data.

    Moments that matter

    Managers have a direct connection with each individual and can tailor the employee experience to meet the needs of the individuals who report to them.

    Gallup has found that 52% of exiting employees say their manager could have done something to prevent them from leaving (Gallup, 2019). Do not discount the power of managers in anticipating and preventing regrettable turnover.

    Addressing engagement, turnover triggers, and moments that matter is the key to retention

    This is an image of a flow chart with four levels. The top level has only one box, labeled Turnover. the Second level has 2 boxes, labeled Voluntary, and Involuntary. The third level has two boxes under Voluntary, labeled Non-regrettable, and Regrettable. The fourth level has three boxes under Regrettable, labeled Employee Engagement, Turnover triggers, and Moments that matter

    Info-Tech Insight

    HR traditionally seeks to examine engagement levels when faced with retention challenges, but engagement is only a part of the full picture. You must also talk to employees to understand the moments that matter and engage managers to understand turnover triggers.

    Follow Info-Tech's two-step process to create a retention plan

    1. Identify Reasons for Regrettable Turnover

    2. Select Solutions and Create an Action Plan

    Step 1

    Identify Reasons for Regrettable Turnover

    After completing this step you will have:

    • Analyzed and documented why employees join, stay, and leave your organization.
    • Identified common themes and employee needs.
    • Conducted employee focus groups and prioritized employee needs.

    Step 1 focuses on analyzing existing data and validating it through focus groups

    Employee engagement

    Employee engagement and moments that matter are easily tracked by data. Validating employee feedback data by speaking and empathizing with employees helps to uncover moments that matter. This step focuses on analyzing existing data and validating it through focus groups.

    Engagement drivers such as compensation or working environment are strong predictors of turnover.
    Moments that matter
    Employee experience (EX) is the employee's perception of the accumulation of moments that matter with the organization.
    Turnover triggers
    Turnover triggers are events that act as shocks or catalysts that quickly lead to an employee's departure.

    Turnover triggers

    This step will not touch on turnover triggers. Instead, they will be discussed in step 2 in the context of the role of the manager in improving retention.

    Turnover triggers are events that act as shocks or catalysts that quickly lead to an employee's departure.

    Info-Tech Insight

    IT managers often have insights into where and why retention is an issue through their day-to-day work. Gathering detailed quantitative and qualitative data provides credibility to these insights and is key to building a business case for action. Keep an open mind and allow the data to inform your gut feeling, not the other way around.

    Gather data to better understand why employees join, stay, and leave

    Start to gather and examine additional data to accurately identify the reason(s) for high turnover. Begin to uncover the story behind why these employees join, stay, and leave your organization through themes and trends that emerge.

    Look for these icons throughout step 2.

    Join

    Why do candidates join your organization?

    Stay

    Why do employees stay with your organization?

    Leave

    Why do employees leave your organization?

    For more information on analysis, visualization, and storytelling with data, see Info-Tech's Start Making Data-Driven People Decisions blueprint.

    Employee feedback data to look at includes:

    Gather insights through:

    • Focus groups
    • Verbatim comments
    • Exit interviews
    • Using the employee value proposition (EVP) as a filter (does it resonate with the lived experience of employees?)

    Prepare to draw themes and trends from employee data throughout step 1.

    Uncover employee needs and reasons for turnover by analyzing employee feedback data.

    • Look for trends (e.g. new hires join for career opportunities and leave for the same reason, or most departments have strong work-life balance scores in engagement data).
    • Review if there are recurring issues being raised that may impact turnover.
    • Group feedback to highlight themes (e.g. lack of understanding of EVP).
    • Identify which key employee needs merit further investigation or information.

    This is an image showing how you can draw out themes and trends using employee data throughout step 1.

    Classify where key employee needs fall within the employee lifecycle diagram in tab 2 of the Retention Plan Workbook. This will be used in step 2 to pinpoint and prioritize solutions.

    Info-Tech Insight

    The employee lifecycle is a valuable way to analyze and organize engagement pain points, moments that matter, and turnover triggers. It ensures that you consider the entirety of an employee's tenure and the different factors that lead to turnover.

    Examine new hire data and begin to document emerging themes

    Join

    While conducting a high-level analysis of new hire data, look for these three key themes impacting retention:

    Issues or pain points that occurred during the hiring process.

    Reasons why employees joined your organization.

    The experience of their first 90 days. This can include their satisfaction with the onboarding process and their overall experience with the organization.

    Themes will help to identify areas of strength and weakness organization-wide and within key segments. Document in tab 3 of the Retention Plan Workbook.

    1. Start by isolating the top reasons employees joined your organization. Ask:
      • Do the reasons align with the benefits you associate with working at your organization?
      • How might this impact your EVP?
      • If you use a new hire survey, look at the results for the following questions:
      • For which of the following reasons did you apply to this organization?
      • For what reasons did you accept the job offer with this organization?
    2. then, examine other potential problem areas that may not be covered by your new hire survey, such as onboarding or the candidate experience during the hiring process.
      • If you conduct a new hire survey, look at the results in the following sections:
        • Candidate Experience
        • Acclimatization
        • Training and Development
        • Defining Performance Expectations

      Analyze engagement data to identify areas of strength that drive retention

      Employees who are engaged are 3.6x more likely to believe they will be with the organization 12 months from now (McLean & Company Engagement Survey, 2018-2021; N=117,307). Given the strength of this relationship, it is essential to identify areas of strength to maintain and leverage.

      1. Look at the highest-performing drivers in your organization's employee engagement survey and drivers that fall into the "leverage" and "maintain" quadrants of the priority matrix.
        • These drivers provide insight into what prompts broader groups of employees to stay.

      This is an image of a quadrant analysis, with the following quadrants in order from left to right, top to bottom. Improve; Leverage; Evaluate; Maintain.

      1. Look into what efforts have been made to maintain programs, policies, and practices related to these drivers and ensure they are consistent across the entire organization.
      2. Document trends and themes related to engagement strengths in tab 2 of the Retention Plan Workbook.

      If you use Info-Tech's Engagement Survey, look in detail at what are classified as "Retention Drivers": total compensation, working environment, and work-life balance.

      Identify areas of weakness that drive turnover in your engagement data

      1. Look at the lowest-performing drivers in your organization's employee engagement survey and drivers that fall into the "improve" and "evaluate" quadrants of the priority matrix.
        • These drivers provide insight into what pushes employees to leave the organization.
      2. Delve into organizational efforts that have been made to address issues with the programs, policies, and practices related to these drivers. Are there any projects underway to improve them? What are the barriers preventing improvements?
      3. Document trends and themes related to engagement weaknesses in tab 2 of the Retention Plan Workbook.

      If you use a product other than Info-Tech's Engagement Survey, your results will look different. The key is to look at areas of weakness that emerge from the data.

      This is an image of a quadrant analysis, with the following quadrants in order from left to right, top to bottom. Improve; Leverage; Evaluate; Maintain.

      If you use Info-Tech's Engagement Survey, look in detail at what are classified as "Retention Drivers": total compensation, working environment, and work-life balance.

      Mine exit surveys to develop an integrated, holistic understanding of why employees leave

      Conduct a high-level analysis of the data from your employee exit diagnostic. While analyzing this data, consider the following:

      • What are the trends and quantitative data about why employees leave your organization that may illuminate employee needs or issues at specific points throughout the employee lifecycle?
      • What are insights around your key segments? Data on key segments is easily sliced from exit survey results and can be used as a starting point for digging deeper into retention issues for specific groups.
      • Exit surveys are an excellent starting point. However, it is valuable to validate the data gathered from an exit survey using exit interviews.
      1. Isolate results for key segments of employees to target with retention initiatives (e.g. by age group or by department).
      2. Identify data trends or patterns over time; for example, that compensation factors have been increasing in importance.
      3. Document trends and themes taken from the exit survey results in tab 2 of the Retention Plan Workbook.

      If your organization conducts exit interviews, analyze the results alongside or in lieu of exit survey data.

      Compare new hire data with exit data to identify patterns and insights

      Determine if new hire expectations weren't met, prompting employees to leave your organization, to help identify where in the employee lifecycle issues driving turnover may be occurring.

      1. Look at your new hire data for the top reasons employees joined your organization.
        • McLean & Company's New Hire Survey database shows that the top three reasons candidates accept job offers on average are:
          1. Career opportunities
          2. Nature of the job
          3. Development opportunities
      2. Next, look at your exit data and the top reasons employees left your organization.
        1. McLean & Company's Exit Survey database shows that the top three reasons employees leave on average are:
          1. Opportunities for career advancement
          2. Base pay
          3. Satisfaction with my role and responsibilities
      3. Examine the results and ask:
        • Is there a link between why employees join and leave the organization?
        • Did they cite the same reasons for joining and for leaving?
        • What do the results say about what your employees do and do not value about working at your organization?
      4. Document the resulting insights in tab 2 of the Retention Plan Workbook.

      Example:

      A result where employees are leaving for the same reason they're joining the organization could signal a disconnect between your organization's employee value proposition and the lived experience.

      Revisit your employee value proposition to uncover misalignment

      Your employee value proposition (EVP), formal or informal, communicates the value your organization can offer to prospective employees.

      If your EVP is mismatched with the lived experience of your employees, new hires will be in for a surprise when they start their new job and find out it isn't what they were expecting.

      Forty-six percent of respondents who left a job within 90 days of starting cited a mismatch of expectations about their role ("Job Seeker Nation Study 2020," Jobvite, 2020).

      1. Use the EVP as a filter through which you look at all your employee feedback data. It will help identify misalignment between the promised and the lived experience.
      2. If you have EVP documentation, start there. If not, go to your careers page and put yourself in the shoes of a candidate. Ask what the four elements of an EVP look like for candidates:
        • Compensation and benefits
        • Day-to-day job elements
        • Working conditions
        • Organizational elements
      3. Next, compare this to your own day-to-day experiences. Does it differ drastically? Are there any contradictions with the lived experience at your organization? Are there misleading statements or promises?
      4. Document any insights or patterns you uncover in tab 2 of the Retention Plan Workbook.

      Conduct focus groups to examine themes

      Through focus groups, explore the themes you have uncovered with employees to discover employee needs that are not being met. Addressing these employee needs will be a key aspect of your retention plan.

      Identify employee groups who will participate in focus groups:

      • Incorporate diverse perspectives (e.g. employees, managers, supervisors).
      • Include employees from departments and demographics with strong and weak engagement for a full picture of how engagement impacts your employees.
      • Invite boomerang employees to learn why an individual might return to your organization after leaving.

      image contains two screenshots Mclean & Company's Standard Focus Group Guide.

      Customize Info-Tech's Standard Focus Group Guide based on the themes you have identified in tab 3 of the Retention Plan Workbook.

      The goal of the focus group is to learn from employees and use this information to design or modify a process, system, or other solution that impacts retention.

      Focus questions on the employees' personal experience from their perspective.

      Key things to remember:

      • It is vital for facilitators to be objective.
      • Keep an open mind; no feelings are wrong.
      • Beware of your own biases.
      • Be open and share the reason for conducting the focus groups.

      Info-Tech Insight

      Maintaining an open dialogue with employees will help flesh out the context behind the data you've gathered and allow you to keep in mind that retention is about people first and foremost.

      Empathize with employees to identify moments that matter

      Look for discrepancies between what employees are saying and doing.

      1. Say

      "What words or quotes did the employee use?"

      3.Think

      "What might the employee be thinking?"

      Record feelings and thoughts discussed, body language observed, tone of voice, and words used.

      Look for areas of negative emotion to determine the moments that matter that drive retention.

      2. Do

      "What actions or behavior did the employee demonstrate?"

      4. Feel

      "What might the employee be feeling?"

      Record them in tab 3 of the Retention Plan Workbook.

      5. Identify Needs

      "Needs are verbs (activities or desires), not nouns (solutions)"

      Synthesize focus group findings using Info-Tech's Empathy Map Template.

      6. Identify Insights

      "Ask yourself, why?"

      (Based on Stanford d.school Empathy Map Method)

      Distill employee needs into priority issues to address first

      Take employee needs revealed by your data and focus groups and prioritize three to five needs.

      Select a limited number of employee needs to develop solutions to ensure that the scope of the project is feasible and that the resources dedicated to this project are not stretched too thin. The remaining needs should not be ignored – act on them later.

      Share the needs you identify with stakeholders so they can support prioritization and so you can confirm their buy-in and approval where necessary.

      Ask yourself the following questions to determine your priority employee needs:

      • Which needs will have the greatest impact on turnover?
      • Which needs have the potential to be an easy fix or quick win?
      • Which themes or trends came up repeatedly in different data sources?
      • Which needs evoked particularly strong or negative emotions in the focus groups?

      This image contains screenshots of two table templates found in tab 5 of the Retention Plan Workbook

      In the Retention Plan Workbook, distill employee needs on tab 2 into three to five priorities on tab 5.

      Step 2

      Select Solutions and Create an Action Plan

      After completing this step, you will have:

      • Selected and prioritized solutions to address employee needs.
      • Created a plan to launch stay interviews.
      • Built an action plan to implement solutions.

      Select IT-owned solutions and implement people leader–driven initiatives

      Solutions

      First, select and prioritize solutions to address employee needs identified in the previous step. These solutions will address reasons for turnover that influence employee engagement and moments that matter.

      • Brainstorm solutions using the Retention Solutions Catalog as a starting point. Select a longlist of solutions to address your priority needs.
      • Prioritize the longlist of solutions into a manageable number to act on.

      People leaders

      Next, create a plan to launch stay interviews to increase managers' accountability in improving retention. Managers will be critical to solving issues stemming from turnover triggers.

      • Clarify the importance of harnessing the influence of people leaders in improving retention.
      • Discover what might cause individual employees to leave through stay interviews.
      • Increase trust in managers through training.

      Action plan

      Finally, create an action plan and present to senior leadership for approval.

      Look for these icons in the top right of slides in this step.

      Select solutions to employee needs, starting with the Retention Solutions Catalog

      Based on the priority needs you have identified, use the Retention Solutions Catalog to review best-practice solutions for pain points associated with each stage of the lifecycle.

      Use this tool as a starting point, adding to it and iterating based on your own experience and organizational culture and goals.

      This image contains three screenshots from Info-Tech's Retention Solutions Catalog.

      Use Info-Tech's Retention Solutions Catalog to start the brainstorming process and produce a shortlist of potential solutions that will be prioritized on the next slide.

      Info-Tech Insight

      Unless you have the good fortune of having only a few pain points, no single initiative will completely solve your retention issues. Combine one or two of these broad solutions with people-leader initiatives to ensure employee needs are addressed on an individual and an aggregate level.

      Prioritize solutions to be implemented

      Target efforts accordingly

      Quick wins are high-impact, low-effort initiatives that will build traction and credibility within the organization.

      Long-term initiatives require more time and need to be planned for accordingly but will still deliver a large impact. Review the planning horizon to determine how early these need to begin.

      Re-evaluate low-impact and low-effort initiatives and identify ones that either support other higher impact initiatives or have the highest impact to gain traction and credibility. Look for low-hanging fruit.

      Deprioritize initiatives that will take a high degree of effort to deliver lower-value results.

      When assessing the impact of potential solutions, consider:

      • How many critical segments or employees will this solution affect?
      • Is the employee need it addresses critical, or did the solution encompass several themes in the data you analyzed?
      • Will the success of this solution help build a case for further action?
      • Will the solution address multiple employee needs?

      Info-Tech Insight

      It's better to master a few initiatives than under-deliver on many. Start with a few solutions that will have a measurable impact to build the case for further action in the future.

      Solutions

      Low ImpactMedium ImpactLarge Impact
      Large EffortThis is an image of the used to help you prioritize solutions to be implemented.
      Medium Effort
      Low Effort

      Use tab 3 of the Retention Plan Workbook to prioritize your shortlist of solutions.

      Harness the influence of people leaders to improve employee retention

      Leaders at all levels have a huge impact on employees.

      Effective people leaders:

      • Manage work distribution.
      • Create a motivating work environment.
      • Provide development opportunities.
      • Ensure work is stimulating and challenging, but not overwhelming.
      • Provide clear, actionable feedback.
      • Recognize team member contributions.
      • Develop positive relationships with their teams.
      • Create a line of sight between what the employee is doing and what the organization's objectives are.

      Support leaders in recommitting to their role as people managers through Learning & Development initiatives with particular emphasis on coaching and building trust.

      For coaching training, see Info-Tech's Build a Better Manager: Team Essentials – Feedback and Coaching training deck.

      For more information on supporting managers to become better people leaders, see Info-Tech's Build a Better Manager: Manage Your People blueprint.

      "HR can't fix turnover. But leaders on the front line can."
      – Richard P. Finnegan, CEO, C-Suite Analytics

      Equip managers to conduct regular stay interviews to address turnover triggers

      Managers often have the most visibility into their employees' personal and work lives and have a key opportunity to anticipate and address turnover triggers.

      Stay interviews are an effective way of uncovering potential retention issues and allowing managers to act as an early warning system for turnover triggers.

      Examples of common turnover triggers and potential manager responses:

      • Moving, creating a long commute to the office.
        • Through stay interviews, a manager can learn that a long commute is an issue and can help find workarounds such as flexible/remote work options.
      • Not receiving an expected promotion.
        • A trusted manager can anticipate issues stemming from this, discuss why the decision was made, and plan development opportunities for future openings.

      Stay interview best practices

      1. Conducted by an employee's direct manager.
      2. Happen regularly as a part of an ongoing process.
      3. Based on the stay interview, managers produce a turnover forecast for each direct report.
        1. The method used by stay interview expert Richard P. Finnegan is simple: red for high risk, yellow for medium, and green for low.
      4. Provide managers with training and a rough script or list of questions to follow.
        1. Use and customize Info-Tech's Stay Interview Guide to provide a guide for managers on how to conduct a stay interview.
      5. Managers use the results to create an individualized retention action plan made up of concrete actions the manager and employee will take.

      Sources: Richard P. Finnegan, CEO, C-Suite Analytics; SHRM

      Build an action plan to implement the retention plan

      For each initiative identified, map out timelines and actions that need to be taken.

      When building actions and timelines:

      • Refer to the priority needs you identified in tab 4 of the Retention Plan Workbook and ensure they are addressed first.
      • Engage internal stakeholders who will be key to the development of the initiatives to ensure they have sufficient time to complete their deliverables.
        • For example, if you conduct manager training, Learning & Development needs to be involved in the development and launch of the program.
      • Include a date to revisit your baseline retention and engagement data in your project milestones.
      • Designate process owners for new processes such as stay interviews.

      Plan for stay interviews by determining:

      • Whether stay interviews will be a requirement for all employees.
      • How much flexibility managers will have with the process.
      • How you will communicate the stay interview approach to managers.
      • If manager training is required.
      • How managers should record stay interview data and how you will collect this data from them as a way to monitor retention issues.
        • For example, managers can share their turnover forecasts and action plans for each employee.

      Be clear about manager accountabilities for initiatives they will own, such as stay interviews. Plan to communicate the goals and timelines managers will be asked to meet, such as when they must conduct interviews or their responsibility to follow up on action items that come from interviews.

      Track project success to iterate and improve your solutions

      Analyze measurements

      • Regularly remeasure your engagement and retention levels to identify themes and trends that provide insights into program improvements.
      • For example, look at the difference in manager relationship score to see if training has had an impact, or look at changes in critical segment turnover to calculate cost savings.

      Revisit employee and manager feedback

      • After three to six months, conduct additional surveys or focus groups to determine the success of your initiatives and opportunities for improvement. Tweak the program, including stay interviews, based on manager and employee feedback.

      Iterate frequently

      • Revisit your initiatives every two or three years to determine if a refresh is necessary to meet changing organizational and employee needs and to update your goals and targets.

      Key insights

      Insight 1Insight 2Insight 3

      Retention and turnover are two sides of the same coin. You can't fix retention without first understanding turnover.

      Engagement surveys mask the volatility of the employee experience and hide the reason why individual employees leave. You must also talk to employees to understand the moments that matter and engage managers to understand turnover triggers.

      Improving retention isn't just about lowering turnover, it's about discovering what healthy retention looks like for your organization.

      Insight 4Insight 5Insight 6

      HR professionals often have insights into where and why retention is an issue. Gathering detailed employee feedback data through surveys and focus groups provides credibility to these insights and is key to building a case for action. Keep an open mind and allow the data to inform your gut feeling, not the other way around.

      Successful retention plans must be owned by both IT leaders and HR.

      IT leaders often have the most visibility into their employees' personal and work lives and have a key opportunity to anticipate and address turnover triggers.

      Stay interviews help managers anticipate potential retention issues on their teams.

      Workshop Overview

      Contact your account representative for more information.
      workshops@infotech.com 1-888-670-8889

      Info-Tech AnalystsPre-workPost-work
      Client Data Gathering and PlanningImplementation Supported Through Analyst Calls

      1.1 Discuss participants, logistics, overview of workshop activities

      1.2 Provide support to client for below activities through calls.

      		2.1 Schedule follow-up calls to work through implementation of retention solutions based on identified needs.
      Client

      1.Gather results of engagement survey, new hire survey, exit survey, and any exit and stay interview feedback.

      2.Gather and analyze turnover data.

      3.Identify key employee segment(s) and identify and organize participants for focus groups.

      4.Complete cost of turnover analysis.

      5.Review turnover data and prioritize list of employee segments.

      1.Obtain senior leader approval to proceed with retention plan.

      2.Finalize and implement retention solutions.

      3.Prepare managers to conduct stay interviews.

      4.Communicate next steps to stakeholders.

      Workshop Overview

      Contact your account representative for more information.
      workshops@infotech.com 1-888-670-8889

      ActivitiesDay 1Day 2Day 3Day 4
      Assess Current StateConduct Focus GroupsIdentify Needs and Retention InitiativesPrepare to Communicate and Launch

      1.1 Review data to determine why employees join, stay, and leave.

      1.2 Identify common themes.

      1.3 Prepare for focus groups.

      2.1 Conduct four 1-hour focus groups with the employee segment(s) identified in the pre-workshop activities..

      2.2 Info-Tech facilitators independently analyze results of focus groups and group results by theme.

      3.1 Create an empathy map to identify needs

      3.2 Shortlist retention initiatives

      4.1 Select retention initiatives

      4.2 Determine goals and metrics

      4.3 Plan stakeholder communication4.4 Build a high-level action plan

      Deliverables

      1.List of common themes/pain points recorded in the Retention Plan Workbook

      2.Plan for focus groups documented in the Focus Group Guide

      1.Focus group feedback

      2.Focus group feedback analyzed and organized by themes

      		1.Employee needs and shortlist of initiatives to address them1.Finalized list of retention initiatives

      Info-Tech offers various levels of support to best suit your needs

      DIY Toolkit

      “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

      Guided Implementation

      “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

      Workshop

      “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

      Consulting

      “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

      Diagnostics and consistent frameworks used throughout all four options

      Research Contributors and Experts

      Jeff Bonnell
      VP HR
      Info-Tech Research Group

      Phillip Kotanidis
      CHRO
      Michael Garron Hospital

      Michael McGuire
      Director, Organizational Development
      William Osler Health System

      Dr. Iris Ware
      Chief Learning Officer
      City of Detroit

      Richard P. Finnegan
      CEO
      C-Suite Analytics

      Dr. Thomas Lee
      Professor of Management
      University of Washington

      Jane Moughon
      Specialist in increasing profits, reducing turnover, and maximizing human potential in manufacturing companies

      Lisa Kaste
      Former HR Director
      Citco

      Piyush Mathur
      Head of Workforce Analytics
      Johnson & Johnson

      Gregory P. Smith
      CEO
      Chart Your Course

      Works Cited

      "17 Surprising Statistics about Employee Retention." TINYpulse, 8 Sept. 2020. Web.
      "2020 Job Seeker Nation Study." Jobvite, April 2020. Web.
      "2020 Recruiter Nation Survey." Jobvite, 2020. Web.
      "2020 Retention Report: Insights on 2019 Turnover Trends, Reasons, Costs, & Recommendations." Work Institute, 2020. Web.
      "25 Essential Productivity Statistics for 2021." TeamStage, 2021. Accessed 22 Jun. 2021.
      Agovino, Theresa. "To Have and to Hold." SHRM, 23 Feb. 2019. Web.
      "Civilian Unemployment Rate." Bureau of Labor Statistics, June 2020. Web.
      Foreman, Paul. "The domino effect of chief sales officer turnover on salespeople." Mereo, 19 July 2018. Web.
      "Gross Domestic Product." U.S. Bureau of Economic Analysis, 27 May 2021. Accessed 22 Jun. 2020.
      Kinne, Aaron. "Back to Basics: What is Employee Experience?" Workhuman, 27August 2020. Accessed 21 Jun. 2021.
      Lee, Thomas W, et al. "Managing employee retention and turnover with 21st century ideas." Organizational Dynamics, vol 47, no. 2, 2017, pp. 88-98. Web.
      Lee, Thomas W. and Terence R. Mitchell. "Control Turnover by Understanding its Causes." The Blackwell Handbook of Principles of Organizational Behaviour. 2017. Print.
      McFeely, Shane, and Ben Wigert. "This Fixable Problem Costs U.S. Businesses $1 Trillion." Gallup. 13 March 2019. Web.
      "Table 18. Annual Quit rates by Industry and Region Not Seasonally Adjusted." Bureau of Labor Statistics. June 2021. Web.
      "The 2019 Compensation Best Practices Report: Will They Stay or Will They Go? Employee Retention and Acquisition in an Uncertain Economy." PayScale. 2019. Web.
      Vuleta, Branka. "30 Troubling Employee Retention Statistics." Legaljobs. 1 Feb. 2021. Web.
      "What is a Tenured Employee? Top Benefits of Tenure and How to Stay Engaged as One." Indeed. 22 Feb. 2021. Accessed 22 Jun. 2021.

      Build Your Security Operations Program From the Ground Up

      • Buy Link or Shortcode: {j2store}263|cart{/j2store}
      • member rating overall impact: 9.7/10 Overall Impact
      • member rating average dollars saved: $56,299 Average $ Saved
      • member rating average days saved: 43 Average Days Saved
      • Parent Category Name: Security Processes & Operations
      • Parent Category Link: /security-processes-and-operations
      • Analysts cannot monitor and track events coming from multiple tools because they have no visibility into the threat environment.
      • Incident management takes away time from problem management because processes are ad hoc and the continuous monitoring, collection, and analysis of massive volumes of security event data is responsive rather than tactical.
      • Organizations are struggling to defend against and prevent threats while juggling business, compliance, and consumer obligations.

      Our Advice

      Critical Insight

      • Security operations is no longer a center but a process. The need for a physical security hub has evolved into the virtual fusion of prevention, detection, analysis, and response efforts. When all four functions operate as a unified process, your organization will be able to proactively combat changes in the threat landscape.
      • Raw data without correlation is a waste of time, money, and effort. A SIEM on its own will not provide this contextualization and needs configuration. Prevention, detection, analysis, and response processes must contextualize threat data and supplement one another – true value will only be realized once all four functions operate as a unified process.
      • If you are not communicating, then you are not secure. Collaboration eliminates siloed decisions by connecting people, processes, and technologies. You leave less room for error, consume fewer resources, and improve operational efficiency with a transparent security operations process.

      Impact and Result

      • A centralized security operations process actively transforms security events and threat information into actionable intelligence, driving security prevention, detection, analysis, and response processes that address the increasing sophistication of cyberthreats while guiding continuous improvement.
      • This blueprint will walk through the steps of developing a flexible and systematic security operations program relevant to your organization.

      Build Your Security Operations Program From the Ground Up Research & Tools

      Start here – read the Executive Brief

      Read our concise Executive Brief to find out why you should build a security operations program, review Info-Tech’s methodology, and understand the ways we can support you in completing this project.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Establish your foundation

      Determine how to establish the foundation of your security operations.

      • Build Your Security Operations Program From the Ground Up – Phase 1: Establish Your Foundation
      • Information Security Pressure Analysis Tool

      2. Assess your current state

      Assess the maturity of your prevention, detection, analysis, and response processes.

      • Build Your Security Operations Program From the Ground Up – Phase 2: Assess Your Current State
      • Security Operations Roadmap Tool

      3. Design your target state

      Design a target state and improve your governance and policy solutions.

      • Build Your Security Operations Program From the Ground Up – Phase 3: Design Your Target State
      • Security Operations Policy

      4. Develop an implementation roadmap

      Make your case to the board and develop a roadmap for your prioritized security initiatives.

      • Build Your Security Operations Program From the Ground Up – Phase 4: Develop an Implementation Roadmap
      • In-House vs. Outsourcing Decision-Making Tool
      • Security Operations MSSP RFP Template
      • Security Operations Project Charter Template
      • Security Operations RACI Tool
      • Security Operations Metrics Summary Document
      [infographic]

      Workshop: Build Your Security Operations Program From the Ground Up

      Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

      1 Establish Your Foundation

      The Purpose

      Identify security obligations and the security operations program’s pressure posture.

      Assess current people, process, and technology capabilities.

      Determine foundational controls and complete system and asset inventory.

      Key Benefits Achieved

      Identified the foundational elements needed for planning before a security operations program can be built

      Activities

      1.1 Define your security obligations and assess your security pressure posture.

      1.2 Determine current knowledge and skill gaps.

      1.3 Shine a spotlight on services worth monitoring.

      1.4 Assess and document your information system environment.

      Outputs

      Customized security pressure posture

      Current knowledge and skills gaps

      Log register of essential services

      Asset management inventory

      2 Assess Current Security Operations Processes

      The Purpose

      Identify the maturity level of existing security operations program processes.

      Key Benefits Achieved

      Current maturity assessment of security operations processes

      Activities

      2.1 Assess the current maturity level of the existing security operations program processes.

      Outputs

      Current maturity assessment

      3 Design a Target State

      The Purpose

      Design your optimized target state.

      Improve your security operations processes with governance and policy solutions.

      Identify and prioritize gap initiatives.

      Key Benefits Achieved

      A comprehensive list of initiatives to reach ideal target state

      Optimized security operations with repeatable and standardized policies

      Activities

      3.1 Complete standardized policy templates.

      3.2 Map out your ideal target state.

      3.3 Identify gap initiatives.

      Outputs

      Security operations policies

      Gap analysis between current and target states

      List of prioritized initiatives

      4 Develop an Implementation Roadmap

      The Purpose

      Formalize project strategy with a project charter.

      Determine your sourcing strategy for in-house or outsourced security operations processes.

      Assign responsibilities and complete an implementation roadmap.

      Key Benefits Achieved

      An overarching and documented strategy and vision for your security operations

      A thorough rationale for in-house or outsourced security operations processes

      Assigned and documented responsibilities for key projects

      Activities

      4.1 Complete a security operations project charter.

      4.2 Determine in-house vs. outsourcing rationale.

      4.3 Identify dependencies of your initiatives and prioritize initiatives in phases of implementation.

      4.4 Complete a security operations roadmap.

      Outputs

      Security operations project charter

      In-house vs. outsourcing rationale

      Initiatives organized according to phases of development

      Planned and achievable security operations roadmap

      Build an Information Security Strategy

      • Buy Link or Shortcode: {j2store}242|cart{/j2store}
      • member rating overall impact: 9.5/10 Overall Impact
      • member rating average dollars saved: $45,303 Average $ Saved
      • member rating average days saved: 34 Average Days Saved
      • Parent Category Name: Security Strategy & Budgeting
      • Parent Category Link: /security-strategy-and-budgeting
      • Many security leaders struggle to decide how to best to prioritize their scarce information security resources
      • The need to move from a reactive approach to security towards a strategic planning approach is clear. The path to getting there is less so.

      Our Advice

      Critical Insight

      The most successful information security strategies are:

      • Holistic – They consider the full spectrum of information security, including people, processes, and technology.
      • Risk aware – They understand that security decisions should be made based on the security risks facing their organization, not just on “best practice.”
      • Business aligned – They demonstrate an understanding of the goals and strategies of the organization and how the security program can support the business.

      Impact and Result

      • Info-Tech has developed a highly effective approach to building an information security strategy, an approach that has been successfully tested and refined for more than seven years with hundreds of different organizations:
      • This approach includes tools for:
        • Ensuring alignment with business objectives.
        • Assessing organizational risk and stakeholder expectations.
        • Enabling a comprehensive current state assessment.
        • Prioritizing initiatives and building out a security roadmap.

      Build an Information Security Strategy Research & Tools

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Information Security (IS) Strategy Research – A step-by-step document that helps you build a holistic, risk-based, and business-aligned IS strategy.

      Your security strategy should not be based on trying to blindly follow best practices but on a holistic risk-based assessment that is risk aware and aligns with your business context. Use this storyboard to augment your security strategy by ensuring alignment with business objectives, assessing your organization's risk and stakeholder expectations, understanding your current security state, and prioritizing initiatives and a security roadmap.

      • Build an Information Security Strategy – Phases 1-4

      2. Information Security Requirements Gathering Tool – A tool to make informed security risk decisions to support business needs.

      Use this tool to formally identify business goals and customer and compliance obligations and make explicit links to how security initiatives propose to support these business interests. Then define the scope and boundaries for the security strategy and the risk tolerance definitions that will guide future security risk decisions.

      • Information Security Requirements Gathering Tool

      3. Information Security Pressure Analysis Tool – An evaluation tool to invest in the right security functions using a pressure analysis approach.

      Security pressure posture analysis helps your organization assess your real security context and enables you to invest in the right security functions while balancing the cost and value in alignment with business strategies. Security pressure sets the baseline that will help you avoid over-investing or under-investing in your security functions.

      • Information Security Pressure Analysis Tool

      4. Information Security Program Gap Analysis Tool – A structured tool to systematically understand your current security state.

      Effective security planning should not be one size fits all – it must consider business alignment, security benefit, and resource cost. To enable an effective security program, all areas of security need to be evaluated closely to determine where the organization sits currently and where it needs to go in the future.

      • Information Security Program Gap Analysis Tool

      5. Information Security Strategy Communication Deck – A best-of-breed presentation document to build a clear, concise, and compelling strategy document.

      Use this communication deck template to present the results of the security strategy to stakeholders, demonstrate the progression from the current state to the future state, and establish the roadmap of the security initiatives that will be implemented. This information security communication deck will help ensure that you’re communicating effectively for your cause.

      • Information Security Strategy Communication Deck

      6. Information Security Charter – An essential document for defining the scope and purpose of a security project or program.

      A charter is an essential document for defining the scope and purpose of security. Without a charter to control and set clear objectives for this committee, the responsibility of security governance initiatives will likely be undefined within the enterprise, preventing the security governance program from operating efficiently. This template can act as the foundation for a security charter to provide guidance to the governance of information security.

      • Information Security Charter
      [infographic]

      Workshop: Build an Information Security Strategy

      Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

      1 Assess Security Requirements

      The Purpose

      Understand business and IT strategy and plans.

      Key Benefits Achieved

      Defined security obligations, scope, and boundaries.

      Activities

      1.1 Define business and compliance.

      1.2 Establish security program scope.

      1.3 Analyze the organization’s risk and stakeholder pressures.

      1.4 Identify the organizational risk tolerance level.

      Outputs

      Security obligations statement

      Security scope and boundaries statement

      Defined risk tolerance level

      Risk assessment and pressure analysis

      2 Perform a Gap Analysis

      The Purpose

      Define the information security target state.

      Key Benefits Achieved

      Set goals and Initiatives for the security strategy in line with the business objectives.

      Activities

      2.1 Assess current security capabilities.

      2.2 Identify security gaps.

      2.3 Build initiatives to bridge the gaps.

      Outputs

      Information security target state

      Security current state assessment

      Initiatives to address gaps

      3 Complete the Gap Analysis

      The Purpose

      Continue assessing current security capabilities.

      Key Benefits Achieved

      Identification of security gaps and initiatives to bridge them according to the business goals.

      Activities

      3.1 Identify security gaps.

      3.2 Build initiatives to bridge the maturity gaps.

      3.3 Identify initiative list and task list.

      3.4 Define criteria to be used to prioritize initiatives.

      Outputs

      Completed security current state assessment

      Task list to address gaps

      Initiative list to address gaps

      Prioritize criteria

      4 Develop the Roadmap

      The Purpose

      Create a plan for your security strategy going forward.

      Key Benefits Achieved

      Set path forward to achieving the target state for the business through goal cascade and gap initiatives.

      Activities

      4.1 Conduct cost/benefit analysis on initiatives.

      4.2 Prioritize gap initiatives based on cost and alignment with business.

      4.3 Build an effort list.

      4.4 Determine state times and accountability.

      4.5 Finalize security roadmap and action plan.

      4.6 Create communication plan.

      Outputs

      Information security roadmap

      Draft communication deck

      5 Communicate and Implement

      The Purpose

      Finalize deliverables.

      Key Benefits Achieved

      Consolidate documentation into a finalized deliverable that can be used to present to executives and decision makers to achieve buy-in for the project.

      Activities

      5.1 Support communication efforts.

      5.2 Identify resources in support of priority initiatives.

      Outputs

      Security strategy roadmap documentation

      Detailed cost and effort estimates

      Mapping of Info-Tech resources against individual initiatives

      Further reading

      Build an Information Security Strategy

      Create value by aligning your strategy to business goals and business risks.

      Analyst Perspective

      Set your security strategy up for success.

      “Today’s rapid pace of change in business innovation and digital transformation is a call to action to information security leaders.

      Too often, chief information security officers find their programs stuck in reactive mode, a result of years of mounting security technical debt. Shifting from a reactive to proactive stance has never been more important. Unfortunately, doing so remains a daunting task for many.

      While easy to develop, security plans premised on the need to blindly follow ‘best practices’ are unlikely to win over many stakeholders. To be truly successful, an information security strategy needs to be holistic, risk-aware, and business-aligned.”

      Kevin Peuhkurinen

      Research Director – Security, Risk & Compliance

      Info-Tech Research Group

      Executive summary

      Your Challenge

      • Many security leaders struggle to decide how best to prioritize their scarce information security resources.
      • The need to move from a reactive approach to security toward a strategic planning approach is clear. The path to getting there is less clear.

      Common Obstacle

      • Developing a security strategy can be challenging. Complications include:
        • Performing an accurate assessment of your current security program can be extremely difficult when you don’t know what to assess or how.
        • Determining the appropriate target state for security can be even more challenging. A strategy built around following best practices is unlikely to garner significant support from business stakeholders.

      Info-Tech’s Approach

      • Info-Tech has developed a highly effective approach to building an information security strategy, an approach that has been successfully tested and refined for 7+ years with hundreds of organizations.
      • This unique approach includes tools for:
        • Ensuring alignment with business objectives.
        • Assessing organizational risk and stakeholder expectations.
        • Enabling a comprehensive current state assessment.
        • Prioritizing initiatives and building out a security roadmap.

      Info-Tech Insight

      The most successful information security strategies are:

      • Holistic. They consider the full spectrum of information security, including people, processes, and technologies.
      • Risk-Aware. They understand that security decisions should be made based on the security risks facing their organization, not just on best practice.
      • Business-Aligned. They demonstrate an understanding of the goals and strategies of the organization, and how the security program can support the business.

      It’s not a matter of if you have a security incident, but when

      Organizations need to prepare and expect the inevitable security breach.

      Fifty-eight percent of companies surveyed that experienced a breach were small businesses.

      Eighty-nine percent of breaches have a financial or espionage motive.

      Three graphs are depicted. The first is labeled ‘Total Cost for Three Data Breach Root Causes,’ the second ‘Distribution of Benchmark by Root Cause of the Data Breach,’ and the third ‘Per Capita for Three Root Causes of a Data Breach.’ The three root causes are malicious or criminal attack (US$166 million per capita), system glitch ($132 million per capita), and human error ($133 million per capita).

      Source: Ponemon Institute, “2019 Global Cost of Data Breach Study”

      An information security strategy can help you prepare for incidents

      Organizations need to expect the inevitable security breach.

      90%

      of businesses have experienced an external threat in the last year.

      50%

      of IT professionals consider security to be their number one priority.

      53%

      of organizations claimed to have experienced an insider attack in the previous 12 months. 1

      46%

      of businesses believe the frequency of attacks is increasing. 2

      Effective IT leaders approach their security strategy from an understanding that attacks on their organization will occur. Building a strategy around this assumption allows your security team to understand the gaps in your current approach and become proactive instead of being reactive.

      Sources: 1 Kaspersky Lab, “Global IT Security Risks Survey”; 2 CA Technologies, “Insider Threat 2018 Report”

      Persistent Issues

      Evolving Ransomware

      • Continual changes in types and platforms make ransomware a persistent threat. The frequency of ransomware attacks was reported to have increased by 67% in the past five years. 1

      Phishing Attacks

        • Despite filtering and awareness, email remains the most common threat vector for phishing attacks (94%) and an average of 3% of participants in phishing campaigns still click on them. 2

      Insider Privilege and Misuse

      • Typically, 34% of breaches are perpetrated by insiders, with 15% involving privilege misuse. Takeaway: Care less about titles and more about access levels. 3

      Denial of Service

      • The median amount of time that an organization is under attack from DDoS attack is three days.

      Emerging Trends

      Advanced Identity and Access Governance

      • Using emerging technologies in automation, orchestration, and machine learning, the management and governance of identities and access has become more advanced.

      Sources: 1 Accenture, “2019 The Cost of Cyber Crime Study”; 2,3 Verizon, “2019 Data Breach Investigations Report”

      New threat trends in information security aren’t new.

      Previously understood attacks are simply an evolution of prior implementations, not a revolution.

      Traditionally, most organizations are not doing a good-enough job with security fundamentals, which is why attackers have been able to use the same old tricks.

      However, information security has finally caught the attention of organizational leaders, presenting the opportunity to implement a comprehensive security program.

      Cyberattacks have a significant financial impact

      Global average cost of a data breach: $3.92 Million

      Source: Ponemon Institute, “2019 Cost of a Data Breach Study: Global Overview”

      A bar graph, titled ‘Average cost of data breach by industry,’ is depicted. Of 17 industries depicted, public is the lowest average cost (US$1.29 million) and health is the highest average cost ($6.45 million).

      Primary incident type (with a confirmed data breach)

      1. Leading incident type is Denial of Service attacks (DoS), taking up to 70% of all incidents.
      2. When it comes to data breaches, we see that the use of stolen credentials leads to the most cases of confirmed breaches, accounting for 29%.

      Personal records tend to be the most compromised data types, while databases tend to be the most frequently involved asset in breaches.

      Source: Verizon, “2019 Data Breach Investigations Report”

      Security threats are not going away

      We continue to see and hear of security breaches occurring regularly.

      A bar graph depicts the percentage of businesses who experienced a data breach in the last year–US total and global total. Numbers have increased from 2016 to 2019. In 2016, 19 percent of US businesses experienced a breach. In 2019, this number was 59 percent.

      An attacker must be successful only once. The defender – you – must be successful every time.

      Info-Tech’s approach

      Maturing from reactive to strategic information security

      Two circular graphs depict the move from ‘reactive security’ to ‘strategic security’ organizations can accomplish using Info-Tech’s approach.

      Tools icon that is used in the first three stages of the strategic security graph above. Indicates Info-Tech tools included in this blueprint.

      The Info-Tech difference:

      1. A proven, structured approach to mature your information security program from reactive to strategic.
      2. A comprehensive set of tools to take the pain out of each phase in the strategy building exercise.
      3. Visually appealing templates to communicate and socialize your security strategy and roadmap to your stakeholders.

      Info-Tech’s Security Strategy Model

      Info-Tech’s Security Strategy Model is depicted in this rectangular image with arrows. The first level depicts business context (enterprise goals, compliance obligations, scope and boundaries) and pressures (security risks, risk tolerance, stakeholder expectations). The second level depicts security target state (maturity model, security framework, security alignment goals, target maturity, time frame) and current state (current state assessment, gap analysis). The third level depicts the information security roadmap (initiative list, task list, prioritization methodology, and Gantt chart).

      The Info-Tech difference:

      An information security strategy model that is:

      1. Business-Aligned. Determines business context and cascades enterprise goals into security alignment goals.
      2. Risk-Aware. Understands the security risks of the business and how they intersect with the overall organizational risk tolerance.
      3. Holistic. Leverages a best-of-breed information security framework to provide comprehensive awareness of organizational security capabilities.

      Info-Tech’s best-of-breed security framework

      This image shows how Info-Tech’s framework is based on ISO 27000 series, CIS Top 20, COBIT 2019, NIST 800-53, and NIST CSF.

      Info-Tech’s approach

      Creating an information security strategy

      Value to the business

      Outcome

      Best-of-breed security strategy

      Have documentation that paints a picture of the road to compliance. Integrate your framework with your risk tolerance and external pressures.

      Be ready for future changes by aligning your security strategy to security framework best practices.

      Address the nature of your current information security

      Eliminate gaps in process and know what is in scope for your security strategy. Learn what pressures your business and industry are under.

      Gain insight into your current state, allowing you to focus on high-value projects first, transitioning towards a target state.

      Highlight overlooked functions of your current security strategy

      Build a comprehensive security program that brings to light all aspects of your security program.

      Instead of pursing ad hoc projects, know what needs work and how to prioritize your pressing security issues.

      Create a tangible roadmap to your target state

      Create a plan for your future state of information security. Refer to and update your target state as your business needs change.

      Document your current progress and path forward in the future. Know your goals and requirements, codified in a living document.

      Use our prepopulated deliverables to fast track your progress

      Let Info-Tech do the work for you. With completed deliverables, have tangible documents to convey your business needs.

      A comprehensive set of deliverables with concrete, defensible data to justify any business changes.

      A living security strategy

      Pivot and change prioritization to meet the needs of your security deficits.

      Future-proof your security strategy for any contingency.

      The Info-Tech difference:

      Evolve the security program to be more proactive by leveraging Info-Tech’s approach to building a security strategy.

      • Dive deep into security obligations and security pressures to define the business context.
      • Conduct a thorough current state and future state analysis that is aligned with a best-of-breed framework.
      • Prioritize gap-closing initiatives to create a living security strategy roadmap.

      Use Info-Tech’s blueprint to save one to three months

      This image depicts how using Info-Tech’s four-phase blueprint can save an estimated seven to 14 weeks of an organization’s time and effort.

      Iterative benefit

      Over time, experience incremental value from your initial security strategy. Through continual updates your strategy will evolve but with less associated effort, time, and costs.

      These estimates are based on experiences with Info-Tech clients throughout the creation of this blueprint.

      Key deliverable:

      Information Security Strategy Communication Deck (PPT)

      Present your findings in a prepopulated document that can summarizes all key findings of the blueprint.

      Screenshots from Info-Tech’s Information Security Strategy Communication Deck Template.

      Blueprint deliverables

      Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

      Information Security Requirements Gathering Tool

      Define the business, customer, and compliance alignment for your security program.

      Information Security Pressure Analysis Tool

      Determine your organization’s security pressures and ability to tolerate risk.

      Information Security Program Gap Analysis Tool

      Use our best-of-breed security framework to perform a gap analysis between your current and target states.

      Information Security Charter

      Ensure the development and management of your security policies meet the broader program vision.

      Info-Tech offers various levels of support to best suit your needs

      DIY Toolkit

      “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

      Guided Implementation

      “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

      Workshop

      “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

      Consulting

      “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

      Diagnostic and consistent frameworks are used throughout all four options.

      Guided Implementation

      What does a typical Guided Implementation on this topic look like?

      Guided Implementation #1 - Assess security requirements
      • Call #1 - Introduce project and complete pressure analysis.
      Guided Implementation #2 - Build a gap initiative strategy
      • Call #1 - Introduce the maturity assessment.
      • Call #2 - Perform gap analysis and translate into initiatives.
      • Call #3 - Consolidate related gap initiatives and define, cost, effort, alignment, and security benefits.
      Guided Implementation #3 - Prioritize initiatives and build roadmap
      • Call #1 - Review cost/benefit analysis and build an effort map.
      • Call #2 - Build implementation waves and introduce Gantt chart.
      Guided Implementation #4 - Execute and maintain
      • Call #1 - Review Gantt chart and ensure budget/buy-in support.
      • Call #2 - Three-month check-in: Execute and maintain.

      A Guided Implementation is series of calls with an Info-Tech analyst to help implement our best practices in your organization.

      A typical Guided Implementation is between 2-12 calls over the course of 4 to 6 months.

      Workshop Overview

      Contact your account representative for more information, or contact workshops@infotech.com or 1-888-670-8889.

      Day 1

      Day 2

      Day 3

      Day 4

      Day 5

      Activities

      Assess Security Requirements

      Perform a Gap Analysis

      Complete the Gap Analysis

      Develop Roadmap

      Communicate and Implement

      1.1 Understand business and IT strategy and plans

      1.2 Define business and compliance requirements

      1.3 Establish the security program scope

      1.4 Analyze the organization’s risks and stakeholder pressures

      1.5 Identify the organizational risk tolerance level

      2.1 Define the information security target state

      2.2 Assess current security capabilities

      2.3 Identify security gaps

      2.4 Build initiatives to bridge the gaps

      3.1 Continue assessing current security capabilities

      3.2 Identify security gaps

      3.3 Build initiatives to bridge the maturity gaps

      3.4 Identify initiative list and task list

      3.5 Define criteria to be used to prioritize initiatives

      4.1 Conduct cost/benefit analysis on initiatives

      4.2 Prioritize gap initiatives based on cost, time, and alignment with the business

      4.3 Build effort map

      4.4 Determine start times and accountability

      4.5 Finalize security roadmap and action plan

      4.6 Create communication plan

      5.1 Finalize deliverables

      5.2 Support communication efforts

      5.3 Identify resources in support of priority initiatives

      Deliverables

      1.Security obligations statement

      2.Security scope and boundaries statement

      3.Defined risk tolerance level

      4.Risk assessment and pressure analysis

      1.Information security target state

      2.Security current state assessment

      3.Initiatives to address gaps

      1.Completed security current state assessment

      2.Task list to address gaps address gaps

      4.Prioritization criteria

      1.Information security roadmap

      2.Draft communication deck

      1.Security strategy roadmap documentation

      2.Detailed cost and effort estimates

      3.Mapping of Info-Tech resources against individual initiatives

      Executive Brief Case Study

      Credit Service Company

      Industry: Financial Services

      Source: Info-Tech Research group

      Founded over 100 years ago, Credit Service Company (CSC)* operates in the United States with over 40 branches located across four states. The organization services over 50,000 clients.

      Situation

      Increased regulations, changes in technology, and a growing number of public security incidents had caught the attention of the organization’s leadership. Despite awareness, an IT and security strategy had not been previously created. Management was determined to create a direction for the security team that aligned with their core mission of providing exceptional service and expertise.

      Solution

      During the workshop, the IT team and Info-Tech analysts worked together to understand the organization’s ideal state in various areas of information security. Having a concise understanding of requirements was a stepping stone to beginning to develop CSC’s prioritized strategy.

      Results

      Over the course of the week, the team created a document that concisely prioritized upcoming projects and associated costs and benefits. On the final day of the workshop, the team effectively presented the value of the newly developed security strategy to senior management and received buy-in for the upcoming project.

      *Some details have been changed for client privacy.

      Phase 1

      Assess Security Requirements

        Phase 1

      • 1.1 Define goals & scope
      • 1.2 Assess risks
      • 1.3 Determine pressures
      • 1.4 Determine risk tolerance
      • 1.5 Establish target state

        Phase 2

      • 2.1 Review Info-Tech’s security framework
      • 2.2 Assess your current state
      • 2.3 Identify gap closure actions

        Phase 3

      • 3.1 Define tasks & initiatives
      • 3.2 Perform cost/benefit analysis
      • 3.3 Prioritize initiatives
      • 3.4 Build roadmap

        Phase 4

      • 4.1 Build communication deck
      • 4.2 Develop a security charter
      • 4.3 Execute on your roadmap

      This phase will walk you through the following activities:

      1.1 Define goals and scope of the security strategy.

      1.2 Assess your organization’s current inherent security risks.

      1.3 Determine your organization’s stakeholder pressures for security.

      1.4 Determine your organization’s risk tolerance.

      1.5 Establish your security target state.

      1.1.1 Record your business goals

      Once you have identified your primary and secondary business goals, as well as the corresponding security alignment goals, record them in the Information Security Requirements Gathering Tool. The tool provides an activity status that will let you know if any parts of the tool have not been completed.

      1. Record your identified primary and secondary business goals in the Goals Cascade tab of the Information Security Requirements Gathering Tool.

      Use the drop-down lists to select an appropriate goal or choose “Other.” If you do choose “Other,” you will need to manually enter an appropriate business goal.

      2. For each of your business goals, select one to two security alignment goals. The tool will provide you with recommendations, but you can override these by selecting a different goal from the drop-down lists.

      A screenshot of the ‘Business Goals Cascade,’ which is part of the ‘Information Security Requirements Gathering Tool.’

      A common challenge for security leaders is how to express their initiatives in terms that are meaningful to business executives. This exercise helps to make an explicit link between what the business cares about and what security is trying to accomplish.

      1.1.2 Review your goals cascade

      Estimated Time: 15 minutes

      1. When you have completed the goals cascade, you can review a graphic diagram that illustrates your goals. The graphic is found on the Results tab of the Information Security Requirements Gathering Tool.
        • Security must support the primary business objectives. A strong security program will enable the business to compete in new and creative ways, rather than simply acting as an obstacle.
        • Failure to meet business obligations can result in operational problems, impacting the organization’s ability to function and the organization’s bottom line.
      2. Once you have reviewed the diagram, copy it into the Information Security Strategy Communication Deck.

      A screenshot of the ‘Goal Cascade Diagrams,’ which is part of the ‘Information Security Requirements Gathering Tool.’

      Identify your compliance obligations

      Most conventional regulatory obligations are legally mandated legislation or compliance obligations, such as:

      Sarbanes-Oxley Act (SOX)

      Applies to public companies that have registered equity or debt securities within the SEC to guarantee data integrity against financial fraud.

      Payment Card Industry Data Security Standard (PCI DSS)

      Applies to any organization that processes, transmits, or stores credit card information to ensure cardholder data is protected.

      Health Insurance Portability and Accountability Act (HIPAA)

      Applies to the healthcare sector and protects the privacy of individually identifiable healthcare information.

      Health Information Technology for Economic and Clinical Health (HITECH)

      Applies to the healthcare sector and widens the scope of privacy and security protections available under HIPAA.

      Personal Information Protection and Electronic Documents Act (PIPEDA)

      Applies to private sector organizations that collect personal information in Canada to ensure the protection of personal information in the course of commercial business.

      Compliance obligations also extend to voluntary security frameworks:

      NIST

      National Institute of Standards and Technology; a non-regulatory agency that develops and publicizes measurement

      CIS – 20 CSC

      Center for Internet Security – 20 Critical Security Controls; foundational set of effective cybersecurity practices.

      ISO 27001

      An information security management system framework outlining policies and procedures.

      COBIT 5

      An information technology and management and governance framework.

      HITRUST

      A common security framework for organizations that use or hold regulated personal health information.

      1.1.3 Record your compliance obligations

      Estimated Time: 30 minutes

      1. Identify your compliance obligations. Most organizations have compliance obligations that must be adhered to. These can include both mandatory and voluntary obligations. Mandatory obligations include:
        • Laws
        • Government regulations
        • Industry standards
        • Contractual agreements
        Voluntary obligations include standards that the organization has chosen to follow for best practices and any obligations that are required to maintain certifications. Organizations will have many different compliance obligations. For the purposes of your security strategy, include only those that have information security or privacy requirements.
      2. Record your compliance obligations, along with any notes, in your copy of the Information Security Requirements Gathering Tool.

      A screenshot of ‘Security Compliance Obligations,’ part of the ‘Information Security Requirements Gathering Tool.’

      Establish your scope and boundaries

      It is important to know at the outset of the strategy: what are we trying to secure?

      This includes physical areas we are responsible for, types of data we care about, and departments or IT systems we are responsible for.

      This also includes what is not in scope. For some outsourced services or locations, you may not be responsible for their security. In some business departments, you may not have control of security processes. Ensure that it is made explicit at the outset what will be included and what will be excluded from security considerations.

      Physical Scope and Boundaries

      • How many offices and locations does your organization have?
      • Which locations/offices will be covered by your information security management system (ISMS)?
      • How sensitive is the data residing at each location?
      • You may have many physical locations, and it is not necessary to list every one. Rather, list exceptional cases that are specifically in or out of scope.

      IT Systems Scope and Boundaries

      • There may be hundreds of applications that are run and maintained in your organization. Some of these may be legacy applications. Does your ISMS need to secure all your programs or a select few?
      • Is the system owned or outsourced?
      • Where are we accountable for security?
      • How sensitive is the data that each system handles?

      Organizational Scope and Boundaries

      • Will your ISMS cover all departments within your organization? For example, do certain departments (e.g. Operations) not need any security coverage?
      • Do you have the ability to make security decisions for each department?
      • Who are the key stakeholders/data owners for each department?

      Organizational scope considerations

      Many different groups will fall within the purview of the security strategy. Consider these two main points when deciding which departments will be in scope:

      1. If a group/user has access to data or systems that can impact the organization, then securing that group/user should be included within scope of the security strategy.
      2. If your organization provides some work direction to a group/user, they should be included within scope of the security strategy.
      1. Identify your departments and business groups
        • Start by identifying departments that provide some essential input or service to the organization or departments that interact with sensitive data.
      2. Break out different subsidiaries or divisions
        • Subsidiaries may or may not be responsible for securing themselves and protecting their data, but either way they are often heavily reliant on corporate for guidance and share IT resourcing support.
      3. Identify user groups
        • Many user groups exist, all requiring different levels of security. For example, from on-premises to remote access, from full-time employees to part-time or contractors.

      Physical scope considerations

      List physical locations by type

      Offices

      The primary location(s) where business operations are carried out. Usually leased or owned by the business.

      Regional Offices

      These are secondary offices that can be normal business offices or home offices. These locations will have a VPN connection and some sort of tenant.

      Co-Locations

      These are redundant data center sites set up for additional space, equipment, and bandwidth.

      Remote Access

      This includes all remaining instances of employees or contractors using a VPN to connect.

      Clients and Vendors

      Various vendors and clients have dedicated VPN connections that will have some control over infrastructure (whether owed/laaS/other).

      List physical locations by nature of the location

      Core areas within physical scope

      These are many physical locations that are directly managed. These are high-risk locations with many personal and services, resulting in many possible vulnerabilities and attack vectors.

      Locations on the edge of control

      These are on the edge of the physical scope, and thus, in scope of the security strategy. These include remote locations, remote access connections, etc.

      Third-party connections

      Networks of third-party users are within physical scope and need defined security requirements and definitions of how this varies per user.

      BYOD

      Mostly privately owned mobile devices with either on-network or remote access.

      It would be overkill and unhelpful to list every single location or device that is in scope. Rather, list by broad categories as suggested above or simply list exceptional cases that are in/out of scope.

      IT systems scope considerations

      Consider identifying your IT systems by your level of control or ownership.

      Fully owned systems

      These are systems that are wholly owned or managed by your organization.

      IT is almost always the admin of these systems. Generally they are hosted on premises. All securitization through methods such as patching or antivirus is done and managed by your IT department.

      Cloud/remote hosted (SaaS)

      These are systems with a lot of uncertainties because the vendor or service provided is either not known or what they are doing for security is not fully known.

      These systems need to be secured regardless, but supplier and vendor relationship management becomes a major component of how to manage these systems. Often, each system has varying levels of risk based on vendor practices.

      Hybrid owned (IaaS/PaaS)

      You likely have a good understanding of control for these systems, but they may not be fully managed by you (i.e. ownership of the infrastructure). These systems are often hosted by third parties that do some level of admin work.

      A main concern is the unclear definition of responsibility in maintaining these systems. These are managed to some degree by third parties; it is challenging for your security program to perform the full gamut of security or administrative functions.

      Unknown/unowned systems

      There are often systems that are unowned and even unknown and that very few people are using. These apps can be very small and my not fall under your IT management system framework. These systems create huge levels of risk due to limited visibility.

      For example, unapproved (shadow IT) file sharing or cloud storage applications would be unknown and unowned.

      1.1.4 Record your scope and boundaries

      Estimated Time: 30-60 minutes

      1. Divide into groups and give each group member a handful of sticky notes. Ask them to write down as many items as possible for the organization that could fall under one of the scope buckets.
      2. Collect each group’s responses and discuss the sticky notes and the rationale for including them. Discuss your security-related locations, data, people, and technologies, and define their scope and boundaries.
        • Careful attention should be paid to any elements of the strategy that are not in scope.
      3. Discuss and aggregate all responses as to what will be in scope of the security strategy and what will not be. Record these in the Information Security Requirements Gathering Tool.

      A screenshot of ‘Scope and Boundaries,’ part of the ‘Information Security Requirements Gathering Tool.’

      1.2 Conduct a risk assessment

      Estimated Time: 1-3 hours

      1. As a group, review the questions on the Risk Assessment tab of the Information Security Pressure Analysis Tool.
      2. Gather the required information from subject matter experts on the following risk elements:
        • Threats
        • Assets
        • Vulnerabilities (people, systems, supply chain)
        • Historical security incidents

      Input

      • List of organizational assets
      • Historical data on information security incidents

      Output

      • Completed risk assessment

      Materials

      • Information Security Pressure Analysis Tool

      Participants

      • Security Team
      • IT Leadership
      • Risk Management

      Download the Information Security Pressure Analysis Tool

      1.2.1 Complete the risk assessment questionnaire

      Estimated Time: 60-90 minutes

      1. Review each question in the questionnaire and provide the most appropriate response using the drop-down list.
        • If you are unsure of the answer, consult with subject matter experts to obtain the required data.
        • Otherwise, provide your best estimation
      2. When providing responses for the historical incident questions, only count incidents that had a sizeable impact on the business.

      A screenshot of the ‘Organizational Security Risk Assessment,’ part of the ‘Information Security Pressure Analysis Tool.’

      Info-Tech Insight

      Understanding your organization’s security risks is critical to identifying the most appropriate level of investment into your security program. Organizations with more security risks will need more a mature security program to mitigate those risks.

      1.2.2 Review the results of the risk assessment

      Estimated Time: 30 minutes

      1. Once you have completed the risk assessment, you can review the output on the Results tab.
      2. If required, the weightings of each of the risk elements can be customized on the Weightings tab.
      3. Once you have reviewed the results, copy your risk assessment diagram into the Information Security Strategy Communication Deck.

      A screenshot showing sample results of the ‘Organizational Risk Assessment,’ part of the ‘Information Security Pressure Analysis Tool.’

      It is important to remember that the assessment measures inherent risk, meaning the risk that exists prior to the implementation of security controls. Your security controls will be assessed later as part of the gap analysis.

      1.3 Conduct pressure analysis

      Estimated Time: 1-2 hours

      1. As a group, review the questions on the Pressure Analysis tab of the Information Security Pressure Analysis Tool.
      2. Gather the required information from subject matter experts on the following pressure elements:
        • Compliance and oversight
        • Customer expectations
        • Business expectations
        • IT expectations

      Input

      • Information on various pressure elements within the organization

      Output

      • Completed pressure analysis

      Materials

      • Information Security Pressure Analysis Tool

      Participants

      • Security Team
      • IT Leadership
      • Business Leaders
      • Compliance

      Download the Information Security Pressure Analysis Tool

      Risk tolerance considerations

      At this point, we want to frame risk tolerance in terms of business impact. Meaning, what kinds of impacts to the business would we be able to tolerate and how often? This will empower future risk decisions by allowing the impact of a potential event to be assessed, then compared against the formalized tolerance. We will consider impact from three perspectives:

      F

      Functional Impact

      The disruption or degradation of business/organizational processes.

      I

      Informational Impact

      The breach of confidentiality, privacy, or integrity of data/information.

      R

      Recoverability Impact

      The disruption or degradation of the ability to return to conditions prior to a security incident.

      Consider these questions:

      Questions to ask

      Description

      Is there a hard-dollar impact from downtime?

      This refers to when revenue or profits are directly impacted by a business disruption. For example, when an online ordering system is compromised and shut down, it affects sales, and therefore, revenue.

      Is regulatory compliance a factor?

      Depending on the circumstances of the vulnerabilities, it can be a violation of compliance obligations that would cause significant fines.

      Are any critical services dependent on this asset?

      Functional dependencies are sometimes not obvious, and assets that appear marginal can have huge impacts on critical services.

      Is there a health or safety risk?

      Some operations are critical to health and safety. For example, medical organizations have operations that are necessary to ensure uninterrupted critical health services. An exploited vulnerability that impacts these operations can have life and death consequences.

      ANALYST PERSPECTIVE

      It is crucial to keep in mind that you care about a risk scenario impact to the main business processes.

      For example, imagine a complete functional loss of the corporate printers. For most businesses, even the most catastrophic loss of printer function will have a small impact on their ability to carry out the main business functions.

      On the flip side, even a small interruption to email or servers could have a large functional impact on business processes.

      Risk tolerance descriptions

      High

      • Organizations with high risk tolerances are often found in industries with limited security risk, such as Construction, Agriculture and Fishing, or Mining.
      • A high risk tolerance may be appropriate for organizations that do not rely on highly sensitive data, have limited compliance obligations, and where their customers do not demand strong security controls. Organizations that are highly focused on innovation and rapid growth may also tend towards a higher risk tolerance.
      • However, many organizations adopt a high risk tolerance by default simply because they have not adequately assessed their risks.

      Moderate

      • Organizations with medium risk tolerances are often found in industries with moderate levels of security risk, such as Local Government, Education, or Retail and Wholesale
      • A medium risk tolerance may be appropriate for organizations that store and process some sensitive data, have a modest number of compliance obligations, and where customer expectations for security tend to be implicit rather than explicit.

      Low

      • Organizations with low risk tolerances are often found in industries with elevated security risk, such as Financial Services, Federal Governments, or Defense Contractors.
      • A low risk tolerance may be appropriate for organizations that store very sensitive data, process high-value financial transactions, are highly regulated, and where customers demand strong security controls.
      • Some organizations claim to have a low risk tolerance, but in practice will often allow business units or IT to accept more security risk than would otherwise be permissible. A strong information security program will be required to manage risks to an acceptable level.

      1.4.1 Complete the risk tolerance questionnaire

      Estimated Time: 30-60 minutes

      1. In a group discussion, review the low-, medium-, and high-impact scenarios and examples for each impact category. Ensure that everyone has a consistent understanding of the scenarios.
      2. For each impact type, use the frequency drop-down list to identify the maximum frequency that the organization could tolerate for the event scenarios, considering:
        • The current frequency with which the scenarios are occurring in your organization may be a good indication of your tolerance. However, keep in mind that you may be able to tolerate these incidents happening more frequently than they do.
        • Hoping is not the same as tolerating. While everyone hopes that high-impact incidents never occur, carefully consider whether you could tolerate them occurring more frequently.

      A screenshot showing the ‘Organizational Security Risk Tolerance Assessment,’ part of the ‘Information Security Pressure Analysis Tool.’

      1.4.2 Review the results of the risk tolerance analysis

      Estimated Time: 30 minutes

      1. Once you have completed the risk tolerance exercise, you can review the output on the Results tab.
      2. If required, the weightings of each of the impact types can be customized on the Weightings tab.
      3. Once you have reviewed the results, copy your risk tolerance diagram into the Information Security Strategy Communication Deck.

      A screenshot showing the results of the 'Information Security Risk Tolerance Assessment,' part of the ‘Information Security Pressure Analysis Tool.’

      A low risk tolerance will require a stronger information security program to ensure that operational security risk in the organization is minimized. If this tool reports that your risk tolerance is low, it is recommended that you review the results with your senior stakeholders to ensure agreement and support for the security program.

      1.5 Establish your target state

      Estimated Time: 30-60 minutes

      1. As a group, review the overall results of the requirements gathering exercise:
        • Business goals cascade
        • Compliance obligations
        • Scope
      2. Review the overall results of the risk assessment, pressure analysis, and risk tolerance exercises.
      3. Conduct a group discussion to arrive at a consensus of what the ideal target state for the information security program should look like.
        • Developing mission and vision statements for security may be useful for focusing the group.
        • This discussion should also consider the desired time frame for achieving the target state.

      Download the Information Security Pressure Analysis Tool

      Input

      • Information security requirements (goals cascade, compliance obligations, scope)
      • Risk assessment
      • Pressure analysis
      • Risk tolerance

      Output

      • Completed information security target state

      Materials

      Participants

      • Security Team
      • IT Leadership
      • Risk Management
      • Business Leaders
      • Compliance

      Understanding security target states

      Maturity models are very effective for determining information security target states. This table provides general descriptions for each maturity level. As a group, consider which description most accurately reflects the ideal target state for information security in your organization.

      1. AD HOC

        Initial/Ad hoc security programs are reactive. Lacking strategic vision, these programs are less effective and less responsive to the needs of the business.

      2. DEVELOPING

        Developing security programs can be effective at what they do but are not holistic. Governance is largely absent. These programs tend to rely on the talents of individuals rather than a cohesive plan.

      3. DEFINED

        A defined security program is holistic, documented, and proactive. At least some governance is in place, however, metrics are often rudimentary and operational in nature. These programs still often rely on best practices rather than strong risk management.

      4. MANAGED

        Managed security programs have robust governance and metrics processes. Management and board-level metrics for the overall program are produced. These are reviewed by business leaders and drive security decisions. More mature risk management practices take the place of best practices.

      5. OPTIMIZED

        An optimized security program is based on strong risk management practices, including the production of key risk indicators (KRIs). Individual security services are optimized using key performance indicators (KPIs) that continually measure service effectiveness and efficiency.

      1.5.1 Review the results of the target state recommendation

      Estimated Time: 30-60 minutes

      1. Based upon your risk assessment, pressure analysis, and risk tolerance, the Information Security Pressure Analysis Tool will provide a recommended information security target state.
      2. With your group, review the recommendation against your expectations.
      3. If required, the weightings of each of the factors can be customized on the Weightings tab.
      4. Once you have reviewed the results, copy your target state diagram into the Information Security Strategy Communication Deck.

      A screenshot showing the results of the ‘Information Security Target State,’ part of the ‘Information Security Pressure Analysis Tool.’

      Info-Tech Insight

      Higher target states require more investment to attain. It is critical to ensure that all key stakeholders agree on the security target state. If you set a target state that aims too high, you may struggle to gain support and funding for the strategy. Taking this opportunity to ensure alignment from the start will pay off dividends in future.

      1.5.2 Review and adjust risk and pressure weightings

      Estimated Time: 30 minutes

      1. If the results of your risk assessment, pressure analysis, risk tolerance, or target state do not match your expectations, you may need to review and adjust the weightings for the elements within one or more of these areas.
      2. On the Weightings tab, review each of the strategic categories and adjust the weights as required.
        • Each domain is weighted to contribute to your overall pressure score based on the perceived importance of the domain to the organization.
        • The sum of all weights for each category must add up to 100%.

      A screenshot showing the results of the weightings given to each factor in a category, part of the ‘Information Security Pressure Analysis Tool.’

      Case Study

      Credit Service Company

      Industry: Financial Services

      Source: Info-Tech Research group

      Below are some of the primary requirements that influenced CSC’s initial strategy development.

      External Pressure

      Pressure Level: High

      • Highly regulated industries, such as Finance, experience high external pressure.
      • Security pressure was anticipated to increase over the following three years due to an increase in customer requirement.

      Obligations

      Regulatory: Numerous regulations and compliance requirements as a financial institution (PCI, FFIEC guidance).

      Customer: Implicitly assumes personal, financial, and health information will be kept secure.

      Risk Tolerance

      Tolerance Level: Low

      1. Management: Are risk averse and have high visibility into information security.
      2. Multiple locations controlled by a central IT department decreased the organization’s risk tolerance.

      Summary of Security Requirements

      Define and implement dynamic information security program that understands and addresses the business’ inherent pressure, requirements (business, regulatory, and customer), and risk tolerance.

      Phase 2

      Build a Gap Initiative Strategy

        Phase 1

      • 1.1 Define goals & scope
      • 1.2 Assess risks
      • 1.3 Determine pressures
      • 1.4 Determine risk tolerance
      • 1.5 Establish target state

        Phase 2

      • 2.1 Review Info-Tech’s security framework
      • 2.2 Assess your current state
      • 2.3 Identify gap closure actions

        Phase 3

      • 3.1 Define tasks & initiatives
      • 3.2 Perform cost/benefit analysis
      • 3.3 Prioritize initiatives
      • 3.4 Build roadmap

        Phase 4

      • 4.1 Build communication deck
      • 4.2 Develop a security charter
      • 4.3 Execute on your roadmap

        This phase will walk you through the following activities:

      • 2.1 Review Info-Tech’s framework.
      • 2.2 Assess your current state of security against your target state.
      • 2.3 Identify actions required to close gaps.

      2.1 Review the Info-Tech framework

      Estimated Time: 30-60 minutes

      1. As a group, have the security team review the security framework within the Information Security Gap Analysis Tool.
      2. Customize the tool as required using the instructions on the following slides.

      Input

      • Information security requirements
      • Security target state

      Output

      • Customized security framework

      Materials

      • Information Security Gap Analysis Tool

      Participants

      • Security Team

      Download the Information Security Gap Analysis Tool

      Understand the Info-Tech framework

      Info-Tech’s security framework uses a best-of-breed approach to leverage and align with most major security standards, including:

      • ISO 27001/27002
      • COBIT
      • Center for Internet Security (CIS) Critical Controls
      • NIST Cybersecurity Framework
      • NIST SP 800-53
      • NIST SP 800-171

      A diagram depicting Info-Tech’s best-of-breed security framework.

      A best-of-breed approach ensures holistic coverage of your information security program while refraining from locking you in to a specific compliance standard.

      2.1.1 Configure the Information Security Gap Analysis Tool

      Estimated Time: 30 minutes

      Review the Setup tab of the Information Security Gap Analysis Tool. This tab contains several configurable settings that should be customized to your organization. For now, the three settings you will need to modify are:

      • The security target state. Enter the target state from your Information Security Pressure Analysis Tool. If you do not enter a target state, the tool will default to a target of 3 (Defined).
      • Your Security Alignment Goals (from your Information Security Requirements Gathering Tool).
      • The starting year for your security roadmap.

      A screenshot showing the ‘Setup’ tab of the ‘Information Security Gap Analysis Tool.’

      2.2 Assess current state of security

      Estimated Time: 8-16 hours

      1. Using the Information Security Gap Analysis Tool, review each of the controls in the Gap Analysis tab.
      2. Follow the instructions on the next slides to complete your current state and target state assessment.
      3. For most organizations, multiple internal subject matter experts will need to be consulted to complete the assessment.

      Input

      • Security target state
      • Information on current state of security controls, including sources such as audit findings, vulnerability and penetration test results, and risk registers

      Output

      • Gap analysis

      Materials

      • Information Security Gap Analysis Tool

      Participants

      • Security Team
      • Subject Matter Experts From IT, HR, Legal, Facilities, Compliance, Audit, Risk Management

      Download the Information Security Gap Analysis Tool

      Example maturity levels

      To help determine appropriate current and target maturity levels, refer to the example below for the control “Email communication is filtered for spam and potential malicious communications.”

      AD HOC 01

      There is no centrally managed spam filter. Spam may be filtered by endpoint email clients.

      DEVELOPING 02

      There is a secure email gateway. However, the processes for managing it are not documented. Administrator roles are not well defined. Minimal fine-tuning is performed, and only basic features are in use.

      DEFINED 03

      There is a policy and documented process for email security. Roles are assigned and administrators have adequate technical training. Most of the features of the solution are being used. Rudimentary reports are generated, and some fine-tuning is performed.

      MANAGED 04

      Metrics are produced to measure the effectiveness of the email security service. Advanced technical features of the solution have been implemented and are regularly fine-tuned based on the metrics.

      OPTIMIZED 05

      There is a dedicated email security administrator with advanced technical training. Custom filters are developed to further enhance security, based on relevant cyber threat intelligence. Email security metrics feed key risk indicators that are reported to senior management.

      2.2.1 Conduct current state assessment

      Estimated Time: 8-16 hours

      1. Carefully review each of the controls in the Gap Analysis tab. For each control, indicate the current maturity level using the drop-down list.
        • You should only use “N/A” if you are confident that the control is not required in your organization.
          • For example, if your organization does not perform any software development then you can select “N/A” for any controls related to secure coding practices.
      2. Provide comments to describe your current state. This step is optional but recommended as it may be important to record this information for future reference.
      3. Select the target maturity for the control. The tool will default to the target state for your security program, but this can be overridden using the drop-down list.

      2.2.1 Conduct current state assessment

      Estimated Time: 8-16 hours

      1. Carefully review each of the controls in the Gap Analysis tab. For each control, indicate the current maturity level using the drop-down list.
        • You should only use “N/A” if you are confident that the control is not required in your organization. For example, if your organization does not perform any software development then you can select “N/A” for any controls related to secure coding practices.
      2. Provide comments to describe your current state. This step is optional but recommended as it may be important to record this information for future reference.
      3. Select the target maturity for the control. The tool will default to the target state for your security program, but this can be overridden using the drop-down list.

      A screenshot showing the 'Gap Analysis' tab of the 'Information Security Gap Analysis Tool.'

      Review the Gap Analysis Dashboard

      Use the Gap Assessment Dashboard to map your progress. As you fill out the Gap Analysis Tool, check with the Dashboard to see the difference between your current and target state.

      Use the color-coded legend to see how large the gap between your current and target state is. The legend can be customized further if desired.

      Security domains that appear white have not yet been assessed or are rated as “N/A.”

      2.2.3 Identify actions required to close gaps

      Estimated Time: 4-8 hours

      1. Using the Information Security Gap Analysis Tool, review each of the controls in the Gap Analysis tab.
      2. Follow the instructions on the next slides to identify gap closure actions for each control that requires improvement.
      3. For most organizations, multiple internal subject matter experts will need to be consulted to complete the assessment.

      Input

      • Security control gap information

      Output

      • Gap closure action list

      Materials

      • Information Security Gap Analysis Tool

      Participants

      • Security Team
      • Subject Matter Experts From IT, HR, Legal, Facilities, Compliance, Audit, Risk Management

      Download the Information Security Gap Analysis Tool

      2.3.1 Identify gap closure actions

      Estimated Time: 4-8 hours

      1. For each of the controls where there is a gap between the current and target state, a gap closure action should be identified:
        • Review the example actions and copy one or more of them if appropriate. Otherwise, enter your own gap closure action.
      2. Identify whether the action should be managed as a task or as an initiative. Most actions should be categorized as an initiative. However, it may be more appropriate to categorize them as a task when:
        1. They have no costs associated with them
        2. They require a low amount of initial effort to implement and no ongoing effort to maintain
        3. They can be accomplished independently of other tasks

      A screenshot showing gap closure actions, part of the 'Gap Analysis' tab of the 'Information Security Gap Analysis Tool.'

      Considerations for gap closure actions

      • In small groups, have participants ask, “what would we have to do to achieve the target state?” Document these in the Gap Closure Actions column.
      • The example gap closure actions may be appropriate for your organization, but do not simply copy them without considering whether they are right for you.
      • Not all gaps will require their own action. You can enter one action that may address multiple gaps.
      • If you find that many of your actions are along the lines of “investigate and make recommendations,” you should consider using the estimated gap closure percentage column to track the fact that these gaps will not be fully closed by the actions.

      A screenshot showing considerations for gap closure actions, part of the 'Gap Analysis' tab of the 'Information Security Gap Analysis Tool.'

      2.3.2 Define gap closure action effectiveness

      Estimated Time: 1-2 hours

      For each of the gap closure actions, optionally enter an estimated gap closure percentage to indicate how effective the action will be in fully closing the gap.

      • For instance, an action to “investigate solutions and make recommendations” will not fully close the gap.
      • This is an optional step but will be helpful to understand how much progress towards your security target state you will make based on your roadmap.
      • If you do not fill in this column, the tool will assume that your actions will fully close all gaps.

      A screenshot showing considerations for estimated gap closure percentage, part of the 'Gap Analysis' tab of the 'Information Security Gap Analysis Tool.'

      Completing this step will populate the “Security Roadmap Progression” diagram in the Results tab, which will provide a graphic illustration of how close to your target state you will get based upon the roadmap.

      Phase 3

      Prioritize Initiatives and Build Roadmap

      Phase 1

      • 1.1 Define goals & scope
      • 1.2 Assess risks
      • 1.3 Determine pressures
      • 1.4 Determine risk tolerance
      • 1.5 Establish target state

      Phase 2

      • 2.1 Review Info-Tech’s security framework
      • 2.2 Assess your current state
      • 2.3 Identify gap closure actions

      Phase 3

      • 3.1 Define tasks & initiatives
      • 3.2 Perform cost/benefit analysis
      • 3.3 Prioritize initiatives
      • 3.4 Build roadmap

      Phase 4

      • 4.1 Build communication deck
      • 4.2 Develop a security charter
      • 4.3 Execute on your roadmap

      This phase will walk you through the following activities:

      • 3.1 Define tasks and initiatives.
      • 3.2 Define cost, effort, alignment, and security benefit of each initiative.
      • 3.3 Prioritize initiatives.
      • 3.4 Build the prioritized security roadmap

      3.1 Define tasks and initiatives

      Estimated Time: 2-4 hours

      1. As a group, review the gap actions identified in the Gap Analysis tab.
      2. Using the instructions on the following slides, finalize your task list.
      3. Using the instructions on the following slides, review and consolidate your initiative list.

      Input

      • Gap analysis

      Output

      • List of tasks and initiatives

      Materials

      • Information Security Gap Analysis Tool

      Participants

      • Security Team
      • Subject Matter Experts From IT, HR, Legal, Facilities, Compliance, Audit, Risk Management
      • Project Management Office

      Download the Information Security Gap Analysis Tool

      3.1.1 Finalize your task list

      Estimated Time: 1-2 hours

      1. Obtain a list of all your task actions by filtering on the Action Type column in the Gap Analysis tab.
      2. Paste the list into the table on the Task List tab.
        • Use Paste Values to retain the table formatting
      3. Enter a task owner and due date for each task. Without accountability, it is too easy to fall into complacency and neglect these tasks.

      A screenshot showing the 'Task List' tab of the 'Information Security Gap Analysis Tool.'

      Info-Tech Insight

      Tasks are not meant to be managed to the same degree that initiatives will be. However, they are still important. It is recommended that you develop a process for tracking these tasks to completion.

      3.1.2 Consolidate your gap closure actions into initiatives

      Estimated Time: 2-3 hours

      1. Once you have finalized your task list, you will need to consolidate your list of initiative actions. Obtain a list of all your initiative actions by filtering on the Action Type column in the Gap Analysis tab.
      2. Create initiatives on the Initiative List tab. While creating initiatives, consider the following:
        • As much as possible, it is recommended that you consolidate multiple actions into a single initiative. Reducing the total number of initiatives will allow for more efficient management of the overall roadmap.
        • Start by identifying areas of commonality between gap closure actions, for instance:
          • Group all actions within a security domain into a single initiative.
          • Group together similar actions, such as all actions that require updating policies.
          • Consider combining actions that have inter-dependencies.
        • While it is recommended that you consolidate actions as much as possible, some actions should become initiatives on their own. This will be appropriate when:
          • The action is time sensitive and consolidating it with other actions will cause scheduling issues.
          • Actions that could otherwise be consolidated have different business sponsors or owners and need to be kept separate for funding or accountability reasons.
      3. Link the initiative actions on the Gap Analysis tab using the drop-down list in the Initiative Name column.

      Initiative consolidation example

      In the example below, we see three gap closure actions within the Security Culture and Awareness domain being consolidated into a single initiative “Develop security awareness program.”

      We can also see one gap closure action within the same domain being grouped with two actions from the Security Policies domain into another initiative “Update security policies.”

      Info-Tech Insight

      As you go through this exercise, you may find that some actions that you previously categorized as tasks could be consolidated into an initiative.

      A screenshot showing how six sample gap closure actions can be distilled into two gap closure initiatives. Part of the 'Information Security Gap Analysis Tool.'

      3.1.3 Finalize your initiative list

      Estimated Time: 30 minutes

      1. Review your final list of initiatives and make any required updates.
      2. Optionally, add a description or paste in a list of the individual gap closure actions that are associated with the initiative. This will make it easier to perform the cost and benefit analysis.
      3. Use the drop-down list to indicate which of the security alignment goals most appropriately reflects the objectives of the initiative. If you are unsure, use the legend next to the table to find the primary security domain associated with the initiative and then select the recommended security alignment goal.
        • This step is important to understand how the initiative supports the business goals identified earlier.

      A screenshot showing the primary security alignment goal, part of the 'Initiative List' tab of the 'Information Security Gap Analysis Tool.'

      3.2 Conduct cost/ benefit analysis

      Estimated Time: 1-2 hours

      1. As a group, define the criteria to be used to conduct the cost/benefit analysis, following the instructions on the next slide.
      2. Assign costing and benefits information for each initiative.
      3. Define dependencies or business impacts if they will help with prioritization.

      Input

      • Gap analysis
      • Initiative list

      Output

      • Completed cost/benefit analysis for initiative list

      Materials

      • Information Security Gap Analysis Tool

      Participants

      • Security Team
      • Subject Matter Experts From IT, HR, Legal, Facilities, Compliance, Audit, Risk Management
      • Project Management Office

      Download the Information Security Gap Analysis Tool

      3.2.1 Define costing criteria

      Estimated Time: 30 minutes

      1. On the Setup tab of the Information Security Gap Analysis Tool, enter high, medium, and low ranges for initial and ongoing costs and efforts.
        1. Initial costs are one-time, upfront capital investments (e.g. hardware and software costs, project-based consulting fees, training).
        2. Ongoing cost is any annually recurring operating expenses that are new budgetary costs (e.g. licensing, maintenance, subscription fees).
        3. Initial staffing in hours is total time in person hours required to complete a project. It is not total elapsed time but dedicated time. Consider time required to gather requirements and to design, test, and implement the solution.
        4. Ongoing staffing in FTEs is the ongoing average effort required to support that initiative after implementation.
      2. In addition to ranges, provide an average for each. These will be used to calculate estimated total costs for the roadmap.

      A screenshot showing the initiative costs for estimation, part of the 'Setup' tab of the 'Information Security Gap Analysis Tool.' The range of costs is labeled with an arrow with number 1 on it, and the average cost per initiative is labeled with an arrow with number 2 on it.

      Make sure that your ranges allow for differentiation between initiatives to enable prioritization. For instance, if you set your ranges too low, all your initiatives will be assessed as high cost, providing no help when you must prioritize them.

      3.2.2 Define benefits criteria

      Estimated Time: 30 minutes

      1. On the Setup tab of the Information Security Gap Analysis Tool, enter high, medium, and low values for the Alignment with Business Benefit.
        • This variable is meant to capture how well each initiative aligns with organizational goals and objectives.
        • By default, this benefit is linked directly to business goals through the primary and secondary security alignment goals. This allows the tool to automatically calculate the benefit based on the security alignment goals associated with each initiative.
        • If you change these values, you may need to override the calculated values in the prioritization tab.
      2. Enter a high, medium, and low value for the Security Benefit.
        • This variable is meant to capture the relative security benefit or risk reduction being provided by the gap initiative.
        • By default, this benefit is linked to security risk reduction.

      A screenshot showing the initiative benefits for estimation, part of the 'Setup' tab of the 'Information Security Gap Analysis Tool.'

      Some organizations prefer to use the “Security Benefit” criteria to demonstrate how well each initiative supports specific compliance goals.

      3.2.3 Complete the cost/benefit analysis

      Estimated Time: 1-2 hours

      1. On the Prioritization tab, use the drop-down lists to enter the estimated costs and efforts for each initiative, using the criteria defined earlier.
        • If you have actual costs available, you can optionally enter them under the Detailed Cost Estimates columns.
      2. Enter the estimated benefits, also using the criteria defined earlier.
        • The Alignment with Business benefit will be automatically populated, but you can override this value using the drop-down list if desired.

      A screenshot showing the estimated cost, estimated effort, and estimated benefits section, part of the 'Prioritization' tab of the 'Information Security Gap Analysis Tool.' Estimated cost and estimated effort are labeled with an arrow with number 1 on it, and estimated benefits is labeled with an arrow with a number 2 on it.

      3.2.4 Optionally enter detailed cost estimates

      Estimated Time: 30 minutes

      1. For each initiative, the tool will automatically populate the Detailed Cost Estimates and Detailed Staffing Estimates columns using the averages that you provided in steps 3.2.1 and 3.2.2. However, if you have more detailed data about the costs and effort requirements for an initiative, you can override the calculated data by manually entering it into these columns. For example:
        • You are planning to subscribe to a security awareness vendor, and you have a quote from them specifying that the initial cost will be $75,000.
        • You have defined your “Medium” cost range as being “$10-100K”, so you select medium as your initial cost for this initiative in step 3.2.3. As you defined the average for medium costs as being $50,000, this is what the tool will put into the detailed cost estimate.
        • You can override this average by entering $75,000 as the initial cost in the detailed cost estimate column.

      A screenshot showing the detailed cost estimates and detailed staffing estimates columns, part of the 'Prioritization' tab of the 'Information Security Gap Analysis Tool.' These columns are labeled with an arrow with a number 1 on it.

      Case Study

      Credit Service Company

      Industry: Financial Services

      Source: Info-Tech Research Group

      A chart titled 'Framework Components,' displaying how the Credit Service Company profiled in the case study performed a current state assessment, created gap initiatives, and prioritized gap initiatives.

      3.3 Prioritize initiatives

      Estimated Time: 2-3 hours

      1. As a group, review the results of the cost/benefit analysis. Optionally, complete the Other Considerations columns in the Prioritization tab:
        • Dependencies can refer to other initiatives on the list or any other dependency that relates to activities or projects within the organization.
        • Business impacts can be helpful to document as they may require additional planning and communication that could impact initiative timelines.
      2. Follow step 3.3.1 to create an effort map with the results of the cost/benefit analysis.
      3. Follow step 3.3.2 to assign initiatives into execution waves.

      Input

      • Gap analysis
      • Initiative list
      • Cost/benefit analysis

      Output

      • Prioritized list of initiatives

      Materials

      • Information Security Gap Analysis Tool
      • Whiteboard

      Participants

      • Security Team
      • IT Leadership
      • Project Management Office

      Download the Information Security Gap Analysis Tool

      3.3.1 Create effort map

      Estimated Time: 30 minutes

      1. On a whiteboard, draw the quadrant diagram shown.
      2. Create sticky notes for each initiative on your initiative list.
      3. For each initiative, use the “Cost/Effort Rating” and the “Benefit Rating” calculated on the Prioritization tab to place the corresponding sticky note onto the diagram.

      An effort map is a tool used for the visualization of a cost/benefit analysis. It is a quadrant output that visually shows how your gap initiatives were prioritized. In this example, the initiative “Update Security Policies” was assessed as low cost/effort (3) and high benefit (10).

      An image showing how 'update security policies,' as ranked on a cost/effort and benefit quadrant, translates to a cost/effort and benefit rating on the 'Prioritization' tab of the 'Information Security Gap Analysis Tool.'

      3.3.2 Assign initiatives to execution waves

      Estimated Time: 60 minutes

      1. Using sticky flip chart sheets, create four sheets and label them according to the four execution waves:
        • MUST DO – These are initiatives that need to get moving right away. They may be quick wins, items with critical importance, or foundational projects upon which many other initiatives depend.
        • SHOULD DO – These are important initiatives that need to get done but cannot launch immediately due to budget constraints, dependencies, or business impacts that require preparation.
        • COULD DO – Initiatives that have merit but are not a priority.
        • WON’T DO – Initiatives where the costs outweigh the benefits.
      2. Using the further instructions on the following slides, move the initiative sticky notes from your effort map into the waves.

      Considerations for prioritization

      • Starting from the top right of the effort map, begin pulling stickies off and putting them in the appropriate roadmap category.
      • Keep dependencies in mind. If an important initiative depends on a low-priority one being completed first, then pull dependent initiatives up the list.
      • It may be helpful to think of each wave as representing a specific time frame (e.g. wave 1 = first year of your roadmap, wave 2 = year two, wave 3 = year three).

      Info-Tech Insight

      Use an iterative approach. Most organizations tend to put too many initiatives into wave 1. Be realistic about what you can accomplish and take several passes at the exercise to achieve a balance.

      An image showing how to map the sticky notes from a sample exercise, as placed on a cost/effort and benefit quadrant, into waves.

      3.3.3 Finalize prioritization

      Estimated Time: 30 minutes

      1. Once you have completed placing your initiative sticky notes into the waves, update the Prioritization tab with the Roadmap Wave column.
      2. Optionally, use the Roadmap Sub-Wave column to prioritize initiatives within a single wave.
        • This will allow you more granular control over the final prioritization, especially where dependencies require extra granularity.

      Any initiatives that are currently in progress should be assigned to Wave 0.

      An image showing the roadmap wave and roadmap sub-wave sections, part of the 'Prioritization' tab of the 'Information Security Gap Analysis Tool.' Roadmap wave is labeled with an arrow with a number 1 on it, and roadmap sub-wave is labeled with an arrow with a number 2 on it.

      3.4 Build roadmap

      Estimated Time: 1-3 hours

      1. As a group, follow step 3.4.1 to create your roadmap by scheduling initiatives into the Gantt chart within the Information Security Gap Analysis Tool.
      2. Review the roadmap for resourcing conflicts and adjust as required.
      3. Review the final cost and effort estimates for the roadmap.

      Input

      • Gap analysis
      • Cost/benefit analysis
      • Prioritized initiative list
      • (Optional) List of other non-security IT and business projects

      Output

      • Security strategic roadmap

      Materials

      • Information Security Gap Analysis Tool

      Participants

      • Security Team
      • IT Leadership
      • Project Management Office

      Download the Information Security Gap Analysis Tool

      3.4.1 Schedule initiatives using the Gantt chart

      Estimated Time: 1-2 Hours

      1. On the Gantt Chart tab for each initiative, enter an owner (the individual who will be primarily responsible for execution).
      2. Additionally, enter a start month and year for the initiative and the expected duration in months.
        • You can filter the Wave column to only see specific waves at any one time to assist with the scheduling.
        • You do not need to schedule Wave 4 initiatives as the expectation is that these initiatives will not be done.

      Info-Tech Insight

      Use the Owner column to help identify resourcing constraints. If a single individual is responsible for many different initiatives that are planned to start at the same time, consider staggering those initiatives.

      An image showing the owner and planned start sections, part of the 'Security Roadmap Gantt Chart' tab of the 'Information Security Gap Analysis Tool.' The owner column is labeled with an arrow with a 1 on it, and the planned start column is labeled with an arrow with a 2 on it.

      3.4.2 Review your roadmap

      Estimated Time: 30-60 minutes

      1. When you have completed the Gantt chart, as a group review the overall roadmap to ensure that it is reasonable for your organization. Consider the following:
        • Do you have other IT or business projects planned during this time frame that may impact your resourcing or scheduling?
        • Does your organization have regular change freezes throughout the year that will impact the schedule?
        • Do you have over-subscribed resources? You can filter the list on the Owner column to identify potential over-subscription of resources.
        • Have you considered any long vacations, sabbaticals, parental leaves, or other planned longer-term absences?
        • Are your initiatives adequately aligned to your budget cycle? For instance, if you have an initiative that is expected to make recommendations for capital expenditure, it must be completed prior to budget planning.

      A screenshot image showing parts of the 'Security Roadmap Gantt Chart' tab with sample data in it. Taken from the 'Information Security Gap Analysis Tool.'

      3.4.3 Review your expected roadmap progression

      Estimated Time: 30 minutes

      1. If you complete the optional exercise of filling in the Estimated Gap Closure Percentage column on the Gap Analysis tab, the tool will generate a diagram showing how close to your target state you can expect to get based on the tasks and initiatives in your roadmap. You can review this diagram on the Results tab.
        • Remember that this Expected Maturity at End of Roadmap score assumes that you will complete all tasks and initiatives (including all Wave 4 initiatives).
      2. Copy the diagram into the Information Security Strategy Communication Deck.

      Info-Tech Insight

      Often, internal stakeholders will ask the question “If we do everything on this roadmap, will we be at our target state?” This diagram will help answer that question.

      A screenshot image showing the 'Expected Security Roadmap Progression' with sample data in it. Part of the 'Results' tab of the 'Information Security Gap Analysis Tool.'

      3.4.4 Review your cost/effort estimates table

      Estimated Time: 30 minutes

      1. Once you have completed your roadmap, review the total cost/effort estimates. This can be found in a table on the Results tab. This table will provide initial and ongoing costs and staffing requirements for each wave. This also includes the total three-year investment. In your review consider:
        • Is this investment realistic? Will completion of your roadmap require adding more staff or funding than you otherwise expected?
        • If the investment seems unrealistic, you may need to revisit some of your assumptions, potentially reducing target levels or increasing the amount of time to complete the strategy.
        • This table provides you with the information to have important conversations with management and stakeholders
      2. When you have completed your review, copy the table into the Information Security Strategy Communication Deck.

      A screenshot image showing the 'Information Security Roadmap Cost/Effort Estimates,' part of the 'Results' tab of the 'Information Security Gap Analysis Tool.'

      Phase 4

      Execute and Maintain

      Phase 1

      • 1.1 Define goals & scope
      • 1.2 Assess risks
      • 1.3 Determine pressures
      • 1.4 Determine risk tolerance
      • 1.5 Establish target state

      Phase 2

      • 2.1 Review Info-Tech’s security framework
      • 2.2 Assess your current state
      • 2.3 Identify gap closure actions

      Phase 3

      • 3.1 Define tasks & initiatives
      • 3.2 Perform cost/benefit analysis
      • 3.3 Prioritize initiatives
      • 3.4 Build roadmap

      Phase 4

      • 4.1 Build communication deck
      • 4.2 Develop a security charter
      • 4.3 Execute on your roadmap

      This phase will walk you through the following activities:

      • 4.1 Build your security strategy communication deck.
      • 4.2 Develop a security charter.
      • 4.3 Execute on your roadmap.

      4.1 Build your communication deck

      Estimated Time: 1-3 hours

      1. As a group, review the Information Security Strategy Communication Deck.
      2. Follow the instructions within the template and on the next few slides to customize the template with the results of your strategic roadmap planning.

      Input

      • Completed Security Requirements Gathering Tool
      • Completed Security Pressure Analysis Tool
      • Completed Security Gap Analysis Tool

      Output

      • Information Security Strategy Communication Deck

      Materials

      • Information Security Strategy Communication Deck

      Participants

      • Security Team
      • IT Leadership

      Download the Information Security Gap Analysis Tool

      4.1.1 Customize the Communication Deck

      Estimated Time: 1-2 hours

      1. When reviewing the Information Security Strategy Communication Deck, you will find slides that contain instructions within green text boxes. Follow the instructions within the boxes, then delete the boxes.
        • Most slides only require that you copy and paste screenshots or tables from your tools into the slides.
        • However, some slides require that you customize or add text explanations that need to reflect your unique organization.
        • It is recommended that you pay attention to the Next Steps slide at the end of the deck. This will likely have a large impact on your audience.
      2. Once you have customized the existing slides, you may wish to add additional slides. For instance, you may wish to add more context to the risk assessment or pressure analysis diagrams or provide details on high-priority initiatives.

      An image showing the 'Business Goals Cascade,' part of the 'Information Security Strategy Communication Deck.' A green box on top of the screenshot instructs you to 'Paste your goals cascade from the Information Security Requirements Gathering Tool here.'

      Consider developing multiple versions of the deck for different audiences. Senior management may only want an executive summary, whereas the CIO may be more interested in the methodology used to develop the strategy.

      Communication considerations

      Developing an information security strategy is only half the job. For the strategy to be successful, you will need to garner support from key internal stakeholders. These may include the CIO, senior executives, and business leaders. Without their support, your strategy may never get the traction it needs. When building your communication deck and planning to present to these stakeholders, consider the following:

      • Gaining support from stakeholders requires understanding their needs. Before presenting to a new audience, carefully consider their priorities and tailor your presentation to address them.
      • Use the communication deck to clarify the business context and how your initiatives that will support business goals.
      • When presenting to senior stakeholders, anticipate what questions they might ask and be sure to prepare answers in advance. Always be prepared to speak to any data point within the deck.
      • If you are going to present your strategy to a group and you anticipate that one or more members of that group may be antagonistic, seek out an opportunity to speak to them before the meeting and address their concerns one on one.

      If you have already fully engaged your key stakeholders through the requirements gathering exercises, presenting the strategy will be significantly easier. The stakeholders will have already bought in to the business goals, allowing you to show how the security strategy supports those goals.

      Info-Tech Insight

      Reinforce the concept that a security strategy is an effort to enable the organization to achieve its core mission and goals and to protect the business only to the degree that the business demands. It is important that stakeholders understand this point.

      4.2 Develop a security charter

      Estimated Time: 1-3 hours

      1. As a group, review the Information Security Charter.
      2. Customize the template as required to reflect your information security program. It may include elements such as:
        • A mission and vision statement for information security in your organization
        • The objectives and scope of the security program
        • A description of the security principles upon which your program is built
        • High-level roles and responsibilities for information security within the organization

      Input

      • Completed Security Requirements Gathering Tool
      • Completed Security Pressure Analysis Tool
      • Completed Security Gap Analysis Tool

      Output

      • Information security charter

      Materials

      • Information Security Charter

      Participants

      • Security Team

      Download the Information Security Gap Analysis Tool

      4.2.1 Customize the Information Security Charter

      Estimated Time: 1-3 hours

      1. Involve the stakeholders that were present during Phase 1 activities to allow you to build a charter that is truly reflective of your organization.
      2. The purpose of the security charter is too:
        • Establish a mandate for information security within the organization.
        • Communicate executive commitment to risk and information security management.
        • Outline high-level responsibilities for information security within the organization.
        • Establish awareness of information security within the organization.

      A screenshot of the introduction of the 'Information Security Charter' template.

      A security charter is a formalized and defined way to document the scope and purpose of your security program. It will define security governance and allow it to operate efficiently through your mission and vision.

      4.3 Execute on your roadmap

      1. Executing on your information security roadmap will require coordinated effort by multiple teams within your organization. To ensure success, consider the following recommendations:
        1. If you have a project management office, leverage them to help apply formal project management methodologies to your initiatives.
        2. Develop a process to track the tasks on your strategy task list. Because these will not be managed as formal initiatives, it will be easy to lose track of them.
        3. Develop a schedule for regular reporting of progress on the roadmap to senior management. This will help hold yourself and others accountable for moving the project forward.
      2. Plan to review and update the strategy and roadmap on a regular basis. You may need to add, change, or remove initiatives as priorities shift.

      Input

      • Completed Security Gap Analysis Tool

      Output

      • Execution of your strategy and roadmap

      Materials

      • Information Security Gap Analysis Tool
      • Project management tools as required

      Participants

      • Security Team
      • Project Management Office
      • IT and Corporate Teams, as required

      Info-Tech Insight

      Info-Tech has many resources that can help you quickly and effectively implement most of your initiatives. Talk to your account manager to learn more about how we can help your strategy succeed.

      Summary of Accomplishment

      Knowledge Gained

      • Knowledge of organizational pressures and the drivers behind them
      • Insight into stakeholder goals and obligations
      • A defined security risk tolerance information and baseline
      • Comprehensive knowledge of security current state and summary initiatives required to achieve security objectives

      Deliverables Completed

      If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

      Contact your account representative for more information.

      workshops@infotech.com
      1-888-670-8889

      Additional Support

      If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

      To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.

      Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.

      The following are sample activities that will be conducted by Info-Tech analysts with your team:

      Information Security Program Gap Analysis Tool

      Use our best-of-breed security framework to perform a gap analysis between your current and target states.

      Information Security Requirements Gathering Tool

      Define the business, customer, and compliance alignment for your security program.

      Related Info-Tech Research

      Develop a Security Operations Strategy

      A unified security operations process actively transforms security events and threat information into actionable intelligence, driving security prevention, detection, analysis, and response processes, addressing the increasing sophistication of cyberthreats, and guiding continuous improvement.

      This blueprint will walk through the steps of developing a flexible and systematic security operations program relevant to your organization.

      Implement a Security Governance and Management Program

      Your security governance and management program needs to be aligned with business goals to be effective.

      This approach also helps to provide a starting point to develop a realistic governance and management program.

      This project will guide you through the process of implementing and monitoring a security governance and management program that prioritizes security while keeping costs to a minimum.

      Align Your Security Controls to Industry Frameworks for Compliance

      Don’t reinvent the wheel by reassessing your security program using a new framework.

      Instead, use the tools in this blueprint to align your current assessment outcomes to required standards.

      Bibliography

      “2015 Cost of Data Breach Study: United States.” Sponsored by IBM. Ponemon Institute, May 2015. Web.

      “2016 Cost of Cyber Crime Study & the Risk of Business Innovation.” Ponemon Institute, Oct. 2016. Web. 25 Oct. 2016.

      “2016 Cost of Data Breach Study: Global Analysis.” Ponemon Institute, June 2016. Web. 26 Oct. 2016.

      “2016 Data Breach Investigations Report.” Verizon, 2016. Web. 25 Oct. 2016.

      “2016 NowSecure Mobile Security Report.” NowSecure, 2016. Web. 5 Nov. 2016.

      “2017 Cost of Cyber Crime Study.” Ponemon Institute, Oct. 2017. Web.

      “2018 Cost of Data Breach Study: Global Overview.” Ponemon Institute, July 2018. Web.

      “2018 Data Breach Investigations Report.” Verizon, 2018. Web. Oct. 2019.

      “2018 Global State of Information Security Survey.” CSO, 2017. Web.

      “2018 Thales Data Threat Report.” Thales eSecurity, 2018. Web.

      “2019 Data Breach Investigations Report.” Verizon, 2020. Web. Feb. 2020.

      “2019 Global Cost of a Data Breach Study.” Ponemon Institute, Feb. 2020. Web.

      “2019 The Cost of Cyber Crime Study.” Accenture, 2019. Web Jan 2020.

      “2020 Thales Data Threat Report Global Edition.” Thales eSecurity, 2020. Web. Mar. 2020.

      Ben Salem, Malek. “The Cyber Security Leap: From Laggard to Leader.” Accenture, 2015. Web. 20 Oct. 2016.

      “Cisco 2017 Annual Cybersecurity Report.” Cisco, Jan. 2017. Web. 3 Jan. 2017.

      “Cyber Attack – How Much Will You Lose?” Hewlett Packard Enterprise, Oct. 2016. Web. 3 Jan. 2017.

      “Cyber Crime – A Risk You Can Manage.” Hewlett Packard Enterprise, 2016. Web. 3 Jan. 2017.

      “Global IT Security Risks Survey.” Kaspersky Lab, 2015. Web. 20 October 2016.

      “How Much Is the Data on Your Mobile Device Worth?” Ponemon Institute, Jan. 2016. Web. 25 Oct. 2016.

      “Insider Threat 2018 Report.” CA Technologies, 2018. Web.

      “Kaspersky Lab Announces the First 2016 Consumer Cybersecurity Index.” Press Release. Kaspersky Lab, 8 Sept. 2016. Web. 3 Jan. 2017.

      “Kaspersky Lab Survey Reveals: Cyberattacks Now Cost Large Businesses an Average of $861,000.” Press Release. Kaspersky Lab, 13 Sept. 2016. Web. 20 Oct. 2016.

      “Kaspersky Security Bulletin 2016.” Kaspersky Lab, 2016. Web. 25 Oct. 2016.

      “Managing Cyber Risks in an Interconnected World: Key Findings From the Global State of Information Security Survey 2015.” PwC, 30 Sept. 2014. Web.

      “Measuring Financial Impact of IT Security on Business.” Kaspersky Lab, 2016. Web. 25 Oct. 2016.

      “Ponemon Institute Releases New Study on How Organizations Can Leapfrog to a Stronger Cyber Security Posture.” Ponemon Institute, 10 Apr. 2015. Web. 20 Oct. 2016.

      “Predictions for 2017: ‘Indicators of Compromise’ Are Dead.” Kaspersky Lab, 2016. Web. 4 Jan. 2017.

      “Take a Security Leap Forward.” Accenture, 2015. Web. 20 Oct. 2016.

      “Trends 2016: (In)security Everywhere.” ESET Research Laboratories, 2016. Web. 25 Oct. 2016.

      Research Contributors

      • Peter Clay, Zeneth Tech Partners, Principal
      • Ken Towne, Zeneth Tech Partners, Security Architect
      • Luciano Siqueria, Road Track, IT Security Manager
      • David Rahbany, The Hain Celestial Group, Director IT Infrastructure
      • Rick Vadgama, Cimpress, Head of Information Privacy and Security
      • Doug Salah, Wabtec Corp, Manager of Information Security and IT Audit
      • Peter Odegard, Children’s Hospitals and Clinics, Information Security Officer
      • Trevor Butler, City of Lethbridge, Information Technology General Manager
      • Shane Callahan, Tractor Supply, Director of Information Security
      • Jeff Zalusky, Chrysalis, President/CEO
      • Candy Alexander, Independent Consultant, Cybersecurity and Information Security Executive
      • Dan Humbert, YMCA of Central Florida, Director of Information Technology
      • Ron Kirkland, Crawford & Co, Manager ICT Security & Customer Service
      • Jason Bevis – FireEye, Senior Director Orchestration Product Management - Office of the CTO
      • Joan Middleton, Village of Mount Prospect, IT Director
      • Jim Burns, Great America Financial Services, Vice President Information Technology
      • Ryan Breed, Hudson’s Bay, Information Security Analyst
      • James Fielder, Farm Credit Services – Central Illinois, Vice President of Information Systems

      Integrate IT Risk Into Enterprise Risk

      • Buy Link or Shortcode: {j2store}195|cart{/j2store}
      • member rating overall impact: 10.0/10 Overall Impact
      • member rating average dollars saved: $12,599 Average $ Saved
      • member rating average days saved: 2 Average Days Saved
      • Parent Category Name: IT Governance, Risk & Compliance
      • Parent Category Link: /it-governance-risk-and-compliance
      • IT risks, when considered, are identified and classified separately from the enterprise-wide perspective.
      • IT is expected to own risks over which they have no authority or oversight.
      • Poor behaviors, such as only considering IT risks when conducting compliance or project due diligence, have been normalized.

      Our Advice

      Critical Insight

      • Stop avoiding risk – integrate it. This provides a holistic view of uncertainty for the organization to drive innovative new approaches to optimize the organization’s ability to respond to risk.

      Impact and Result

      • Understand gaps in the organization’s current approach to risk management practices.
      • Establish a standardized approach for how IT risks impact the enterprise as a whole.
      • Drive a risk-aware organization toward innovation and consider alternative options for how to move forward.
      • Integrate IT risks into the foundational risk practice.

      Integrate IT Risk Into Enterprise Risk Research & Tools

      Integrated Risk Management Capstone – A framework for how IT risks can be integrated into your organization’s enterprise risk management program to enable strategic risk-informed decisions.

      This is a capstone blueprint highlighting the benefits of an integrated risk management program that uses risk information and data to inform strategic decision making. Throughout this research you will gain insight into the five core elements of integrating risk through assessing, governing, defining the program, defining the process, and implementing.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      • Integrate IT Risk Into Enterprise Risk Capstone
      • Integrated Risk Maturity Assessment
      • Risk Register Tool

      Infographic

      Further reading

      Integrate IT Risk Into Enterprise Risk

      Don’t fear IT risks, integrate them.

      EXECUTIVE BRIEF

      Analyst Perspective

      Having siloed risks is risky business for any enterprise.

      Photo of Valence Howden, Principal Research Director, CIO Practice.
      Valence Howden
      Principal Research Director, CIO Practice       		Photo of Petar Hristov Research Director, Security, Privacy, Risk & Compliance.
      Petar Hristov
      Research Director, Security, Privacy, Risk & Compliance       		Photo of Ian Mulholland Research Director, Security, Risk & Compliance.
      Ian Mulholland
      Research Director, Security, Risk & Compliance       		Photo of Brittany Lutes, Senior Research Analyst, CIO Practice.
      Brittany Lutes
      Senior Research Analyst, CIO Practice       		Photo of Ibrahim Abdel-Kader, Research Analyst, CIO Practice
      Ibrahim Abdel-Kader
      Research Analyst, CIO Practice

      Every organization has a threshold for risk that should not be exceeded, whether that threshold is defined or not.

      In the age of digital, information and technology will undoubtedly continue to expand beyond the confines of the IT department. As such, different areas of the organization cannot address these risks in silos. A siloed approach will produce different ways of identifying, assessing, responding to, and reporting on risk events. Integrated risk management is about embedding IT uncertainty to inform good decision making across the organization.

      When risk is integrated into the organization's enterprise risk management program, it enables a single view of all risks and the potential impact of each risk event. More importantly, it provides a consistent view of the risk event in relation to uncertainty that might have once been seemingly unrelated to IT.

      And all this can be achieved while remaining within the enterprise’s clearly defined risk appetite.

      Executive Summary

      Your Challenge

      Most organizations fail to integrate IT risks into enterprise risks:

      • IT risks, when considered, are identified and classified separately from the enterprise-wide perspective.
      • IT is expected to own risks over which they have no authority or oversight.
      • Poor behaviors, such as only considering IT risks when conducting compliance or project due diligence, have been normalized.

      Common Obstacles

      IT leaders have to overcome these obstacles when it comes to integrating risk:

      • Making business leaders aware of, involved in, and able to respond to all enterprise risks.
      • A lack of data or information being used to support a holistic risk management process.
      • A low level of enterprise risk maturity.
      • A lack of risk management capabilities.

      Info-Tech’s Approach

      By leveraging the Info-Tech Integrated Risk approach, your business can better address and embed risk by:

      • Understanding gaps in the organization’s current approach to risk management practices.
      • Establishing a standardized approach for how IT risks impact the enterprise as a whole.
      • Driving a risk-aware organization toward innovation and considering alternative options for how to move forward.
      • Helping integrate IT risks into the foundational risk practice.

      Info-Tech Insight

      Stop avoiding risk – integrate it. This provides a holistic view of uncertainty for the organization to drive innovative new approaches to optimize its ability to respond to risk.

      What is integrated risk management?

      • Integrated risk management is the process of ensuring all forms of risk information, including information and technology, are considered and included in the enterprise’s risk management strategy.
      • It removes the siloed approach to classifying risks related to specific departments or areas of the organization, recognizing that each of those risks is a threat to the overarching enterprise.
      • Aggregating the different threats or uncertainty that might exist within an organization allows for informed decisions to be made that align to strategic goals and continue to drive value back to the business.
      • By holistically considering the different risks, the organization can make informed decisions on the best course of action that will reduce any negative impacts associated with the uncertainty and increase the overall value.

      Enterprise Risk Management (ERM)

      • IT
      • Security
      • Digital
      • Vendor/Third Party
      • Other

      Enterprise risk management is the practice of identifying and addressing risks to your organization and using risk information to drive better decisions and better opportunities.

      IT risk is enterprise risk

      Multiple types of risk, 'Finance', 'IT', 'People', and 'Digital', funneling into 'ENTERPRISE RISKS'. IT risks have a direct and often aggregated impact on enterprise risks and opportunities in the same way other business risks can. This relationship must be understood and addressed through integrated risk management to ensure a consistent approach to risk.

      Your challenge

      Embedding IT risks into the enterprise risk management program is challenging because:

      • Most organizations classify risks based on the departments or areas of the business where the uncertainty is likely to happen.
      • Unnecessary expectations are placed on the IT department to own risks over which they have no authority or oversight.
      • Risks are often only identified when conducting due diligence for a project or ensuring compliance with regulations and standards.

      Risk-mature organizations have a unique benefit in that they often have established an overarching governance framework and embedded risk awareness into the culture.

      35% — Only 35% of organizations had embraced ERM in 2020. (Source: AICPA and NC State Poole College of Management)

      12% — Only 12% of organizations are leveraging risk as a tool to their strategic advantage. (Source: AICPA and NC State Poole College of Management)

      Common obstacles

      These barriers make integrating IT risks difficult to address for many organizations:

      • IT risks are not seen as enterprise risks.
      • The organization’s culture toward risk is not defined.
      • The organization’s appetite and threshold for risk are not defined.
      • Each area of the organization has a different method of identifying, assessing, and responding to risk events.
      • Access to reliable and informative data to support risk management is difficult to obtain.
      • Leadership does not see the business value of integrating risk into a single management program.
      • The organization’s attitudes and behaviors toward risk contradict the desired and defined risk culture.
      • Skills, training, and resources to support risk management are lacking, let alone those to support integrated risk management.

      Integrating risks has its challenges

      62% — Accessing and disseminating information is the main challenge for 62% of organizations maturing their organizational risk management. (Source: OECD)

      20-28% — Organizations with access to machine learning and analytics to address future risk events have 20 to 28% more satisfaction. (Source: Accenture)

      Integrate Risk and Use It to Your Advantage

      Accelerate and optimize your organization by leveraging meaningful risk data to make intelligent enterprise risk decisions.

      Risk management is more than checking an audit box or demonstrating project due diligence.

      Risk Drivers
      • Audit & compliance
      • Preserve value & avoid loss
      • Previous risk impact driver
      • Major transformation
      • Strategic opportunities
      		 Arrow pointing right. Only 7% of organizations are in a “leading” or “aspirational” level of risk maturity. (OECD, 2021) 63% of organizations struggle when it comes to defining their appetite toward strategy related risks. (“Global Risk Management Survey,” Deloitte, 2021) Late adopters of risk management were 70% more likely to use instinct over data or facts to inform an efficient process. (Clear Risk, 2020) 55% of organizations have little to no training on ERM to properly implement such practices. (AICPA, NC State Poole College of Management, 2021)
      1. Assess Enterprise Risk Maturity 3. Build a Risk Management Program Plan 4. Establish Risk Management Processes 5. Implement a Risk Management Program
      2. Determine Authority with Governance
      Unfortunately, less than 50% of those in risk focused roles are also in a governance role where they have the authority to provide risk oversight. (Governance Institute of Australia, 2020)
      IT can improve the maturity of the organization’s risk governance and help identify risk owners who have authority and accountability.

      Governance and related decision making is optimized with integrated and aligned risk data.

      		List of 'Integrated Risk Maturity Categories': '1. Context & Strategic Direction', '2. Risk Culture and Authority', '3. Risk Management Process', and '4. Risk Program Optimization'. The five types of a risk in Enterprise Risk Management.

      ERM incorporates the different types of risk, including IT, security, digital, vendor, and other risk types.

      The program plan is meant to consider all the major risk types in a unified approach.

      		The 'Risk Process' cycle starting with '1. Identify', '2. Assess', '3. Respond', '4. Monitor', '5. Report', and back to the beginning. Implementation of an integrated risk management program requires ongoing access to risk data by those with decision making authority who can take action.

      Integrated Risk Mapping — Downside Risk Focus

      A diagram titled 'Risk and Controls' beginning with 'Possible Sources' and a list of sources, 'Control Activities' to prevent, the 'RISK EVENT', 'Recovery Activities' to recover, and 'Possible Repercussions' with a list of ramifications.

      Integrated Risk Mapping — Downside and Upside Risk

      Third-Party Risk Example

      Example of a third-party risk mapped onto the diagram on the previous slide, but with potential upsides mapped out as well. The central risk event is 'Vendor exposes private customer data'. Possible Sources of the downside are 'External Attack' with likelihood prevention method 'Define security standard requirements for vendor assessment' and 'Exfiltration of data through fourth-party staff' with likelihood prevention method 'Ensure data is properly classified'. Possible Sources of the upside are 'Application rationalization' with likelihood optimization method 'Reduce number of applications in environment' and 'Review vendor assessment practices' with likelihood optimization method 'Improve vendor onboarding'. Possible Repercussions on the downside are 'Organization unable to operate in jurisdiction' with impact minimization method 'Engage in-house risk mitigation responses' and 'Fines levied against organization' with impact minimization method 'Report incident to any regulators'. Possible Repercussions on the upside are 'Easier vendor integration and management' with impact utilization method 'Improved vendor onboarding practices' and 'Able to bid on contracts with these requirements' with impact utilization method 'Vendors must provide attestations (e.g. SOC or CMMC)'.

      Insight Summary

      Overarching insight

      Stop fearing risk – integrate it. Integration leads to opportunities for organizations to embrace innovation and new digital technologies as well as reducing operational costs and simplifying reporting.

      Govern risk strategically

      Governance of risk management for information- and technology-related events is often misplaced. Just because it's classified as an IT risk does not mean it shouldn’t be owned by the board or business executive.

      Assess risk maturity

      Integrating risk requires a baseline of risk maturity at the enterprise level. IT can push integrating risks, but only if the enterprise is willing to adopt the attitudes and behaviors that will drive the integrated risk approach.

      Manage risk

      It is not a strategic decision to have different areas of the organization manage the risks perceived to be in their department. It’s the easy choice, but not the strategic one.

      Implement risk management

      Different areas of an enterprise apply risk management processes differently. Determining a single method for identification, assessment, response, and monitoring can ensure successful implementation of enterprise risk management.

      Tactical insight

      Good risk management will consider both the positives and negatives associated with a risk management program by recognizing both the upside and downside of risk event impact and likelihood.

      Integrated risk benefits

      IT Benefits

      • IT executives have a responsibility but not accountability when it comes to risk. Ensure the right business stakeholders have awareness and ability to make informed risk decisions.
      • Controls and responses to risks that are within the “IT” realm will be funded and provided with sufficient support from the business.
      • The business respects and values the role of IT in supporting the enterprise risk program, elevating its role into business partner.

      Business Benefits

      • Business executives and boards can make informed responses to the various forms of risk, including those often categorized as “IT risks.”
      • The compounding severity of risks can be formally assessed and ideally quantified to provide insight into how risks’ ramifications can change based on scenarios.
      • Risk-informed decisions can be used to optimize the business and drive it toward adopting innovation as a response to risk events.
      • Get your organization insured against cybersecurity threats at the lowest premiums possible.

      Measure the value of integrating risk

      • Reduce Operating Costs

        • Organizations can reduce their risk operating costs by 20 to 30% by adopting enterprise-wide digital risk initiatives (McKinsey & Company).

      • Increase Cybersecurity Threat Preparedness

        • Increase the organization’s preparedness for cybersecurity threats. 79% of organizations that were impacted by email threats in 2020 were not prepared for the hit (Diligent)

      • Increase Risk Management’s Impact to Drive Strategic Value

        • Currently, only 3% of organizations are extensively using risk management to drive their unique competitive advantage, compared to 35% of companies who do not use it at all (AICPA & NC State Poole College of Management).

      • Reduce Lost Productivity for the Enterprise

        • Among small businesses, 76% are still not considering purchasing cyberinsurance in 2021, despite the fact that ransomware attacks alone cost Canadian businesses $5.1 billion in productivity in 2020 (Insurance Bureau of Canada, 2021).

      “31% of CIO’s expected their role to expand and include risk management responsibilities.” (IDG “2021 State of the CIO,” 2021)

      Make integrated risk management sustainable

      58%

      Focus not just on the preventive risk management but also the value-creating opportunities. With 58% of organizations concerned about disruptive technology, it’s an opportunity to take the concern and transform it into innovation. (Accenture)

      70%

      Invest in tools that have data and analytics features. Currently, “gut feelings” or “experience” inform the risk management decisions for 70% of late adopters. (Clear Risk)

      54%

      Align to the strategic vision of the board and CEO, given that these two roles account for 54% of the accountability associated with extended enterprise risk management. (Extended Enterprise Risk Management Survey, 2020,” Deloitte)

      63%

      Include IT leaders in the risk committee to help informed decision making. Currently 63% of chief technology officers are included in the C‑suite risk committee. (AICPA & NC State Poole College of Management)

      Successful adoption of integrated risk management is often associated with these key elements.

      Assessment

      Assess your organization’s method of addressing risk management to determine if integrated risk is possible

      Assessing the organization’s risk maturity

      Mature or not, integrated risk management should be a consideration for all organizations

      The first step to integrating risk management within the enterprise is to understand the organization’s readiness to adopt practices that will enable it to successfully integrate information.

      In 2021, we saw enterprise risk management assessments become one of the most common trends, particularly as a method by which the organization can consolidate the potential impacts of uncertainties or threats (Lawton, 2021). A major driver for this initiative was the recognition that information and technology not only have enterprise-wide impacts on the organization’s risk management but that IT has a critical role in supporting processes that enable effective access to data/information.

      A maturity assessment has several benefits for an organization: It ensures there is alignment throughout the organization on why integrated risk is the right approach to take, it recognizes the organization’s current risk maturity, and it supports the organization in defining where it would like to go.

      		Pie chart titled 'Organizational Risk Management Maturity Assessment Results' showing just under half 'Progressing', a third 'Established', a seventh 'Emerging', and a very small portion 'Leading or Aspirational'.

      Integrated Risk Maturity Categories

      		 Semi-circle with colored points indicating four categories.

      1

      		Context & Strategic Direction Understand the organization’s main objectives and how risk can support or enhance those objectives.

      2

      		Risk Culture and Authority Examine if risk-based decisions are being made by those with the right level of authority and if the organization’s risk appetite is embedded in the culture.

      3

      		Risk Management Process Determine if the current process to identify, assess, respond to, monitor, and report on risks is benefitting the organization.

      4

      		Risk Program Optimization Consider opportunities where risk-related data is being gathered, reported, and used to make informed decisions across the enterprise.

      Maturity should inform your approach to risk management

      The outcome of the risk maturity assessment should inform how risk management is approached within the organization.

      A row of waves starting light and small and becoming taller and darker in steps. The levels are 'Non-existent', 'Basic', 'Partially Integrated', 'Mostly Integrated', 'Fully Integrated', and 'Optimized'.

      For organizations with a low maturity, remaining superficial with risk will offer more benefits and align to the enterprise’s risk tolerance and appetite. This might mean no integrated risk is taking place.

      However, organizations that have higher risk maturity should begin to integrate risk information. These organizations can identify the nuances that would affect the severity and impact of risk events.

      Integrated Risk Maturity Assessment

      The purpose of the Integrated Risk Maturity Assessment is to assess the organization's current maturity and readiness for integrated risk management (IRM).

      Frequently and continually assessing your organization’s maturity toward integrated risk ensures the right risk management program can be adopted by your organization.

      Integrated Risk Maturity Assessment

      A simple tool to understand if your organization is ready to embrace integrated risk management by measuring maturity across four key categories: Context & Strategic Direction, Risk Culture & Authority, Risk Management Process, and Risk Program Optimization

      		Sample of the Integrated Risk Maturity Assessment deliverable.

      Use the results from this integrated risk maturity assessment to determine the type of risk management program that can and should be adopted by your organization.

      Some organizations will need to remain siloed and focused on IT risk management only, while others will be able to integrate risk-related information to start enabling automatic controls that respond to this data.

      Innovation

      • Buy Link or Shortcode: {j2store}21|cart{/j2store}
      • Related Products: {j2store}21|crosssells{/j2store}
      • Teaser Video: Visit Website
      • Teaser Video Title: Digital Ethics = Data Equity
      • member rating overall impact: N/A
      • member rating average dollars saved: N/A
      • member rating average days saved: N/A
      • sidebar graphic: Visit Link
      • Parent Category Name: Strategy and Governance
      • Parent Category Link: /strategy-and-governance
      • byline: Digital transfomation will not wait.
      • Byline body: Innovation is typically grown from your organization. Let it plant it's seeds and let it bloom into something beautiful.
      Innovation is the at heart of every organization, especially in these fast moving times. It does not matter if you are in a supporting or "traditional" sector.  The company performing the service in a faster, better and more efficient way, wins.

      innovation

      Develop an Availability and Capacity Management Plan

      • Buy Link or Shortcode: {j2store}500|cart{/j2store}
      • member rating overall impact: 8.0/10 Overall Impact
      • member rating average dollars saved: $2,840 Average $ Saved
      • member rating average days saved: 10 Average Days Saved
      • Parent Category Name: Availability & Capacity Management
      • Parent Category Link: /availability-and-capacity-management
      • It is crucial for capacity managers to provide capacity in advance of need to maximize availability.
      • In an effort to ensure maximum uptime, organizations are overprovisioning (an average of 59% for compute, and 48% for storage). With budget pressure mounting (especially on the capital side), the cost of this approach can’t be ignored.
      • Half of organizations have experienced capacity-related downtime, and almost 60% wait more than three months for additional capacity.

      Our Advice

      Critical Insight

      • All too often capacity management is left as an afterthought. The best capacity managers bake capacity management into their organization’s business processes, becoming drivers of value.
      • Communication is key. Build bridges between your organization’s silos, and involve business stakeholders in a dialog about capacity requirements.

      Impact and Result

      • Map business metrics to infrastructure component usage, and use your organization’s own data to forecast demand.
      • Project future needs in line with your hardware lifecycle. Never suffer availability issues as a result of a lack of capacity again.
      • Establish infrastructure as a driver of business value, not a “black hole” cost center.

      Develop an Availability and Capacity Management Plan Research & Tools

      Start here – read the Executive Brief

      Read our concise Executive Brief to find out why you should build a capacity management plan, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      • Develop an Availability and Capacity Management Plan – Phases 1-4

      1. Conduct a business impact analysis

      Determine the most critical business services to ensure availability.

      • Develop an Availability and Capacity Management Plan – Phase 1: Conduct a Business Impact Analysis
      • Business Impact Analysis Tool

      2. Establish visibility into core systems

      Craft a monitoring strategy to gather usage data.

      • Develop an Availability and Capacity Management Plan – Phase 2: Establish Visibility into Core Systems
      • Capacity Snapshot Tool

      3. Solicit and incorporate business needs

      Integrate business stakeholders into the capacity management process.

      • Develop an Availability and Capacity Management Plan – Phase 3: Solicit and Incorporate Business Needs
      • Capacity Plan Template

      4. Identify and mitigate risks

      Identify and mitigate risks to your capacity and availability.

      • Develop an Availability and Capacity Management Plan – Phase 4: Identify and Mitigate Risks

      [infographic]

      Workshop: Develop an Availability and Capacity Management Plan

      Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

      1 Conduct a Business Impact Analysis

      The Purpose

      Determine the most important IT services for the business.

      Key Benefits Achieved

      Understand which services to prioritize for ensuring availability.

      Activities

      1.1 Create a scale to measure different levels of impact.

      1.2 Evaluate each service by its potential impact.

      1.3 Assign a criticality rating based on the costs of downtime.

      Outputs

      RTOs/RPOs

      List of gold systems

      Criticality matrix

      2 Establish Visibility Into Core Systems

      The Purpose

      Monitor and measure usage metrics of key systems.

      Key Benefits Achieved

      Capture and correlate data on business activity with infrastructure capacity usage.

      Activities

      2.1 Define your monitoring strategy.

      2.2 Implement your monitoring tool/aggregator.

      Outputs

      RACI chart

      Capacity/availability monitoring strategy

      3 Develop a Plan to Project Future Needs

      The Purpose

      Determine how to project future capacity usage needs for your organization.

      Key Benefits Achieved

      Data-based, systematic projection of future capacity usage needs.

      Activities

      3.1 Analyze historical usage trends.

      3.2 Interface with the business to determine needs.

      3.3 Develop a plan to combine these two sources of truth.

      Outputs

      Plan for soliciting future needs

      Future needs

      4 Identify and Mitigate Risks

      The Purpose

      Identify potential risks to capacity and availability.

      Develop strategies to ameliorate potential risks.

      Key Benefits Achieved

      Proactive approach to capacity that addresses potential risks before they impact availability.

      Activities

      4.1 Identify capacity and availability risks.

      4.2 Determine strategies to address risks.

      4.3 Populate and review completed capacity plan.

      Outputs

      List of risks

      List of strategies to address risks

      Completed capacity plan

      Further reading

      Develop an Availability and Capacity Management Plan

      Manage capacity to increase uptime and reduce costs.

      ANALYST PERSPECTIVE

      The cloud changes the capacity manager’s job, but it doesn’t eliminate it.

      "Nobody doubts the cloud’s transformative power. But will its ascent render “capacity manager” an archaic term to be carved into the walls of datacenters everywhere for future archaeologists to puzzle over? No. While it is true that the cloud has fundamentally changed how capacity managers do their jobs , the process is more important than ever. Managing capacity – and, by extent, availability – means minimizing costs while maximizing uptime. The cloud era is the era of unlimited capacity – and of infinite potential costs. If you put the infinity symbol on a purchase order… well, it’s probably not a good idea. Manage demand. Manage your capacity. Manage your availability. And, most importantly, keep your stakeholders happy. You won’t regret it."

      Jeremy Roberts,

      Consulting Analyst, Infrastructure Practice

      Info-Tech Research Group

      Availability and capacity management transcend IT

      This Research Is Designed For:

      ✓ CIOs who want to increase uptime and reduce costs

      ✓ Infrastructure managers who want to deliver increased value to the business

      ✓ Enterprise architects who want to ensure stability of core IT services

      ✓ Dedicated capacity managers

      This Research Will Help You:

      ✓ Develop a list of core services

      ✓ Establish visibility into your system

      ✓ Solicit business needs

      ✓ Project future demand

      ✓ Set SLAs

      ✓ Increase uptime

      ✓ Optimize spend

      This Research Will Also Assist:

      ✓ Project managers

      ✓ Service desk staff

      This Research Will Help Them:

      ✓ Plan IT projects

      ✓ Better manage availability incidents caused by lack of capacity

      Executive summary

      Situation

      • IT infrastructure leaders are responsible for ensuring that the business has access to the technology needed to keep the organization humming along. This requires managing capacity and availability.
      • Dependencies go undocumented. Services are provided on an ad hoc basis, and capacity/availability are managed reactively.

      Complication

      • Organizations are overprovisioning an average of 59% for compute, and 48% for storage. This is expensive. With budget pressure mounting, the cost of this approach can’t be ignored.
      • Lead time to respond to demand is long. Half of organizations have experienced capacity-related downtime, and almost 60% wait 3+ months for additional capacity. (451 Research, 3)

      Resolution

      • Conduct a business impact analysis to determine which of your services are most critical, and require active capacity management that will reap more in benefits than it produces in costs.
      • Establish visibility into your system. You can’t track what you can’t see, and you can’t see when you don’t have proper monitoring tools in place.
      • Develop an understanding of business needs. Use a combination of historical trend analyses and consultation with line of business and project managers to separate wants from needs. Overprovisioning used to be necessary, but is no longer required.
      • Project future needs in line with your hardware lifecycle. Never suffer availability issues as a result of a lack of capacity again.

      Info-Tech Insight

      1. Components are critical. The business doesn’t care about components. You, however, are not so lucky…
      2. Ask what the business is working on, not what they need. If you ask them what they need, they’ll tell you – and it won’t be cheap. Find out what they’re going to do, and use your expertise to service those needs.
      3. Cloud shmoud. The role of the capacity manager is changing with the cloud, but capacity management is as important as ever.

      Save money and drive efficiency with an effective availability and capacity management plan

      Overprovisioning happens because of the old style of infrastructure provisioning (hardware refresh cycles) and because capacity managers don’t know how much they need (either as a result of inaccurate or nonexistent information).

      According to 451 Research, 59% of enterprises have had to wait 3+ months for new capacity. It is little wonder, then, that so many opt to overprovision. Capacity management is about ensuring that IT services are available, and with lead times like that, overprovisioning can be more attractive than the alternative. Fortunately there is hope. An effective availability and capacity management plan can help you:

      • Identify your gold systems
      • Establish visibility into them
      • Project your future capacity needs

      Balancing overprovisioning and spending is the capacity manager’s struggle.

      Availability and capacity management go together like boots and feet

      Availability and capacity are not the same, but they are related and can be effectively managed together as part of a single process.

      If an IT department is unable to meet demand due to insufficient capacity, users will experience downtime or a degradation in service. To be clear, capacity is not the only factor in availability – reliability, serviceability, etc. are significant as well. But no organization can effectively manage availability without paying sufficient attention to capacity.

      "Availability Management is concerned with the design, implementation, measurement and management of IT services to ensure that the stated business requirements for availability are consistently met."

      – OGC, Best Practice for Service Delivery, 12

      "Capacity management aims to balance supply and demand [of IT storage and computing services] cost-effectively…"

      – OGC, Business Perspective, 90

      Integrate the three levels of capacity management

      Successful capacity management involves a holistic approach that incorporates all three levels.

      Business The highest level of capacity management, business capacity management, involves predicting changes in the business’ needs and developing requirements in order to make it possible for IT to adapt to those needs. Influx of new clients from a failed competitor.
      Service Service capacity management focuses on ensuring that IT services are monitored to determine if they are meeting pre-determined SLAs. The data gathered here can be used for incident and problem management. Increased website traffic.
      Component Component capacity management involves tracking the functionality of specific components (servers, hard drives, etc.), and effectively tracking their utilization and performance, and making predictions about future concerns. Insufficient web server compute.

      The C-suite cares about business capacity as part of the organization’s strategic planning. Service leads care about their assigned services. IT infrastructure is concerned with components, but not for their own sake. Components mean services that are ultimately designed to facilitate business.

      A healthcare organization practiced poor capacity management and suffered availability issues as a result

      CASE STUDY

      Industry: Healthcare

      Source: Interview

      New functionalities require new infrastructure

      There was a project to implement an elastic search feature. This had to correlate all the organization’s member data from an Oracle data source and their own data warehouse, and pool them all into an elastic search index so that it could be used by the provider portal search function. In estimating the amount of space needed, the infrastructure team assumed that all the data would be shared in a single place. They didn’t account for the architecture of elastic search in which indexes are shared across multiple nodes and shards are often split up separately.

      Beware underestimating demand and hardware sourcing lead times

      As a result, they vastly underestimated the amount of space that was needed and ended up short by a terabyte. The infrastructure team frantically sourced more hardware, but the rush hardware order arrived physically damaged and had to be returned to the vendor.

      Sufficient budget won’t ensure success without capacity planning

      The project’s budget had been more than sufficient to pay for the extra necessary capacity, but because a lack of understanding of the infrastructure impact resulted in improper forecasting, the project ended up stuck in a standstill.

      Manage availability and keep your stakeholders happy

      If you run out of capacity, you will inevitably encounter availability issues like downtime and performance degradation . End users do not like downtime, and neither do their managers.

      There are three variables that are monitored, measured, and analyzed as part of availability management more generally (Valentic).

        1. Uptime:

      The availability of a system is the percentage of time the system is “up,” (and not degraded) which can be calculated using the following formula: uptime/(uptime + downtime) x 100%. The more components there are in a system, the lower the availability, as a rule.

        1. Reliability:

      The length of time a component/service can go before there is an outage that brings it down, typically measured in hours.

        1. Maintainability:

      The amount of time it takes for a component/service to be restored in the event of an outage, also typically measured in hours.

      Enter the cloud: changes in the capacity manager role

      There can be no doubt – the rise of the public cloud has fundamentally changed the nature of capacity management.

      Features of the public cloudImplications for capacity management
      Instant, or near-instant, instantiation Lead times drop; capacity management is less about ensuring equipment arrives on time.
      Pay-as-you go services Capacity no longer needs to be purchased in bulk. Pay only for what you use and shut down instances that are no longer necessary.
      Essentially unlimited scalability Potential capacity is infinite, but so are potential costs.
      Offsite hosting Redundancy, but at the price of the increasing importance of your internet connection.

      Vendors will sell you the cloud as a solution to your capacity/availability problems

      The image contains two graphs. The first graph on the left is titled: Reactive Management, and shows the struggling relationship between capacity and demand. The second graph on the right is titled: Cloud future (ideal), which demonstrates a manageable relationship between capacity and demand over time.

      Traditionally, increases in capacity have come in bursts as a reaction to availability issues. This model inevitably results in overprovisioning, driving up costs. Access to the cloud changes the equation. On-demand capacity means that, ideally, nobody should pay for unused capacity.

      Reality check: even in the cloud era, capacity management is necessary

      You will likely find vendors to nurture the growth of a gap between your expectations and reality. That can be damaging.

      The cloud reality does not look like the cloud ideal. Even with the ostensibly elastic cloud, vendors like the consistency that longer-term contracts offer. Enter reserved instances: in exchange for lower hourly rates, vendors offer the option to pay a fee for a reserved instance. Usage beyond the reserved will be billed at a higher hourly rate. In order to determine where that line should be drawn, you should engage in detailed capacity planning. Unfortunately, even when done right, this process will result in some overprovisioning, though it does provide convenience from an accounting perspective. The key is to use spot instances where demand is exceptional and bounded. Example: A university registration server that experiences exceptional demand at the start of term but at no other time.

      The image contains an example of cloud reality not matching with the cloud ideal in the form of a graph. The graph is split horizontally, the top half is red, and there is a dotted line splitting it from the lower half. The line is labelled: Reserved instance ceiling. In the bottom half, it is the colour green and has a curving line.

      Use best practices to optimize your cloud resources

      The image contains two graphs. The graph on the left is labelled: Ineffective reserve capacity. At the top of the graph is a dotted line labelled: Reserved Instance ceiling. The graph is measuring capacity requirements over time. There is a curved line on the graph that suddenly spikes and comes back down. The spike is labelled unused capacity. The graph on the right is labelled: Effective reserve capacity. The reserved instance ceiling is about halfway down this graph, and it is comparing capacity requirements over time. This graph has a curved line on it, also has a spike and is labelled: spot instance.

      Even in the era of elasticity, capacity planning is crucial. Spot instances – the spikes in the graph above – are more expensive, but if your capacity needs vary substantially, reserving instances for all of the space you need can cost even more money. Efficiently planning capacity will help you draw this line.

      Evaluate business impact; not all systems are created equal

      Limited resources are a reality. Detailed visibility into every single system is often not feasible and could be too much information.

      Simple and effective. Sometimes a simple display can convey all of the information necessary to manage critical systems. In cars it is important to know your speed, how much fuel is in the tank, and whether or not you need to change your oil/check your engine.

      Where to begin?! Specialized information is sometimes necessary, but it can be difficult to navigate.

      Take advantage of a business impact analysis to define and understand your critical services

      Ideally, downtime would be minimal. In reality, though, downtime is a part of IT life. It is important to have realistic expectations about its nature and likelihood.

      STEP 1

      STEP 2

      STEP 3

      STEP 4

      STEP 5

      Record applications and dependencies

      Utilize your asset management records and document the applications and systems that IT is responsible for managing and recovering during a disaster.

      Define impact scoring scale

      Ensure an objective analysis of application criticality by establishing a business impact scale that applies to all applications.

      Estimate impact of downtime

      Leverage the scoring criteria from the previous step and establish an estimated impact of downtime for each application.

      Identify desired RTO and RPO

      Define what the RTOs/RPOs should be based on the impact of a business interruption and the tolerance for downtime and data loss.

      Determine current RTO/RPO

      Conduct tabletop planning and create a flowchart of your current capabilities. Compare your current state to the desired state from the previous step.

      Info-Tech Insight

      According to end users, every system is critical and downtime is intolerable. Of course, once they see how much totally eliminating downtime can cost, they might change their tune. It is important to have this discussion to separate the critical from the less critical – but still important – services.

      Establish visibility into critical systems

      You may have seen “If you can’t measure it, you can’t manage it” or a variation thereof floating around the internet. This adage is consumable and makes sense…doesn’t it?

      "It is wrong to suppose that if you can’t measure it, you can’t manage it – a costly myth."

      – W. Edwards Deming, statistician and management consultant, author of The New Economics

      While it is true that total monitoring is not absolutely necessary for management, when it comes to availability and capacity – objectively quantifiable service characteristics – a monitoring strategy is unavoidable. Capturing fluctuations in demand, and adjusting for those fluctuations, is among the most important functions of a capacity manager, even if hovering over employees with a stopwatch is poor management.

      Solicit needs from line of business managers

      Unless you head the world’s most involved IT department (kudos if you do) you’re going to have to determine your needs from the business.

      Do

      Do not

      ✓ Develop a positive relationship with business leaders responsible for making decisions.

      ✓ Make yourself aware of ongoing and upcoming projects.

      ✓ Develop expertise in organization-specific technology.

      ✓ Make the business aware of your expenses through chargebacks or showbacks.

      ✓ Use your understanding of business projects to predict business needs; do not rely on business leaders’ technical requests alone.

      X Be reactive.

      X Accept capacity/availability demands uncritically.

      X Ask line of business managers for specific computing requirements unless they have the technical expertise to make informed judgments.

      X Treat IT as an opaque entity where requests go in and services come out (this can lead to irresponsible requests).

      Demand: manage or be managed

      You might think you can get away with uncritically accepting your users’ demands, but this is not best practice. If you provide it, they will use it.

      The company meeting

      “I don’t need this much RAM,” the application developer said, implausibly. Titters wafted above the assembled crowd as her IT colleagues muttered their surprise. Heads shook, eyes widened. In fact, as she sat pondering her utterance, the developer wasn’t so sure she believed it herself. Noticing her consternation, the infrastructure manager cut in and offered the RAM anyway, forestalling the inevitable crisis that occurs when seismic internal shifts rock fragile self-conceptions. Until next time, he thought.

      "Work expands as to fill the resources available for its completion…"

      – C. Northcote Parkinson, quoted in Klimek et al.

      Combine historical data with the needs you’ve solicited to holistically project your future needs

      Predicting the future is difficult, but when it comes to capacity management, foresight is necessary.

      Critical inputs

      In order to project your future needs, the following inputs are necessary.

      1. Usage trends: While it is true that past performance is no indication of future demand, trends are still a good way to validate requests from the business.
      2. Line of business requests: An understanding of the projects the business has in the pipes is important for projecting future demand.
      3. Institutional knowledge: Read between the lines. As experts on information technology, the IT department is well-equipped to translate needs into requirements.
      The image contains a graph that is labelled: Projected demand, and graphs demand over time. There is a curved line that passes through a vertical line labelled present. There is a box on top of the graph that contains the text: Note: confidence in demand estimates will very by service and by stakeholder.

      Follow best practice guidelines to maximize the efficiency of your availability and capacity management process

      The image contains Info-Tech's IT Management & Governance Framework. The framework displays many of Info-Tech's research to help optimize and improve core IT processes. The name of this blueprint is under the Infrastructure & Operations section, and has been circled to point out where it is in the framework.

      Understand how the key frameworks relate and interact

      The image contains a picture of the COBIT 5 logo.

      BA104: Manage availability and capacity

      • Current state assessment
      • Forecasting based on business requirements
      • Risk assessment of planning and implementation of requirements
      The image contains a picture of the ITIL logo

      Availability management

      • Determine business requirements
      • Match requirements to capabilities
      • Address any mismatch between requirements and capabilities in a cost-effective manner

      Capacity management

      • Monitoring services and components
      • Tuning for efficiency
      • Forecasting future requirements
      • Influencing demand
      • Producing a capacity plan
      The image contains a picture of Info-Tech Research Group logo.

      Availability and capacity management

      • Conduct a business impact analysis
      • Establish visibility into critical systems
      • Solicit and incorporate business needs
      • Identify and mitigate risks

      Disaster recovery and business continuity planning are forms of availability management

      The scope of this project is managing day-to-day availability, largely but not exclusively, in the context of capacity. For additional important information on availability, see the following Info-Tech projects.

        • Develop a Business Continuity Plan

      If your focus is on ensuring process continuity in the event of a disaster.

        • Establish a Program to Enable Effective Performance Monitoring

      If your focus is on flow mapping and transaction monitoring as part of a plan to engage APM vendors.

        • Create a Right-Sized Disaster Recovery Plan

      If your focus is on hardening your IT systems against major events.

      Info-Tech’s approach to availability and capacity management is stakeholder-centered and cloud ready

      Phase 1:

      Conduct a business impact analysis

      Phase 2:

      Establish visibility into core systems

      Phase 3:

      Solicit and incorporate business needs

      Phase 4:

      Identify and mitigate risks

      1.1 Conduct a business impact analysis

      1.2 Assign criticality ratings to services

      2.1 Define your monitoring strategy

      2.2 Implement monitoring tool/aggregator

      3.1 Solicit business needs

      3.2 Analyze data and project future needs

      4.1 Identify and mitigate risks

      Deliverables
      • Business impact analysis
      • Gold systems
      • Monitoring strategy
      • List of stakeholders
      • Business needs
      • Projected capacity needs
      • Risks and mitigations
      • Capacity management summary cards

      Info-Tech offers various levels of support to best suit your needs

      DIY Toolkit

      “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

      Guided Implementation

      “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

      Workshop

      “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

      Consulting

      “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

      Diagnostics and consistent frameworks used throughout all four options

      Availability & capacity management – project overview

       

      Conduct a business impact analysis

      Establish visibility into core systems

      Solicit and incorporate business needs

      Identify and
      mitigate risks

      Best-Practice Toolkit

      1.1 Create a scale to measure different levels of impact

      1.2 Assign criticality ratings to services

      2.1 Define your monitoring strategy

      2.2 Implement your monitoring tool/aggregator

      3.1 Solicit business needs and gather data

      3.2 Analyze data and project future needs

      4.1 Identify and mitigate risks

      Guided Implementations

      		 Call 1: Conduct a business impact analysis Call 1: Discuss your monitoring strategy

      Call 1: Develop a plan to gather historical data; set up plan to solicit business needs

      Call 2: Evaluate data sources

      Call 1: Discuss possible risks and strategies for risk mitigation

      Call 2: Review your capacity management plan

      Onsite Workshop

      Module 1:

      Conduct a business impact analysis

      Module 2:

      Establish visibility into core systems

      Module 3:

      Develop a plan to project future needs

      Module 4:

      Identify and mitigate risks
       

      Phase 1 Results:

      • RTOs/RPOs
      • List of gold systems
      • Criticality matrix

      Phase 2 Results:

      • Capacity/availability monitoring strategy

      Phase 3 Results:

      • Plan for soliciting future needs
      • Future needs

      Phase 4 Results:

      • Strategies for reducing risks
      • Capacity management plan

      Workshop overview

      Contact your account representative or email Workshops@InfoTech.com for more information.

       

      Workshop Day 1

      Workshop Day 2

      Workshop Day 3

      Workshop Day 4

       

      Conduct a business
      impact analysis

      Establish visibility into
      core systems

      Solicit and incorporate business needs

      Identify and mitigate risks

      Activities

      1.1 Conduct a business impact analysis

      1.2 Create a list of critical dependencies

      1.3 Identify critical sub-components

      1.4 Develop best practices to negotiate SLAs

      2.1 Determine indicators for sub-components

      2.2 Establish visibility into components

      2.3 Develop strategies to ameliorate visibility issues

      3.1 Gather relevant business-level data

      3.2 Gather relevant service-level data

      3.3 Analyze historical trends

      3.4 Build a list of business stakeholders

      3.5 Directly solicit requirements from the business

      3.6 Map business needs to technical requirements

      3.7 Identify inefficiencies and compare historical data
      • 4.1 Brainstorm potential causes of availability and capacity risk
      • 4.2 Identify and mitigate capacity risks
      • 4.3 Identify and mitigate availability risks

      Deliverables
      1. Business impact analysis
      2. List of gold systems
      3. SLA best practices
      1. Sub-component metrics
      2. Strategy to establish visibility into critical sub-components
      1. List of stakeholders
      2. Business requirements
      3. Technical requirements
      4. Inefficiencies
      1. Strategies for mitigating risks
      2. Completed capacity management plan template

      PHASE 1

      Conduct a Business Impact Analysis

      Step 1.1: Conduct a business impact analysis

      This step will walk you through the following activities:

      • Record applications and dependencies in the Business Impact Analysis Tool.
      • Define a scale to estimate the impact of various applications’ downtime.
      • Estimate the impact of applications’ downtime.

      This involves the following participants:

      • Capacity manager
      • Infrastructure team

      Outcomes of this step

      • Estimated impact of downtime for various applications

      Execute a business impact analysis (BIA) as part of a broader availability plan

      1.1a Business Impact Analysis Tool

      Business impact analyses are an invaluable part of a broader IT strategy. Conducting a BIA benefits a variety of processes, including disaster recovery, business continuity, and availability and capacity management

      STEP 1

      STEP 2

      STEP 3

      STEP 4

      STEP 5

      Record applications and dependencies

      Utilize your asset management records and document the applications and systems that IT is responsible for managing and recovering during a disaster.

      Define impact scoring scale

      Ensure an objective analysis of application criticality by establishing a business impact scale that applies to all applications.

      Estimate impact of downtime

      Leverage the scoring criteria from the previous step and establish an estimated impact of downtime for each application.

      Identify desired RTO and RPO

      Define what the RTOs/RPOs should be based on the impact of a business interruption and the tolerance for downtime and data loss.

      Determine current RTO/RPO

      Conduct tabletop planning and create a flowchart of your current capabilities. Compare your current state to the desired state from the previous step.

      Info-Tech Insight

      Engaging in detailed capacity planning for an insignificant service draws time and resources away from more critical capacity planning exercises. Time spent tracking and planning use of the ancient fax machine in the basement is time you’ll never get back.

      Control the scope of your availability and capacity management planning project with a business impact analysis

      Don’t avoid conducting a BIA because of a perception that it’s too onerous or not necessary. If properly managed, as described in this blueprint, the BIA does not need to be onerous and the benefits are tangible.

      A BIA enables you to identify appropriate spend levels, continue to drive executive support, and prioritize disaster recovery planning for a more successful outcome. For example, an Info-Tech survey found that a BIA has a significant impact on setting appropriate recovery time objectives (RTOs) and appropriate spending.

      The image contains a graph that is labelled: BIA Impact on Appropriate RTOS. With no BIA, there is 59% RTOs are appropriate. With BIA, there is 93% RTOS being appropriate. The image contains a graph that is labelled: BIA Impact on Appropriate Spending. No BIA has 59% indication that BCP is cost effective. With a BIA there is 86% indication that BCP is cost effective.

      Terms

      No BIA: lack of a BIA, or a BIA bases solely on the perceived importance of IT services.

      BIA: based on a detailed evaluation or estimated dollar impact of downtime.

      Source: Info-Tech Research Group; N=70

      Select the services you wish to evaluate with the Business Impact Analysis Tool

      1.1b 1 hour

      In large organizations especially, collating an exhaustive list of applications and services is going to be onerous. For the purposes of this project, a subset should suffice.

      Instructions

      1. Gather a diverse group of IT staff and end users in a room with a whiteboard.
      2. Solicit feedback from the group. Questions to ask:
      • What services do you regularly use? What do you see others using? (End users)
      • Which service inspires the greatest number of service calls? (IT)
      • What services are you most excited about? (Management)
      • What services are the most critical for business operations? (Everybody)
    • Record these applications in the Business Impact Analysis Tool.

      • Input

      • Applications/services

      Output

      • Candidate applications for the business impact analysis

      Materials

      • Whiteboard
      • Markers

      Participants

      • Infrastructure manager
      • Enterprise architect
      • Application owners
      • End users

      Info-Tech Insight

      Include a variety of services in your analysis. While it might be tempting to jump ahead and preselect important applications, don’t. The process is inherently valuable, and besides, it might surprise you.

      Record the applications and dependencies in the BIA tool

      1.1c Use tab 1 of the Business Impact Analysis Tool

      1. In the Application/System column, list the applications identified for this pilot as well as the Core Infrastructure category. Also indicate the Impact on the Business and Business Owner.
      2. List the dependencies for each application in the appropriate columns:
      • Hosted On-Premises (In-House) – If the physical equipment is in a facility you own, record it here, even if it is managed by a vendor.
      • Hosted by a Co-Lo/MSP – List any dependencies hosted by a co-lo/MSP vendor.
      • Cloud (includes "as a Service”) – List any dependencies hosted by a cloud vendor.

      Note: If there are no dependencies for a particular category, leave it blank.

    • If you wish to highlight specific dependencies, put an asterisk in front of them (e.g. *SAN). This will cause the dependency to be highlighted in the remaining tabs in this tool.
    • Add comments as needed in the Notes columns. For example, for equipment that you host in-house but is remotely managed by an MSP, specify this in the notes. Similarly, note any DR support services.

      • Example

      The image contains a screenshot of Info-Tech's Business Impact Analysis Tool specifically tab 1.

      ID is optional. It is a sequential number by default.

      In-House, Co-Lo/MSP, and Cloud dependencies; leave blank if not applicable.

      Add notes as applicable – e.g. critical support services.

      Define a scoring scale to estimate different levels of impact

      1.1d Use tab 2 of the Business Impact Analysis Tool

      Modify the Business Impact Scales headings and Overall Criticality Rating terminology to suit your organization. For example, if you don’t have business partners, use that column to measure a different goodwill impact or just ignore that column in this tool (i.e. leave it blank). Estimate the different levels of potential impact (where four is the highest impact and zero is no impact) and record these in the Business Impact Scales columns.

      The image contains a screenshot of Info-Tech's Business Impact Analysis Tool, specifically tab 2.

      Estimate the impact of downtime for each application

      1.1e Use tab 3 of the Business Impact Analysis Tool

      In the BIA tab columns for Direct Costs of Downtime, Impact on Goodwill, and Additional Criticality Factors, use the drop-down menu to assign a score of zero to four based on levels of impact defined in the Scoring Criteria tab. For example, if an organization’s ERP is down, and that affects call center sales operations (e.g. ability to access customer records and process orders), the impact might be as described below:

        • Loss of Revenue might score a two or three depending on the proportion of overall sales lost due to the downtime.
        • The Impact on Customers might be a one or two depending on the extent that existing customers might be using the call center to purchase new products or services, and are frustrated by the inability to process orders.
        • The Legal/Regulatory Compliance and Health or Safety Risk might be a zero.

      On the other hand, if payroll processing is down, this may not impact revenue, but it certainly impacts internal goodwill and productivity.

      Rank service criticality: gold, silver, and bronze

      Gold

      Mission critical services. An outage is catastrophic in terms of cost or public image/goodwill. Example: trading software at a financial institution.

      Silver

      Important to daily operations, but not mission critical. Example: email services at any large organization.

      Bronze

      Loss of these services is an inconvenience more than anything, though they do serve a purpose and will be missed if they are never brought back online. Example: ancient fax machines.

      Info-Tech Best Practice

      Info-Tech recommends gold, silver, and bronze because of this typology’s near universal recognition. If you would prefer a particular designation (it might help with internal comprehension), don’t hesitate to use that one instead.

      Use the results of the business impact analysis to sort systems based on their criticality

      1.1f 1 hour

      Every organization has its own rules about how to categorize service importance. For some (consumer-facing businesses, perhaps) reputational damage may trump immediate costs.

      Instructions

      1. Gather a group of key stakeholders and project the completed Business Impact Analysis Tool onto a screen for them.
      2. Share the definitions of gold, silver, and bronze services with them (if they are not familiar), and begin sorting the services by category,
      • How long would it take to notice if a particular service went out?
      • How important are the non-quantifiable damages that could come with an outage?
    • Sort the services into gold, silver, and bronze on a whiteboard, with sticky notes, or with chart paper.
    • Verify your findings and record them in section 2.1 of the Capacity Plan Template.

      • Input

      • Results of the business impact analysis exercise

      Output

      • List of gold, silver, and bronze systems

      Materials

      • Projector
      • Business Impact Analysis Tool
      • Capacity Plan Template

      Participants

      • Infrastructure manager
      • Enterprise architect

      Leverage the rest of the BIA tool as part of your disaster recovery planning

      Disaster recovery planning is a critical activity, and while it is a sort of availability management, it is beyond this project’s scope. You can complete the business impact analysis (including RTOs and RPOs) for the complete disaster recovery package.

      See Info-Tech’s Create a Right-Sized Disaster Recovery Plan blueprint for instructions on how to complete your business impact analysis.

      Step 1.2: Assign criticality ratings to services

      This step will walk you through the following activities:

      • Create a list of dependencies for your most important applications.
      • Identify important sub-components.
      • Use best practices to develop and negotiate SLAs.

      This involves the following participants:

      • Capacity manager
      • Infrastructure team

      Outcomes of this step

      • List of dependencies of most important applications
      • List of important sub-components
      • SLAs based on best practices

      Determine the base unit of the capacity you’re looking to purchase

      Not every IT organization should approach capacity the same way. Needs scale, and larger organizations will inevitably deal in larger quantities.

      Large cloud provider

      Local traditional business

      • Thousands of servers housed in a number of datacenters around the world.
      • Dedicated capacity manager.
      • Purchases components from OEMs in bulk as part of bespoke contracts that are worth many millions of dollars over time.
      • May deal with components at a massive scale (dozens of servers at once, for example).
      • A small server room that runs non-specialized services (email, for example).
      • Barely even a dedicated IT person, let alone an IT capacity manager.
      • Purchases new components from resellers or even retail stores.
      • Deals with components at a small scale (a single switch here, a server upgrade there).

      "Cloud capacity management is not exactly the same as the ITIL version because ITIL has a focus on the component level. I actually don’t do that, because if I did I’d go crazy. There’s too many components in a cloud environment."

      – Richie Mendoza, IT Consultant, SMITS Inc.

      Consider the relationship between component capacity and service capacity

      End users’ thoughts about IT are based on what they see. They are, in other words, concerned with service availability: does the organization have the ability to provide access to needed services?

      Service

      • Email
      • CRM
      • ERP

      Component

      • Switch
      • SMTP server
      • Archive database
      • Storage

      "You don’t ask the CEO or the guy in charge ‘What kind of response time is your requirement?’ He doesn’t really care. He just wants to make sure that all his customers are happy."

      – Todd Evans, Capacity and Performance Management SME, IBM.

      One telco solved its availability issues by addressing component capacity issues

      CASE STUDY

      Industry: Telecommunications

      Source: Interview

      Coffee and Wi-Fi – a match made in heaven

      In tens of thousands of coffee shops around the world, patrons make ample use of complimentary Wi-Fi. Wi-Fi is an important part of customers’ coffee shop experience, whether they’re online to check their email, do a YouTube, or update their Googles. So when one telco that provided Wi-Fi access for thousands of coffee shops started encountering availability issues, the situation was serious.

      Wi-Fi, whack-a-mole, and web woes

      The team responsible for resolving the issue took an ad hoc approach to resolving complaints, fixing issues as they came up instead of taking a systematic approach.

      Resolution

      Looking at the network as a whole, the capacity manager took a proactive approach by using data to identify and rank the worst service areas, and then directing the team responsible to fix those areas in order of the worst first, then the next worst, and so on. Soon the availability of Wi-Fi service was restored across the network.

      Create a list of dependencies for your most important applications

      1.2a 1.5 hours

      Instructions

      1. Work your way down the list of services outlined in step 1, starting with your gold systems. During the first iteration of this exercise select only 3-5 of your most important systems.
      2. Write the name of each application on a sticky note or at the top of a whiteboard (leaving ample space below for dependency mapping).
      3. In the first tier below the application, include the specific services that the general service provides.
      • This will vary based on the service in question, but an example for email is sending, retrieving, retrieving online, etc.
    • For each of the categories identified in step 3, identify the infrastructure components that are relevant to that system. Be broad and sweeping; if the component is involved in the service, include it here. The goal is to be exhaustive.
    • Leave the final version of the map intact. Photographing or making a digital copy for posterity. It will be useful in later activities.

      • Input

      • List of important applications

      Output

      • List of critical dependencies

      Materials

      • Whiteboard
      • Markers
      • Sticky notes

      Participants

      • Infrastructure manager
      • Enterprise architect

      Info-Tech Insight

      Dependency mapping can be difficult. Make sure you don’t waste effort creating detailed dependency maps for relatively unimportant services.

      Dependency mapping can be difficult. Make sure you don’t waste effort creating detailed dependency maps for relatively unimportant services.

      The image contains a sample dependency map on ride sharing. Ride Sharing has been split between two categories: Application and Drivers. Under drivers it branches out to: Availability, Car, and Pay. Under Application, it branches out to: Compute, Network, Edge devices, Q/A maintenance, and Storage. Compute branches out to Cloud Services. Network branches out to Cellular network and Local. Edge Devices branch out to Drivers and Users. Q/A maintenance does not have a following branch. Storage branches out to Storage (Enterprise) and Storage (local).

      Ride sharing cannot work, at least not at maximum effectiveness, without these constituent components. When one or more of these components are absent or degraded, the service will become unavailable. This example illustrates some challenges of capacity management; some of these components are necessary, but beyond the ride-sharing company’s control.

      Leverage a sample dependency tree for a common service

      The image contains a sample dependency tree for the Email service. Email branches out to: Filtering, Archiving, Retrieval, and Send/receive. Filtering branches out to security appliance which then branches out to CPU, Storage, and Network. Archiving branches to Archive server, which branches out to CPU, Storage, and Network. Retrieval branches out to IMAP/PoP which branches out to CPU, Storage, and Network. Send/receive branches out to IMAP/PoP and SMTP. SMTP branches out to CPU, Storage and Network.

      Info-Tech Best Practice

      Email is an example here not because it is necessarily a “gold system,” but because it is common across industries. This is a useful exercise for any service, but it can be quite onerous, so it should be conducted on the most important systems first.

      Separate the wheat from the chaff; identify important sub-components and separate them from unimportant ones

      1.2b 1.5 hours

      Use the bottom layer of the pyramid drawn in step 1.2a for a list of important sub-components.

      Instructions

      1. Record a list of the gold services identified in the previous activity. Leave space next to each service for sub-components.
      2. Go through each relevant sub-component. Highlight those that are critical and could reasonably be expected to cause problems.
      • Has this sub-component caused a problem in the past?
      • Is this sub-component a bottleneck?
      • What could cause this component to fail? Is it such an occurrence feasible?
    • Record the results of the exercise (and the service each sub-component is tied to) in tab 2 (columns B &C) of the Capacity Snapshot Tool.

      • Input

      • List of important applications

      Output

      • List of critical dependencies

      Materials

      • Whiteboard
      • Markers

      Participants

      • Infrastructure manager
      • Enterprise architect

      Understand availability commitments with SLAs

      With the rise of SaaS, cloud computing, and managed services, critical services and their components are increasingly external to IT.

      • IT’s lack of access to the internal working of services does not let them off the hook for performance issues (as much as that might be the dream).
      • Vendor management is availability management. Use the dependency map drawn earlier in this phase to highlight the components of critical services that rely on capacity that cannot be managed internally.
      • For each of these services ensure that an appropriate SLA is in place. When acquiring new services, ensure that the vendor SLA meets business requirements.

      The image contains a large blue circle labelled: Availability. Also in the blue circle is a small red circle labelled: Capacity.

      In terms of service provision, capacity management is a form of availability management. Not all availability issues are capacity issues, but the inverse is true.

      Info-Tech Insight

      Capacity issues will always cause availability issues, but availability issues are not inherently capacity issues. Availability problems can stem from outages unrelated to capacity (e.g. power or vendor outages).

      Use best practices to develop and negotiate SLAs

      1.2c 20 minutes per service

      When signing contracts with vendors, you will be presented with an SLA. Ensure that it meets your requirements.

      1. Use the business impact analysis conducted in this project’s first step to determine your requirements. How much downtime can you tolerate for your critical services?
      2. Once you have been presented with an SLA, be sure to scour it for tricks. Remember, just because a vendor offers “five nines” of availability doesn’t mean that you’ll actually get that much uptime. It could be that the vendor is comfortable eating the cost of downtime or that the contract includes provisions for planned maintenance. Whether or not the vendor anticipated your outage does little to mitigate the damage an outage can cause to your business, so be careful of these provisions.
      3. Ensure that the person ultimately responsible for the SLA (the approver) understands the limitations of the agreement and the implications for availability.

      Input

      • List of external component dependencies

      Output

      • SLA requirements

      Materials

      • Whiteboard
      • Markers

      Participants

      • Infrastructure manager
      • Enterprise architect

      Info-Tech Insight

      Vendors are sometimes willing to eat the cost of violating SLAs if they think it will get them a contract. Be careful with negotiation. Just because the vendor says they can do something doesn’t make it true.

      Negotiate internal SLAs using Info-Tech’s rigorous process

      Talking past each other can drive misalignment between IT and the business, inconveniencing all involved. Quantify your needs through an internal SLA as part of a comprehensive availability management plan.

      See Info-Tech’s Improve IT-Business Alignment Through an Internal SLA blueprint for instructions on why you should develop internal SLAs and the potential benefits they bring.

      If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop.

      The image contains a picture of an Info-Tech analyst.

      Book a workshop with our Info-Tech analysts:

      • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
      • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
      • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

      The following are sample activities that will be conducted by Info-Tech analysts with your team:

      1.2

      The image contains a screenshot of activity 1.2 as previously described above.

      Create a list of dependencies for your most important applications

      Using the results of the business impact analysis, the analyst will guide workshop participants through a dependency mapping exercise that will eventually populate the Capacity Plan Template.

      Phase 1 Guided Implementation

      Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

      Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

      Guided Implementation 1: Conduct a business impact analysis

      Proposed Time to Completion: 1 week

      Step 1.1: Create a scale to measure different levels of impact

      Review your findings with an analyst

      Discuss how you arrived at the rating of your critical systems and their dependencies. Consider whether your external SLAs are appropriate.

      Then complete these activities…

      • Use the results of the business impact analysis to sort systems based on their criticality

      With these tools & templates:

      Business Impact Analysis Tool

      Step 1.2: Assign criticality ratings to services

      Review your findings with an analyst

      Discuss how you arrived at the rating of your critical systems and their dependencies. Consider whether your external SLAs are appropriate.

      Then complete these activities…

      • Create a list of dependencies for your most important applications
      • Identify important sub-components
      • Use best practices to develop and negotiate SLAs

      With these tools & templates:

      Capacity Snapshot Tool

      Phase 1 Results & Insights:

      • Engaging in detailed capacity planning for an insignificant service is a waste of resources. Focus on ensuring availability for your most critical systems.
      • Carefully evaluate vendors’ service offerings. Make sure the SLA works for you, and approach pie-in-the-sky promises with skepticism.

      PHASE 2

      Establish Visibility Into Core Systems

      Step 2.1: Define your monitoring strategy

      This step will walk you through the following activities:

      • Determine the indicators you should be tracking for each sub-component.

      This involves the following participants:

      • Capacity manager
      • Infrastructure team

      Outcomes of this step

      • List of indicators to track for each sub-component

      Data has its significance—but also its limitations

      The rise of big data can be a boon for capacity managers, but be warned: not all data is created equal. Bad data can lead to bad decisions – and unemployed capacity managers.

      Your findings are only as good as your data. Remember: garbage in, garbage out. There are three characteristics of good data:*

      1. Accuracy: is the data exact and correct? More detail and confidence is better.
      2. Reliability: is the data consistent? In other words, if you run the same test twice will you get the same results?
      3. Validity: is the information gleaned believable and relevant?

      *National College of Teaching & Leadership, “Reliability and Validity”

      "Data is king. Good data is absolutely essential to [the capacity manager] role."

      – Adrian Blant, Independent Capacity Consultant, IT Capability Solutions

      Info-Tech Best Practice

      Every organization’s data needs are different; your data needs are going to be dictated by your services, delivery model, and business requirements. Make sure you don’t confuse volume with quality, even if others in your organization make that mistake.

      Take advantage of technology to establish visibility into your systems

      Managing your availability and capacity involves important decisions about what to monitor and how thresholds should be set.

      • Use the list of critical applications developed through the business impact analysis and the list of components identified in the dependency mapping exercise to produce a plan for effectively monitoring component availability and capacity.
      • The nature of IT service provision – the multitude of vendors providing hardware and services necessary for even simple IT services to work effectively – means that it is unlikely that capacity management will be visible through a single pane of glass. In other words, “email” and “CRM” don’t have a defined capacity. It always depends.
      • Establishing visibility into systems involves identifying what needs to be tracked for each component.

      Too much monitoring can be as bad as the inverse

      In 2013, a security breach at US retailer Target compromised more than 70 million customers’ data. The company received an alert, but it was thought to be a false positive because the monitoring system produced so many false and redundant alerts. As a result of the daily deluge, staff did not respond to the breach in time.

      Info-Tech Insight

      Don’t confuse monitoring with management. While establishing visibility is a crucial step, it is only part of the battle. Move on to this project’s next phase to explore opportunities to improve your capacity/availability management process.

      Determine the indicators you should be tracking for each sub-component

      2.1a Tab 3 of the Capacity Snapshot Tool

      It is nearly impossible to overstate the importance of data to the process of availability and capacity management. But the wrong data will do you no good.

      Instructions

      1. Open the Capacity Snapshot Tool to tab 2. The tool should have been populated in step 1.2 as part of the component mapping exercise.
      2. For each service, determine which metric(s) would most accurately tell the component’s story. Consider the following questions when completing this activity (you may end up with more than one metric):
      • How would the component’s capacity be measured (storage space, RAM, bandwidth, vCPUs)?
      • Is the metric in question actionable?
    • Record each metric in the Metric column (D) of the Capacity Snapshot Tool. Use the adjacent column for any additional information on metrics.

      • Info-Tech Insight

      Bottlenecks are bad. Use the Capacity Snapshot Tool (or another tool like it) to ensure that when the capacity manager leaves (on vacation, to another role, for good) the knowledge that they have accumulated does not leave as well.

      Understand the limitations of this approach

      Although we’ve striven to make it as easy as possible, this process will inevitably be cumbersome for organizations with a complicated set of software, hardware, and cloud services.

      Tracking every single component in significant detail will produce a lot of noise for each bit of signal. The approach outlined here addresses that concern in two ways:

      • A focus on gold services
      • A focus on sub-components that have a reasonable likelihood of being problematic in the future.

      Despite this effort, however, managing capacity at the component level is a daunting task. Ultimately, tools provided by vendors like SolarWinds and AppDynamics will fill in some of the gaps. Nevertheless, an understanding of the conceptual framework underlying availability and capacity management is valuable.

      Step 2.2: Implement your monitoring tool/aggregator

      This step will walk you through the following activities:

      • Clarify visibility.
      • Determine whether or not you have sufficiently granular visibility.
      • Develop strategies to .any visibility issues.

      This involves the following participants:

      • Capacity manager
      • Infrastructure team
      • Applications personnel

      Outcomes of this step

      • Method for measuring and monitoring critical sub-components

      Companies struggle with performance monitoring because 95% of IT shops don’t have full visibility into their environments

      CASE STUDY

      Industry: Financial Services

      Source: AppDynamics

      Challenge

      • Users are quick to provide feedback when there is downtime or application performance degradation.
      • The challenge for IT teams is that while they can feel the pain, they don’t have visibility into the production environment and thus cannot identify where the pain is coming from.
      • The most common solution that organizations rely on is leveraging the log files for issue diagnosis. However, this method is slow and often unable to pinpoint the problem areas, leading to delays in problem resolution.

      Solution

      • Application and infrastructure teams need to work together to develop infrastructure flow maps and transaction profiles.
      • These diagrams will highlight the path that each transaction travels across your infrastructure.
      • Ideally at this point, teams will also capture latency breakdowns across every tier that the business transaction flows through.
        • This will ultimately kick start the baselining process.

      Results

      • Ninety-five percent of IT departments don’t have full visibility into their production environment. As a result, a slow business transaction will often require a war-room approach where SMEs from across the organization gather to troubleshoot.
      • Having visibility into the production environment through infrastructure flow mapping and transaction profiling will help IT teams pinpoint problems.
        • At the very least, teams will be able to identify common problem areas and expedite the root-cause analysis process.

      Source: “Just how complex can a Login Transaction be? Answer: Very!,” AppDynamics

      Monitor your critical sub-components

      Establishing a monitoring plan for your capacity involves answering two questions: can I see what I need to see, and can I see it with sufficient granularity?

      • Having the right tool for the job is an important step towards effective capacity and availability management.
      • Application performance management tools (APMs) are essential to the process, but they tend to be highly specific and vertically oriented, like using a microscope.
      • Some product families can cover a wider range of capacity monitoring functions (SolarWinds, for example). It is still important, however, to codify your monitoring needs.

      "You don’t use a microscope to monitor an entire ant farm, but you might use many microscopes to monitor specific ants."

      – Fred Chagnon, Research Director, Infrastructure Practice, Info-Tech Research Group

      Monitor your sub-components: clarify visibility

      2.2a Tab 2 of the Capacity Snapshot Tool

      The next step in capacity management is establishing whether or not visibility (in the broad sense) is available into critical sub-components.

      Instructions

      1. Open the Capacity Snapshot Tool and record the list of sub-components identified in the previous step.
      2. For each sub-component answer the following question:
      • Do I have easy access to the information I need to monitor to ensure this component remains available?
    • Select “Yes” or “No” from the drop-down menus as appropriate. In the adjacent column record details about visibility into the component.
      • What tool provides the information? Where can it be found?

      The image contains a screenshot of Info-Tech's Capacity Snapshot Tool, Tab 2.

      Monitor your sub-components; determine whether or not you have sufficient granular visibility

      2.2b Tab 2 of the Capacity Snapshot Tool

      Like ideas and watches, not all types of visibility are created equal. Ensure that you have access to the right information to make capacity decisions.

      Instructions

      1. For each of the sub-components clarify the appropriate level of granularity for the visibility gained to be useful. In the case of storage, for example, is raw usage (in gigabytes) sufficient, or do you need a breakdown of what exactly is taking up the space? The network might be more complicated.
      2. Record the details of this ideation in the adjacent column.
      3. Select “Yes” or “No” from the drop-down menu to track the status of each sub-component.

      The image contains a picture of an iPhone storage screen where it breaks down the storage into the following categories: apps, media, photos, and other.

      For most mobile phone users, this breakdown is sufficient. For some, more granularity might be necessary.

      Info-Tech Insight

      Make note of monitoring tools and strategies. If anything changes, be sure to re-evaluate the visibility status. An outdated spreadsheet can lead to availability issues if management is unaware of looming problems.

      Develop strategies to ameliorate any visibility issues

      2.2c 1 hour

      The Capacity Snapshot Tool color-codes your components by status. Green – visibility and granularity are both sufficient; yellow – visibility exists, though not at sufficient granularity; and red – visibility does not exist at all.

      Instructions

      1. Write each of the yellow and red sub-components on a whiteboard or piece of chart paper.
      2. Brainstorm amelioration strategies for each of the problematic sub-components.
      • Does the current monitoring tool have sufficient functionality?
      • Does it need to be further configured/customized?
      • Do we need a whole new tool?
    • Record these strategies in the Amelioration Strategy column on tab 4 of the tool.

      • Input

      • Sub-components
      • Capacity Snapshot Tool

      Output

      • Amelioration strategies

      Materials

      • Whiteboard
      • Markers
      • Capacity Snapshot Tool

      Participants

      • Infrastructure manager

      Info-Tech Best Practice

      It might be that there is no amelioration strategy. Make note of this difficulty and highlight it as part of the risk section of the Capacity Plan Template.

      See Info-Tech’s projects on storage and network modernization for additional details

      Leverage other products for additional details on how to modernize your network and storage services.

      The process of modernizing the network is fraught with vestigial limitations. Develop a program to gather requirements and plan.

      As part of the blueprint, Modernize Enterprise Storage, the Modernize Enterprise Storage Workbook includes a section on storage capacity planning.

      If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop.

      The image contains a picture of an Info-Tech analyst.

      Book a workshop with our Info-Tech analysts:

      • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
      • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
      • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

      The following are sample activities that will be conducted by Info-Tech analysts with your team:

      2.2

      The image contains a screenshot of activity 2.2.

      Develop strategies to ameliorate visibility issues

      The analyst will guide workshop participants in brainstorming potential solutions to visibility issues and record them in the Capacity Snapshot Tool.

      Phase 2 Guided Implementation

      Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

      Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

      Guided Implementation 2: Establish visibility into core systems

      Proposed Time to Completion: 3 weeks

      Step 2.1: Define your monitoring strategy

      Review your findings with an analyst

      Discuss your monitoring strategy and ensure you have sufficient visibility for the needs of your organization.

      Then complete these activities…

      • Determine the indicators you should be tracking for each sub-component

      With these tools & templates:

      • Capacity Snapshot Tool

      Step 2.2: Implement your monitoring tool/aggregator

      Review your findings with an analyst

      Discuss your monitoring strategy and ensure you have sufficient visibility for the needs of your organization.

      Then complete these activities…

      • Clarify visibility
      • Determine whether or not you have sufficiently granular visibility
      • Develop strategies to ameliorate any visibility issues

      With these tools & templates:

      • Capacity Snapshot Tool

      Phase 2 Results & Insights:

      • Every organization’s data needs are different. Adapt data gathering, reporting, and analysis according to your services, delivery model, and business requirements.
      • Don’t confuse monitoring with management. Build a system to turn reported data into useful information that feeds into the capacity management process.

      PHASE 3

      Solicit and Incorporate Business Needs

      Step 3.1: Solicit business needs and gather data

      This step will walk you through the following activities:

      • Build relationships with business stakeholders.
      • Analyze usage data and identify trends.
      • Correlate usage trends with business needs.

      This involves the following participants:

      • Capacity manager
      • Infrastructure team members
      • Business stakeholders

      Outcomes of this step

      • System for involving business stakeholders in the capacity planning process
      • Correlated data on business level, service level, and infrastructure level capacity usage

      Summarize your capacity planning activities in the Capacity Plan Template

      The availability and capacity management summary card pictured here is a handy way to capture the results of the activities undertaken in the following phases. Note its contents carefully, and be sure to record specific outputs where appropriate. One such card should be completed for each of the gold services identified in the project’s first phase. Make note of the results of the activities in the coming phase, and populate the Capacity Snapshot Tool. These will help you populate the tool.

      The image contains a screenshot of Info-Tech's Capacity Plan Template.

      Info-Tech Best Practice

      The Capacity Plan Template is designed to be a part of a broader mapping strategy. It is not a replacement for a dedicated monitoring tool.

      Analyze historical trends as a crucial source of data

      The first place to look for information about your organization is not industry benchmarks or your gut (though those might both prove useful).

      • Where better to look than internally? Use the data you’ve gathered from your APM tool or other sources to understand your historical capacity needs and to highlight any periods of unavailability.
      • Consider monitoring the status of the capacity of each of your crucial components. The nature of this monitoring will vary based on the component in question. It can range from a rough Excel sheet all the way to a dedicated application performance monitoring tool.

      "In all cases the very first thing to do is to look at trending…The old adage is ‘you don’t steer a boat by its wake,’ however it’s also true that if something is growing at, say, three percent a month and it has been growing at three percent a month for the last twelve months, there’s a fairly good possibility that it’s going to carry on going in that direction."

      – Mike Lynch, Consultant, CapacityIQ

      Gather relevant data at the business level

      3.1a 2 hours per service

      A holistic approach to capacity management involves peering beyond the beaded curtain partitioning IT from the rest of the organization and tracking business metrics.

      Instructions

      1. Your service/application owners know how changes in business activities impact their systems. Business level capacity management involves responding to those changes. Ask service/application owners what changes will impact their capacity. Examples include:
      • Business volume (net new customers, number of transactions)
      • Staff changes (new hires, exits, etc.)
    • For each gold service, brainstorm relevant metrics. How can you capture that change in business volume?
    • Record these metrics in the summary card of the Capacity Plan Template.
    • In the notes section of the summary card record whether or not you have access to the required business metric.

      • Input

      • Brainstorming
      • List of gold services

      Output

      • Business level data

      Materials

      • In-house solution or commercial tool

      Participants

      • Capacity manager
      • Application/service owners

      Gather relevant data at the service level

      3.1b 2 hours per service

      One level of abstraction down is the service level. Service level capacity management, recall that service level capacity management is about ensuring that IT is meeting SLAs in its service provision.

      Instructions

      1. There should be internal SLAs for each service IT offers. (If not, that’s a good place to start. See Info-Tech’s research on the subject.) Prod each of your service owners for information on the metrics that are relevant for their SLAs. Consider the following:
      • Peak hours, requests per second, etc.
      • This will usually include some APM data.
    • Record these metrics in the summary card of the Capacity Plan Template.
    • Include any visibility issues in the notes in a similar section of the Capacity Plan Template.

      • Input

      • Brainstorming
      • List of gold services

      Output

      • Service level data

      Materials

      • In-house solution or commercial tool

      Participants

      • Capacity manager
      • Application/service owners

      Leverage the visibility into your infrastructure components and compare all of your data over time

      You established visibility into your components in the second phase of this project. Use this data, and that gathered at the business and service levels, to begin analyzing your demand over time.

      • Different organizations will approach this issue differently. Those with a complicated service catalog and a dedicated capacity manager might employ a tool like TeamQuest. If your operation is small, or you need to get your availability and capacity management activities underway as quickly as possible, you might consider using a simple spreadsheet software like Excel.
      • If you choose the latter option, select a level of granularity (monthly, weekly, etc.) and produce a line graph in Excel.
      • Example: Employee count (business metric)

      Jan

      Feb

      Mar

      Apr

      May

      June

      July

      74

      80

      79

      83

      84

      100

      102
      The image contains a graph using the example of employee count described above.

      Note: the strength of this approach is that it is easy to visualize. Use the same timescale to facilitate simple comparison.

      Manage, don’t just monitor; mountains of data need to be turned into information

      Information lets you make a decision. Understand the questions you don’t need to ask, and ask the right ones.

      "Often what is really being offered by many analytics solutions is just more data or information – not insights."

      – Brent Dykes, Director of Data Strategy, Domo

      Info-Tech Best Practice

      You can have all the data in the world and absolutely nothing valuable to add. Don’t fall for this trap. Use the activities in this phase to structure your data collection operation and ensure that your organization’s availability and capacity management plan is data driven.

      Analyze historical trends and track your services’ status

      3.1c Tab 3 of the Capacity Snapshot Tool

      At-a-glance – it’s how most executives consume all but the most important information. Create a dashboard that tracks the status of your most important systems.

      Instructions

      1. Consult infrastructure leaders for information about lead times for new capacity for relevant sub-components and include that information in the tool.
      • Look to historical lead times. (How long does it traditionally take to get more storage?)
      • If you’re not sure, contact an in-house expert, or speak to your vendor
    • Use tab 3 of the tool to record whether your existing capacity will be exceeded before you can stand more hardware up (red), you have a plan to ameliorate capacity issues but new capacity is not yet in place (yellow), or if you are not slated to run out of capacity any time soon (green).
    • Repeat the activity regularly. Include notes about spikes that might present capacity challenges, and information about when capacity may run out.

      • This tool collates and presents information gathered from other sources. It is not a substitute for a performance monitoring tool.

      Build a list of key business stakeholders

      3.1d 10 minutes

      Stakeholder analysis is crucial. Lines of authority can be diffuse. Understand who needs to be involved in the capacity management process early on.

      Instructions

      1. With the infrastructure team, brainstorm a group of departments, roles, and people who may impact demand on capacity.
      2. Go through the list with your team and identify stakeholders from two groups:
      • Line of business: who in the business makes use of the service?
      • Application owner: who in IT is responsible for ensuring the service is up?
    • Insert the list into section 3 of the Capacity Plan Template, and update as needed.

      • Input

      • Gold systems
      • Personnel Information

      Output

      • List of key business stakeholders

      Materials

      • Whiteboard
      • Markers

      Participants

      • Capacity manager
      • Infrastructure staff

      Info-Tech Best Practice

      Consider which departments are most closely aligned with the business processes that fuel demand. Prioritize those that have the greatest impact. Consider the stakeholders who will make purchasing decisions for increasing infrastructure capacity.

      Organize stakeholder meetings

      3.1e 10 hours

      Establishing a relationship with your stakeholders is a necessary step in managing your capacity and availability.

      Instructions

      1. Gather as many of the stakeholders identified in the previous activity as you can and present information on availability and capacity management
      • If you can’t get everyone in the same room, a virtual meeting or even an email blast could get the job done.
    • Explain the importance of capacity and availability management
      • Consider highlighting the trade-offs between cost and availability.
    • Field any questions the stakeholders might have about the process. Be honest. The goal of this meeting is to build trust. This will come in handy when you’re gathering business requirements.
    • Propose a schedule and seek approval from all present. Include the results in section 3 of the Capacity Plan Template.

      • Input

      • List of business stakeholders
      • Hard work

      Output

      • Working relationship, trust
      • Regular meetings

      Materials

      • Work ethic
      • Executive brief

      Participants

      • Capacity manager
      • Business stakeholders

      Info-Tech Insight

      The best capacity managers develop new business processes that more closely align their role with business stakeholders. Building these relationships takes hard work, and you must first earn the trust of the business.

      Bake stakeholders into the planning process

      3.1f Ongoing

      Convince, don’t coerce. Stakeholders want the same thing you do. Bake them into the planning process as a step towards this goal.

      1. Develop a system to involve stakeholders regularly in the capacity planning process.
      • Your system will vary depending on the structure and culture of your organization.
      • See the case study on the following slide for ideas.
      • It may be as simple as setting a recurring reminder in your own calendar to touch base with stakeholders.
    • Liaise with stakeholders regularly to keep abreast of new developments.
      • Ensure stakeholders have reasonable expectations about IT’s available resources, the costs of providing capacity, and the lead times required to source additional needed capacity.
    • Draw on these stakeholders for the step “Gather information on business requirements” later in this phase.

      • Input

      • List of business stakeholders
      • Ideas

      Output

      • Capacity planning process that involves stakeholders

      Materials

      • Meeting rooms

      Participants

      • Capacity manager
      • Business stakeholders
      • Infrastructure team

      A capacity manager in financial services wrangled stakeholders and produced results

      CASE STUDY

      Industry: Financial Services

      Source: Interview

      In financial services, availability is king

      In the world of financial services, availability is absolutely crucial. High-value trades occur at all hours, and any institution that suffers outages runs the risk of losing tens of thousands of dollars, not to mention reputational damage.

      People know what they want, but sometimes they have to be herded

      While line of business managers and application owners understand the value of capacity management, it can be difficult to establish the working relationship necessary for a fruitful partnership.

      Proactively building relationships keeps services available

      He built relationships with all the department heads on the business side, and all the application owners.

      • He met with department heads quarterly.
      • He met with application owners and business liaisons monthly.

      He established a steering committee for capacity.

      He invited stakeholders to regular capacity planning meetings.

      • The first half of each meeting was high-level outlook, such as business volume and IT capacity utilization, and included stakeholders from other departments.
      • The second half of the meeting was more technical, serving the purpose for the infrastructure team.

      He scheduled lunch and learn sessions with business analysts and project managers.

      • These are the gatekeepers of information, and should know that IT needs to be involved when things come down the pipeline.

      Step 3.2: Analyze data and project future needs

      This step will walk you through the following activities:

      • Solicit needs from the business.
      • Map business needs to technical requirements, and technical requirements to infrastructure requirements.
      • Identify inefficiencies in order to remedy them.
      • Compare the data across business, component, and service levels, and project your capacity needs.

      This involves the following participants:

      • Capacity manager
      • Infrastructure team members
      • Business stakeholders

      Outcomes of this step

      • Model of how business processes relate to technical requirements and their demand on infrastructure
      • Method for projecting future demand for your organization’s infrastructure
      • Comparison of current capacity usage to projected demand

      “Nobody tells me anything!” – the capacity manager’s lament

      Sometimes “need to know” doesn’t register with sales or marketing. Nearly every infrastructure manager can share a story about a time when someone has made a decision that has critically impacted IT infrastructure without letting anyone in IT in on the “secret.”

      In brief

      The image contains a picture of a man appearing to be overwhelmed.

      Imagine working for a media company as an infrastructure capacity manager. Now imagine that the powers that be have decided to launch a content-focused web service. Seems like something they would do, right? Now imagine you find out about it the same way the company’s subscribers do. This actually happened – and it shouldn’t have. But a similar lack of alignment makes this a real possibility for any organization. If you don’t establish a systematic plan for soliciting and incorporating business requirements, prepare to lose a chunk of your free time. The business should never be able to say, in response to “nobody tells me anything,” “nobody asked.”

      Pictured: an artist’s rendering of the capacity manager in question.

      Directly solicit requirements from the business

      3.2a 30 minutes per stakeholder

      Once you’ve established, firmly, that everyone’s on the same team, meet individually with the stakeholders to assess capacity.

      Instructions

      1. Schedule a one-on-one meeting with each line of business manager (stakeholders identified in 3.1). Ideally this will be recurring.
      • Experienced capacity managers suggest doing this monthly.
    • In the meeting address the following questions:
      • What are some upcoming major initiatives?
      • Is the department going to expand or contract in a noticeable way?
      • Have customers taken to a particular product more than others?
    • Include the schedule in the Capacity Plan Template, and consider including details of the discussion in the notes section in tab 3 of the Capacity Snapshot Tool.

      • Input

      • Stakeholder opinions

      Output

      • Business requirements

      Materials

      • Whiteboard
      • Markers

      Participants

      • Capacity manager
      • Infrastructure staff

      Info-Tech Insight

      Sometimes line of business managers will evade or ignore you when you come knocking. They do this because they don’t know and they don’t want to give you the wrong information. Explain that a best guess is all you can ask for and allay their fears.

      Below, you will find more details about what to look for when soliciting information from the line of business manager you’ve roped into your scheme.

      1. Consider the following:
      • Projected sales pipeline
      • Business growth
      • Seasonal cycles
      • Marketing campaigns
      • New applications and features
      • New products and services
    • Encourage business stakeholders to give you their best guess for elements such as projected sales or business growth.
    • Estimate variance and provide a range. What can you expect at the low end? The high end? Record your historical projections for an idea of how accurate you are.
    • Consider carefully the infrastructure impact of new features (and record this in the notes section of the Capacity Snapshot Tool).

      • Directly solicit requirements from the business (optional)

      3.2a 1 hour

      IT staff and line of business staff come with different skillsets. This can lead to confusion, but it doesn’t have to. Develop effective information solicitation techniques.

      Instructions

      1. Gather your IT staff in a room with a whiteboard. As a group, select a gold service/line of business manager you would like to use as a “practice dummy.”
      2. Have everyone write down a question they would ask of the line of business representative in a hypothetical business/service capacity discussion.
      3. As a group discuss the merits of the questions posed:
      • Are they likely to yield productive information?
      • Are they too vague or specific?
      • Is the person in question likely to know the answer?
      • Is the information requested a guarded trade secret?
    • Discuss the findings and include any notes in section 3 of the Capacity Plan Template.

      • Input

      • Workshop participants’ ideas

      Output

      • Interview skills

      Materials

      • Whiteboard
      • Markers
      • Sticky notes

      Participants

      • Capacity manager
      • Infrastructure staff

      Map business needs to technical requirements, and technical requirements to infrastructure requirements

      3.2b 5 hours

      When it comes to mapping technical requirements, IT alone has the ability to effectively translate business needs.

      Instructions

      1. Use your notes from stakeholder meetings to assess the impact of any changes on gold systems.
      2. For each system brainstorm with infrastructure staff (and any technical experts as necessary) about what the information gleaned from stakeholder discussions. Consider the following discussion points:
      • How has demand for the service been trending? Does it match what the business is telling us?
      • Have we had availability issues in the past?
      • Has the business been right with their estimates in the past?
    • Estimate what a change in business/service metrics means for capacity.
      • E.g. how much RAM does a new email user require?
    • Record the output in the summary card of the Capacity Plan Template.

      • Input

      • Business needs

      Output

      • Technical and infrastructure requirements

      Materials

      • Whiteboard
      • Markers

      Participants

      • Capacity manager
      • Infrastructure staff

      Info-Tech Insight

      Adapt the analysis to the needs of your organization. One capacity manager called the one-to-one mapping of business process to infrastructure demand the Holy Grail of capacity management. If this level of precision isn’t attainable, develop your own working estimates using the higher-level data

      Avoid putting too much faith in the cloud as a solution to your problem

      Has the rise of on-demand, functionally unlimited services eliminated the need for capacity and availability management?

      Capacity management

      The role of the capacity manager is changing, but it still has a purpose. Consider this:

      • Not everything can move to the cloud. For security/functionality reasons, on-premises infrastructure will continue to exist.
      • Cost management is more relevant than ever in the cloud age. Manage your instances.
      • While a cloud migration might render some component capacity management functions irrelevant, it could increase the relevance of others (the network, perhaps).

      Availability management

      Ensuring services are available is still IT’s wheelhouse, even if that means a shift to a brokerage model:

      • Business availability requirements (as part of the business impact analysis, potentially) are important; internal SLAs and contracts with vendors need to be managed.
      • Even in the cloud environment, availability is not guaranteed. Cloud providers have outages (unplanned, maintenance related, etc.) and someone will have to understand the limitations of cloud services and the impact on availability.

      Info-Tech Insight

      The cloud comes at the cost of detailed performance data. Sourcing a service through an SLA with a third party increases the need to perform your own performance testing of gold level applications. See performance monitoring.

      Beware Parkinson’s law

      A consequence of our infinite capacity for creativity, people have the enviable skill of making work. In 1955, C. Northcote Parkinson pointed out this fact in The Economist . What are the implications for capacity management?

      "It is a commonplace observation that work expands so as to fill the time available for its completion. Thus, an elderly lady of leisure can spend the entire day in writing and despatching a postcard to her niece at Bognor Regis. An hour will be spent in finding the postcard, another in hunting for spectacles, half-an-hour in a search for the address, an hour and a quarter in composition, and twenty minutes in deciding whether or not to take an umbrella when going to the pillar-box in the next street."

      C. Northcote Parkinson, The Economist, 1955

      Info-Tech Insight

      If you give people lots of capacity, they will use it. Most shops are overprovisioned, and in some cases that’s throwing perfectly good money away. Don’t be afraid to prod if someone requests something that doesn’t seem right.

      Optimally align demand and capacity

      When it comes to managing your capacity, look for any additional efficiencies.

      Questions to ask:

      • Are there any infrastructure services that are not being used to their full potential, sitting idle, or allocated to non-critical or zombie functions?
        • Are you managing your virtual servers? If, for example, you experience a seasonal spike in demand, are you leaving virtual machines running after the fact?
      • Do your organization’s policies and your infrastructure setup allow for the use of development resources for production during periods of peak demand?
      • Can you make organizational or process changes in order to satisfy demand more efficiently?

      In brief

      Who isn’t a sports fan? Big games mean big stakes for pool participants and armchair quarterbacks—along with pressure on the network as fans stream games from their work computers. One organization suffered from this problem, and, instead of taking a hardline and banning all streams, opted to stream the game on a large screen in a conference room where those interested could work for its duration. This alleviated strain on the network and kept staff happy.

      Shutting off an idle cloud to cut costs

      CASE STUDY

      Industry:Professional Services

      Source:Interview

      24/7 AWS = round-the-clock costs

      A senior developer realized that his development team had been leaving AWS instances running without any specific reason.

      Why?

      The development team appreciated the convenience of an always-on instance and, because the people spinning them up did not handle costs, the problem wasn’t immediately apparent.

      Resolution

      In his spare time over the course of a month, the senior developer wrote a program to manage the servers, including shutting them down during times when they were not in use and providing remote-access start-up when required. His team alone saved $30,000 in costs over the next six months, and his team lead reported that it would have been more than worth paying the team to implement such a project on company time.

      Identify inefficiencies in order to remediate them

      3.2c 20 minutes per service

      Instructions

      1. Gather the infrastructure team together and discuss existing capacity and demand. Use the inputs from your data analysis and stakeholder meetings to set the stage for your discussion.
      2. Solicit ideas about potential inefficiencies from your participants:
      • Are VMs effectively allocated? If you need 7 VMs to address a spike, are those VMs being reallocated post-spike?
      • Are developers leaving instances running in the cloud?
      • Are particular services massively overprovisioned?
      • What are the biggest infrastructure line items? Are there obvious opportunities for cost reduction there?
    • Record any potential opportunities in the summary of the Capacity Plan Template.

      • Input

      • Gold systems
      • Data inputs

      Output

      • Inefficiencies

      Materials

      • Whiteboard
      • Markers

      Participants

      • Capacity manager
      • Infrastructure staff

      Info-Tech Insight

      The most effective capacity management takes a holistic approach and looks at the big picture in order to find ways to eliminate unnecessary infrastructure usage, or to find alternate or more efficient sources of required capacity.

      Dodging the toll troll by rerouting traffic

      CASE STUDY

      Industry:Telecommunications

      Source: Interview

      High-cost lines

      The capacity manager at a telecommunications provider mapped out his firm’s network traffic and discovered they were using a number of VP circuits (inter building cross connects) that were very expensive on the scale of their network.

      Paying the toll troll

      These VP circuits were supplying needed network services to the telecom provider’s clients, so there was no way to reduce this demand.

      Resolution

      The capacity manager analyzed where the traffic was going and compared this to the cost of the lines they were using. After performing the analysis, he found he could re-route much of the traffic away from the VP circuits and save on costs while delivering the same level of service to their users.

      Compare the data across business, component, and service levels, and project your capacity needs

      3.2d 2 hour session/meeting

      Make informed decisions about capacity. Remember: retain all documentation. It might come in handy for the justification of purchases.

      Instructions

      1. Using either a dedicated tool or generic spreadsheet software like Excel or Sheets, evaluate capacity trends. Ask the following questions:
      • Are there times when application performance degraded, and the service level was disrupted?
      • Are there times when certain components or systems neared, reached, or exceeded available capacity?
      • Are there seasonal variations in demand?
      • Are there clear trends, such as ongoing growth of business activity or the usage of certain applications?
      • What are the ramifications of trends or patterns in relation to infrastructure capacity?
    • Use the insight gathered from stakeholders during the stakeholder meetings, project required capacity for the critical components of each gold service.
    • Record the results of this activity in the summary card of the Capacity Plan Template.

      • Compare current capacity to your projections

      3.2e Section 5 of the Capacity Plan Template

      Capacity management (and, by extension, availability management) is a combination of two balancing acts: cost against capacity and supply and demand.*

      Instructions

      1. Compare your projections with your reality. You already know whether or not you have enough capacity given your lead times. But do you have too much? Compare your sub-component capacity projections to your current state.
      2. Highlight any outliers. Is there a particular service that is massively overprovisioned?
      3. Evaluate the reasons for the overprovisioning.
      • Is the component critically important?
      • Did you get a great deal on hardware?
      • Is it an oversight?
    • Record the results in the notes section of the summary card of the Capacity Plan Template.
      • *Office of Government Commerce 2001, 119.

      In brief

      The fractured nature of the capacity management space means that every organization is going to have a slightly different tooling strategy. No vendor has dominated, and every solution requires some level of customization. One capacity manager (a cloud provider, no less!) relayed a tale about a capacity management Excel sheet programmed with 5,000+ lines of code. As much work as that is, a bespoke solution is probably unavoidable.

      If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop.

      The image contains a picture of an Info-Tech analyst.

      Book a workshop with our Info-Tech analysts:

      • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
      • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
      • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

      The following are sample activities that will be conducted by Info-Tech analysts with your team:

      3.2

      The image contains a screenshot of activity 3.2.

      Map business needs to technical requirements and technical requirements to infrastructure requirements

      The analyst will guide workshop participants in using their organization’s data to map out the relationships between applications, technical requirements, and the underlying infrastructure usage.

      Phase 3 Guided Implementation

      Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

      Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

      Guided Implementation 3: Solicit and incorporate business needs

      Proposed Time to Completion: 2 weeks

      Step 3.1: Solicit business needs and gather data

      Review your findings with an analyst

      Discuss the effectiveness of your strategies to involve business stakeholders in the planning process and your methods of data collection and analysis.

      Then complete these activities…

      • Analyze historical trends and track your services’ status
      • Build a list of key business stakeholders
      • Bake stakeholders into the planning process

      With these tools & templates:

      Capacity Plan Template

      Step 3.2: Analyze data and project future needs

      Review your findings with an analyst

      Discuss the effectiveness of your strategies to involve business stakeholders in the planning process and your methods of data collection and analysis.

      Then complete these activities…

      • Map business needs to technical requirements and technical requirements to infrastructure requirements
      • Compare the data across business, component, and service levels, and project your capacity needs
      • Compare current capacity to your projections

      With these tools & templates:

      Capacity Snapshot Tool

      Capacity Plan Template

      Phase 3 Results & Insights:

      • Develop new business processes that more closely align your role with business stakeholders. Building these relationships takes hard work, and won’t happen overnight.
      • Take a holistic approach to eliminate unnecessary infrastructure usage or source capacity more efficiently.

      PHASE 4

      Identify and Mitigate Risks

      Step 4.1: Identify and mitigate risks

      This step will walk you through the following activities:

      • Identify potential risks.
      • Determine strategies to mitigate risks.
      • Complete your capacity management plan.

      This involves the following participants:

      • Capacity manager
      • Infrastructure team members
      • Business stakeholders

      Outcomes of this step

      • Strategies for reducing risks
      • Capacity management plan

      Understand what happens when capacity/availability management fails

      1. Services become unavailable. If availability and capacity management are not constantly practiced, an inevitable consequence is downtime or a reduction in the quality of that service. Critical sub-component failures can knock out important systems on their own.
      2. Money is wasted. In response to fears about availability, it’s entirely possible to massively overprovision or switch entirely to a pay-as-you-go model. This, unfortunately, brings with it a whole host of other problems, including overspending. Remember: infinite capacity means infinite potential cost.
      3. IT remains reactive and is unable to contribute more meaningfully to the organization. If IT is constantly putting out capacity/availability-related fires, there is no room for optimization and activities to increase organizational maturity. Effective availability and capacity management will allow IT to focus on other work.

      Mitigate availability and capacity risks

      Availability: how often a service is usable (that is to say up and not too degraded to be effective). Consequences of reduced availability can include financial losses, impacted customer goodwill, and reduced faith in IT more generally.

      Causes of availability issues:

      • Poor capacity management – a service becomes unavailable when there is insufficient supply to meet demand. This is the result of poor capacity management.
      • Scheduled maintenance – services go down for maintenance with some regularity. This needs to be baked into service-level negotiations with vendors.
      • Vendor outages – sometimes vendors experience unplanned outages. There is typically a contract provision that covers unplanned outages, but that doesn’t change the fact that your service will be interrupted.

      Capacity: a particular component’s/service’s/business’ wiggle room. In other words, its usage ceiling.

      Causes of capacity issues:

      • Poor demand management – allowing users to run amok without any regard for how capacity is sourced and paid for.
      • Massive changes in legitimate demand – more usage means more demand.
      • Poor capacity planning – predictable changes in demand that go unaddressed can lead to capacity issues.

      Add additional potential causes of availability and capacity risks as needed

      4.1a 30 minutes

      Availability and capacity issues can stem from a number of different causes. Include a list in your availability and capacity management plan.

      Instructions

      1. Gather the group together. Go around the room and have participants provide examples of incidents and problems that have been the result of availability and capacity issues.
      2. Pose questions to the group about the source of those availability and capacity issues.
      • What could have been done differently to avoid these issues?
      • Was the availability/capacity issue a result of a faulty internal/external SLA?
    • Record the results of the exercise in sections 4.1 and 4.2 of the Capacity Plan Template.

      • Input

      • Capacity Snapshot Tool results

      Output

      • Additional sources of availability and capacity risks

      Materials

      • Capacity Plan Template

      Participants

      • Capacity manager
      • Infrastructure staff

      Info-Tech Insight

      Availability and capacity problems result in incidents, critical incidents, and problems. These are addressed in a separate project (incident and problem management), but information about common causes can streamline that process.

      Identify capacity risks and mitigate them

      4.1b 30 minutes

      Based on your understanding of your capacity needs (through written SLAs and informal but regular meetings with the business) highlight major risks you foresee.

      Instructions

      1. Make a chart with two columns on a whiteboard. They should be labelled “risk” and “mitigation” respectively.
      2. Record risks to capacity you have identified in earlier activities.
      • Refer to the Capacity Snapshot Tool for components that are highlighted in red and yellow. These are specific components that present special challenges. Identify the risk(s) in as much detail as possible. Include service and business risks as well.
      • Examples: a marketing push will put pressure on the web server; a hiring push will require more Office 365 licenses; a downturn in registration will mean that fewer VMs will be required to run the service.

      Input

      • Capacity Snapshot Tool results

      Output

      • Inefficiencies

      Materials

      • Whiteboard
      • Markers

      Participants

      • Capacity manager
      • Infrastructure staff

      Info-Tech Insight

      It’s an old adage, but it checks out: don’t come to the table armed only with problems. Be a problem solver and prove IT’s value to the organization.

      Identify capacity risks and mitigate them (cont.)

      4.1b 1.5 hours

      Instructions (cont.)

      1. Begin developing mitigation strategies. Options for responding to known capacity risks fall into one of two camps:
      • Acceptance: responding to the risk is costlier than acknowledging its existence without taking any action. For gold systems, acceptance is typically not acceptable.
      • Mitigation: limiting/reducing, eliminating, or transferring risk (Herrera) comprise the sort of mitigation discussed here.
        • Limiting/reducing: taking steps to improve the capacity situation, but accepting some level of risk (spinning up a new VM, pushing back on demands from the business, promoting efficiency).
        • Eliminating: the most comprehensive (and most expensive) mitigation strategy, elimination could involve purchasing a new server or, at the extreme end, building a new datacenter.
        • Transfer: “robbing Peter to pay Paul,” in the words of capacity manager Todd Evans, is one potential way to limit your exposure. Is there a less critical service that can be sacrificed to keep your gold service online?
    • Record the results of this exercise in section 5 of the Capacity Plan Template.

      • Input

      • Capacity Snapshot Tool results

      Output

      • Capacity risk mitigations

      Materials

      • Whiteboard
      • Markers

      Participants

      • Capacity manager
      • Infrastructure staff

      Info-Tech Insight

      It’s an old adage, but it checks out: don’t come to the table armed only with problems. Be a problem solver and prove IT’s value to the organization.

      Identify availability risks and mitigate them

      4.1c 30 minutes

      While capacity management is a form of availability management, it is not the only form. In this activity, outline the specific nature of threats to availability.

      Instructions

      1. Make a chart with two columns on a whiteboard. They should be labelled “risk” and “mitigation” respectively.
      2. Begin brainstorming general availability risks based on the following sources of information/categories:
      • Vendor outages
      • Disaster recovery
      • Historical availability issues

      The image contains a large blue circle labelled: Availability. Also in the blue circle is a small red circle labelled: Capacity.

      Input

      • Capacity Snapshot Tool results

      Output

      • Availability risks and mitigations

      Materials

      • Whiteboard
      • Markers

      Participants

      • Capacity manager
      • Infrastructure staff

      Info-Tech Best Practice

      A dynamic central repository is a good way to ensure that availability issues stemming from a variety of causes are captured and mitigated.

      Identify availability risks and mitigate them (cont.)

      4.1c 1.5 hours

      Although it is easier said than done, identifying potential mitigations is a crucial part of availability management as an activity.

      Instructions (cont.)

      1. Begin developing mitigation strategies. Options for responding to known capacity risks fall into one of two camps:
      • Acceptance – responding to the risk is costlier than taking it on. Some unavailability is inevitable, between maintenance and unscheduled downtime. Record this, though it may not require immediate action.
      • Mitigation strategies:
        • Limiting/reducing – taking steps to increase availability of critical systems. This could include hot spares for unreliable systems or engaging a new vendor.
        • Eliminating – the most comprehensive (and most expensive) mitigation strategy. It could include selling.
        • Transfer – “robbing Peter to pay Paul,” in the words of capacity manager Todd Evans, is one potential way to limit your exposure. Is there a less critical service that can be sacrificed to keep your gold service online?
    • Record the results of this exercise in section 5 of Capacity Plan Template.

      • Input

      • Capacity Snapshot Tool results

      Output

      • Availability risks and mitigations

      Materials

      • Whiteboard
      • Markers

      Participants

      • Capacity manager
      • Infrastructure staff

      Iterate on the process and present your completed availability and capacity management plan

      The stakeholders consulted as part of the process will be interested in its results. Share them, either in person or through a collaboration tool.

      The current status of your availability and capacity management plan should be on the agenda for every stakeholder meeting. Direct the stakeholders’ attention to the parts of the document that are relevant to them, and solicit their thoughts on the document’s accuracy. Over time you should get a pretty good idea of who among your stakeholder group is skilled at projecting demand, and who over- or underestimates, and by how much. This information will improve your projections and, therefore, your management over time.

      Info-Tech Insight

      Use the experience gained and the artifacts generated to build trust with the business. The meetings should be regular, and demonstrating that you’re actually using the information for good is likely to make hesitant participants in the process more likely to open up.

      If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop.

      The image contains a picture of an Info-Tech analyst.

      Book a workshop with our Info-Tech analysts:

      • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
      • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
      • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

      The following are sample activities that will be conducted by Info-Tech analysts with your team:

      4.1

      The image contains a screenshot of activity 4.1.

      Identify capacity risks and mitigate them

      The analyst will guide workshop participants in identifying potential risks to capacity and determining strategies for mitigating them.

      Phase 4 Guided Implementation

      Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

      Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

      Guided Implementation 4: Identify and mitigate risks

      Proposed Time to Completion: 1 week

      Step 4.1: Identify and mitigate risks

      Review your findings with an analyst

      • Discuss your potential risks and your strategies for mitigating those risks.

      Then complete these activities…

      • Identify capacity risks and mitigate them
      • Identify availability risks and mitigate them
      • Complete your capacity management plan

      With these tools & templates:

      Capacity Snapshot Tool

      Capacity Plan Template

      Phase 4 Results & Insights:

      • Be a problem solver and prove IT’s value to the organization. Capacity management allows infrastructure to drive business value.
      • Iterate and share results. Reinforce your relationships with stakeholders and continue to refine how capacity management transforms your organization’s business processes.

      Insight breakdown

      Insight 1

      Components are critical to availability and capacity management.

      The CEO doesn’t care about the SMTP server. She cares about meeting customer needs and producing profit. For IT capacity and availability managers, though, the devil is in the details. It only takes one faulty component to knock out a service. Keep track and keep the lights on.

      Insight 2

      Ask what the business is working on, not what they need.

      If you ask them what they need, they’ll tell you – and it won’t be cheap. Find out what they’re going to do, and use your expertise to service those needs. Use your IT experience to estimate the impact of business and service level changes on the components that secure the availability you need.

      Insight 3

      Cloud shmoud.

      The role of the capacity manager might be changing with the advent of the public cloud, but it has not disappeared. Capacity managers in the age of the cloud are responsible for managing vendor relationships, negotiating external SLAs, projecting costs and securing budgets, reining in prodigal divisions, and so on.

      Summary of accomplishment

      Knowledge Gained

      • Impact of downtime on the organization
      • Gold systems
      • Key dependencies and sub-components
      • Strategy for monitoring components
      • Strategy for soliciting business needs
      • Projected capacity needs
      • Availability and capacity risks and mitigations

      Processes Optimized

      • Availability management
      • Capacity management

      Deliverables Completed

      • Business Impact Analysis
      • Capacity Plan Template

      Project step summary

      Client Project: Develop an Availability and Capacity Management Plan

      1. Conduct a business impact analysis
      2. Assign criticality ratings to services
      3. Define your monitoring strategy
      4. Implement your monitoring tool/aggregator
      5. Solicit business needs and gather data
      6. Analyze data and project future needs
      7. Identify and mitigate risks

      Info-Tech Insight

      This project has the ability to fit the following formats:

      • Onsite workshop by Info-Tech Research Group consulting analysts.
      • Do-it-yourself with your team.
      • Remote delivery via Info-Tech Guided Implementation.

      Research contributors and experts

      The image contains a picture of Adrian Blant.

      Adrian Blant, Independent Capacity Consultant, IT Capability Solutions

      Adrian has over 15 years' experience in IT infrastructure. He has built capacity management business processes from the ground up, and focused on ensuring a productive dialogue between IT and the business.

      The image contains a picture of James Zhang.

      James Zhang, Senior Manager Disaster Recovery, AIG Technology

      James has over 20 years' experience in IT and 10 years' experience in capacity management. Throughout his career, he has focused on creating new business processes to deliver value and increase efficiency over the long term.

      The image contains a picture of Mayank Banerjee.

      Mayank Banerjee, CTO, Global Supply Chain Management, HelloFresh

      Mayank has over 15 years' experience across a wide range of technologies and industries. He has implemented highly automated capacity management processes as part of his role of owning and solving end-to-end business problems.

      The image contains a picture of Mike Lynch

      Mike Lynch, Consultant, CapacityIQ

      Mike has over 20 years' experience in IT infrastructure. He takes a holistic approach to capacity management to identify and solve key problems, and has developed automated processes for mapping performance data to information that can inform business decisions.

      The image contains a picture of Paul Waguespack.

      Paul Waguespack, Manager of Application Systems Engineering, Tufts Health Plan

      Paul has over 10 years' experience in IT. He has specialized in implementing new applications and functionalities throughout their entire lifecycle, and integrating with all aspects of IT operations.

      The image contains a picture of Richie Mendoza.

      Richie Mendoza, IT Consultant, SMITS Inc.

      Richie has over 10 years' experience in IT infrastructure. He has specialized in using demand forecasting to guide infrastructure capacity purchasing decisions, to provide availability while avoiding costly overprovisioning.

      The image contains a picture of Rob Thompson.

      Rob Thompson, President, IT Tools & Process

      Rob has over 30 years’ IT experience. Throughout his career he has focused on making IT a generator of business value. He now runs a boutique consulting firm.

      Todd Evans, Capacity and Performance Management SME, IBM

      Todd has over 20 years' experience in capacity and performance management. At Kaiser Permanente, he established a well-defined mapping of the businesses workflow processes to technical requirements for applications and infrastructure.

      Bibliography

      451 Research. “Best of both worlds: Can enterprises achieve both scalability and control when it comes to cloud?” 451 Research, November 2016. Web.

      Allen, Katie. “Work Also Shrinks to Fit the Time Available: And We Can Prove It.” The Guardian. 25 Oct. 2017.

      Amazon. “Amazon Elastic Compute Cloud.” Amazon Web Services. N.d. Web.

      Armandpour, Tim. “Lies Vendors Tell about Service Level Agreements and How to Negotiate for Something Better.” Network World. 12 Jan 2016.

      “Availability Management.” ITIL and ITSM World. 2001. Web.

      Availability Management Plan Template. Purple Griffon. 30 Nov. 2012. Web.

      Bairi, Jayachandra, B., Murali Manohar, and Goutam Kumar Kundu. “Capacity and Availability Management by Quantitative Project Management in the IT Service Industry.” Asian Journal on Quality 13.2 (2012): 163-76. Web.

      BMC Capacity Optimization. BMC. 24 Oct 2017. Web.

      Brooks, Peter, and Christa Landsberg. Capacity Management in Today’s IT Environment. MentPro. 16 Aug 2017. Web.

      "Capacity and Availability Management." CMMI Institute. April 2017. Web.

      Capacity and Availability Management. IT Quality Group Switzerland. 24 Oct. 2017. Web.

      Capacity and Performance Management: Best Practices White Paper. Cisco. 4 Oct. 2005. Web.

      "Capacity Management." Techopedia.

      “Capacity Management Forecasting Best Practices and Recommendations.” STG. 26 Jan 2015. Web.

      Capacity Management from the Ground up. Metron. 24 Oct. 2017. Web.

      Capacity Management in the Modern Datacenter. Turbonomic. 25 Oct. 2017. Web.

      Capacity Management Maturity Assessing and Improving the Effectiveness. Metron. 24 Oct. 2017. Web.

      “Capacity Management Software.” TeamQuest. 24 Oct 2017. Web,

      Capacity Plan Template. Purainfo. 11 Oct 2012. Web.

      “Capacity Planner—Job Description.” Automotive Industrial Partnership. 24 Oct. 2017. Web.

      Capacity Planning. CDC. Web. Aug. 2017.

      "Capacity Planning." TechTarget. 24 Oct 2017. Web.

      “Capacity Planning and Management.” BMC. 24 Oct 2017. Web.

      "Checklist Capacity Plan." IT Process Wiki. 24 Oct. 2017. Web.

      Dykes, Brent. “Actionable Insights: The Missing Link Between Data and Business Value.” Forbes. April 26, 2016. Web.

      Evolved Capacity Management. CA Technologies. Oct. 2013. Web.

      Francis, Ryan. “False positives still cause threat alert fatigue.” CSO. May 3, 2017. Web.

      Frymire, Scott. "Capacity Planning vs. Capacity Analytics." ScienceLogic. 24 Oct. 2017. Web.

      Glossary. Exin. Aug. 2017. Web.

      Herrera, Michael. “Four Types of Risk Mitigation and BCM Governance, Risk and Compliance.” MHA Consulting. May 17, 2013.

      Hill, Jon. How to Do Capacity Planning. TeamQuest. 24 Oct. 2017. Web.

      “How to Create an SLA in 7 Easy Steps.” ITSM Perfection. 25 Oct. 2017. Web.

      Hunter, John. “Myth: If You Can’t Measure It: You Can’t Manage It.” W. Edwards Deming Institute Blog. 13 Aug 2015. Web.

      IT Service Criticality. U of Bristol. 24 Oct. 2017. Web.

      "ITIL Capacity Management." BMC's Complete Guide to ITIL. BMC Software. 22 Dec. 2016. Web.

      “Just-in-time.” The Economist. 6 Jul 2009. Web.

      Kalm, Denise P., and Marv Waschke. Capacity Management: A CA Service Management Process Map. CA. 24 Oct. 2017. Web.

      Klimek, Peter, Rudolf Hanel, and Stefan Thurner. “Parkinson’s Law Quantified: Three Investigations in Bureaucratic Inefficiency.” Journal of Statistical Mechanics: Theory and Experiment 3 (2009): 1-13. Aug. 2017. Web.

      Landgrave, Tim. "Plan for Effective Capacity and Availability Management in New Systems." TechRepublic. 10 Oct. 2002. Web.

      Longoria, Gina. “Hewlett Packard Enterprise Goes After Amazon Public Cloud in Enterprise Storage.” Forbes. 2 Dec. 2016. Web.

      Maheshwari, Umesh. “Understanding Storage Capacity.” NimbleStorage. 7 Jan. 2016. Web.

      Mappic, Sandy. “Just how complex can a Login Transaction be? Answer: Very!” Appdynamics. Dec. 11 2011. Web.

      Miller, Ron. “AWS Fires Back at Larry Ellison’s Claims, Saying It’s Just Larry Being Larry.” Tech Crunch. 2 Oct. 2017. Web.

      National College for Teaching & Leadership. “The role of data in measuring school performance.” National College for Teaching & Leadership. N.d. Web,

      Newland, Chris, et al. Enterprise Capacity Management. CETI, Ohio State U. 24 Oct. 2017. Web.

      Office of Government Commerce . Best Practice for Service Delivery. London: Her Majesty’s Stationery Office, 2001.

      Office of Government Commerce. Best Practice for Business Perspective: The IS View on Delivering Services to the Business. London: Her Majesty’s Stationery Office, 2004.

      Parkinson, C. Northcote. “Parkinson’s Law.” The Economist. 19 Nov. 1955. Web.

      “Parkinson’s Law Is Proven Again.” Financial Times. 25 Oct. 2017. Web.

      Paul, John, and Chris Hayes. Performance Monitoring and Capacity Planning. VM Ware. 2006. Web.

      “Reliability and Validity.” UC Davis. N.d. Web.

      "Role: Capacity Manager." IBM. 2008. Web.

      Ryan, Liz. “‘If You Can’t Measure It, You Can’t Manage It’: Not True.” Forbes. 10 Feb. 2014. Web.

      S, Lalit. “Using Flexible Capacity to Lower and Manage On-Premises TCO.” HPE. 23 Nov. 2016. Web.

      Snedeker, Ben. “The Pros and Cons of Public and Private Clouds for Small Business.” Infusionsoft. September 6, 2017. Web.

      Statement of Work: IBM Enterprise Availability Management Service. IBM. Jan 2016. Web.

      “The Road to Perfect AWS Reserved Instance Planning & Management in a Nutshell.” Botmetric. 25 Oct. 2017. Web.

      Transforming the Information Infrastructure: Build, Manage, Optimize. Asigra. Aug. 2017. Web.

      Valentic, Branimir. "Three Faces of Capacity Management." ITIL/ISO 20000 Knowledge Base. Advisera. 24 Oct. 2017. Web.

      "Unify IT Performance Monitoring and Optimization." IDERA. 24 Oct. 2017. Web.

      "What is IT Capacity Management?" Villanova U. Aug. 2017. Web.

      Wolstenholme, Andrew. Final internal Audit Report: IT Availability and Capacity (IA 13 519/F). Transport For London. 23 Feb. 2015. Web.

      Get the Best Discount Possible With a Data-Driven Negotiation Approach

      • Buy Link or Shortcode: {j2store}610|cart{/j2store}
      • member rating overall impact: N/A
      • member rating average dollars saved: N/A
      • member rating average days saved: N/A
      • Parent Category Name: Selection & Implementation
      • Parent Category Link: /selection-and-implementation
      • Vendors have well-honed negotiation strategies that don’t prioritize the customer’s best interest, and they will take advantage of your weaknesses to extract as much money as they can from the deal.
      • IT teams are often working with time pressure and limited resources or experience in negotiation. Even those with an experienced procurement team aren’t evenly matched with the vendor when it comes to the ins and outs of the product.
      • As a result, many have a poor negotiation experience and fail to get the discount they wanted, ultimately leading to dissatisfaction with the vendor.

      Our Advice

      Critical Insight

      • Requirements should always come first, but IT leaders are under pressure to get discounts and cost ends up playing a big role in decision making.
      • Cost is one of the top factors influencing satisfaction with software and the decision to leave a vendor.
      • The majority of software customers are receiving a discount. If you’re in the minority who are not, there are strategies you can and should be using to improve your negotiating skills. Discounts of up to 40% off list price are available to those who enter negotiations prepared.

      Impact and Result

      • SoftwareReviews data shows that there are multiple benefits to taking a concerted approach to negotiating a discount on your software.
      • The most common ways of getting a discount (e.g. volume purchasing) aren’t necessarily the best methods. Choose a strategy that is appropriate for your organization and vendor relationship and that focuses on maximizing the value of your investment for the long term. Optimizing usage or licenses as a discount strategy leads to the highest software satisfaction.
      • Using a vendor negotiation service or advisory group was one of the most successful strategies for receiving a discount. If your team doesn’t have the right negotiation expertise, Info-Tech can help.

      Get the Best Discount Possible With a Data-Driven Negotiation Approach Research & Tools

      Prepare to negotiate

      Leverage insights from SoftwareReviews data to best position yourself to receive a discount through your software negotiations.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      • Get the Best Discount Possible with a Data-Driven Negotiation Approach Storyboard
      [infographic]

      Infrastructure and Operations Priorities 2023

      • Buy Link or Shortcode: {j2store}54|cart{/j2store}
      • member rating overall impact: N/A
      • member rating average dollars saved: N/A
      • member rating average days saved: N/A
      • Parent Category Name: Disruptive & Emerging Technologies
      • Parent Category Link: /disruptive-emerging-technologies
      • Get out of your I&O silo. I&O teams must be expected to work alongside and integrate with cyber security operations.
      • Being unprepared for new ESG reporting mandates without a clear and validated ESG reporting process puts your organization at risk.
      • Get ahead of inflationary pressures with early budgetary planning and identify the gap between the catchup projects and required critical net new investments.

      Our Advice

      Critical Insight

      • Establish I&O within an AI governance program to build trust in AI results, behaviors, and limit legal exposure.
      • Develop data governance program that includes an I&O data steward for oversight.
      • Ready or not, the metaverse is coming to an infrastructure near you. Start expanding I&O technologies and processes to support a metaverse infrastructure.

      Impact and Result

      • Provide a framework that highlight the impacts the threats of an economic slowdown, growing regulatory reporting requirements, cyber security attacks and opportunity that smart governance over AI, data stewardship and the looming explosion of augmented reality and Web 3.0 technologies.
      • Info-Tech can help communicate your I&O priorities into compelling cases for your stakeholders.

      Infrastructure and Operations Priorities 2023 Research & Tools

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Infrastructure & Operations Priorities 2023 – A framework to dive deeper into the trends most relevant to you and your organization

      Discover Info-Tech's six priorities for Infrastructure & Operations leaders.

      Infographic

      Further reading

      Infrastructure &Operations Priorities 2023

      Navigate the liminal space between threats and opportunities.

      2023: A liminal space between threats and opportunities

      Over the last several years, successful CEOs turned to their Infrastructure and Operations (I&O) departments to survive the effects of the pandemic. It was I&O leaders who were able to reconfigure critical infrastructure on the fly to support remote work, adapt to critical supply chain shortages, and work with lines of business managers to innovate operational workflows.

      2023 promises to bring a new set of challenges. Building on the credibility established during the pandemic, I&O is in a unique position to influence the direction a business will take to be successful in a time of austerity.

      I&O members are going to be asked to mitigate the threats of volatility from recession pressures, new cybersecurity attacks, and operational process and litigation from regulatory mandates. At the same time, I&O members are being asked for fundamental digital transformation items to realize long-term opportunities to their organizations in 2023.

      Seemingly counter-intuitive in a time of economic slowdown, organizations in 2023 will want to start the groundwork to realizing the I&O opportunities that unstructured data and artificial intelligence have promised, while prepping for what has been mislabeled as the Metaverse.

      If you are in a traditionally risk adverse industry, you’re more likely to be impacted by the threat mitigation.

      Opportunistic I&O members will use 2023 to proactively jumpstart digital transformation.

      Introduction

      Welcome to the Info-Tech 2023 I&O Priorities Report

      If I&O members learned anything from the last few years, it’s how to tactically respond to the disruptive waves often arising from sources external to the organization. The good news is that Info-Tech’s I&O priorities report provides forward-looking insights to help members become more proactive to the tsunami of change predicted in our Trends Report to happen over the next three to five years.

      Info-Tech I&O priorities are generated through a phased approach. The first phase senses and identifies mega and macro tends in the digital landscape to formulate hypotheses about the trends for the next three to five years. These hypotheses are validated by sending out a survey to Info-Tech members. The responses from 813 members was used to produce an Info-Tech Trends Report focused on major long-term trends.

      The I&O Priorities were determined by combining the I&O member responses within the Info-tech Trends Survey with insightful signals from secondary research, economic markets, regulatory bodies, industry organizations, and vendors. The six I&O priorities identified in this report are presented in a framework that highlight the impacts of an economic slowdown, growing regulatory reporting requirements, cybersecurity threats, smart governance of AI, embracing stewardship of data, and the looming explosion of augmented reality and Web 3.0 technologies.

      We also have a challenge exercise to help you communicate which priorities to focus your I&O organization on. Additionally, we linked some Info-tech research and tools related to the priorities that help your I&O organization formulate actionable plans for each area.

      Priorities

      Six forward-looking priorities for the next year.

      Focus

      Activity to help select which priorities are relevant for you.

      Actions

      Actionable Info-tech research and tools to help you deliver.

      Infrastructure & Operations priorities

      The I&O priorities were determined by combining I&O member responses from the Tech Trends and Priorities 2023 survey with insightful signals from secondary research, economic markets, regulatory bodies, industry organizations, and vendors.

      The image contains a screenshot of the Infrastructure & Operations priorities.

      I&O Priorities 2023

      The image contains a screenshot of the I&O Priorities.

      I&O priorities framework

      Threats signals

      Enhance I&O Cybersecurity

      Produce ESG Reporting

      Recession Readiness

      Get out of your silo. Forget your job description and start doing what needs to be done.

      Infrastructure rarely has authority in these areas, but somehow it ends up with many of the responsibilities. You can't afford to be reactive. Forget about your traditional silo and get out in front of these topics. Not in your job description? Find out whose job it is and make them aware. Better yet – take charge! If you're going to be responsible you might as well be in control.

      Opportunities signals

      AI Governance: Watching the Watchers

      Prep for A Brave New Metaverse

      Data Governance: Cornerstone of Value

      Proper stewardship of data is an I&O must. If thought you had problems with your unstructured data, wait until you see the data sprawl coming from the metaverse.

      I&O needs to be so much more than just an order taker for the dev teams and lines of business. The sprawl of unstructured data in Word, Excel, PDF and PowerPoint was bad historically; imagine those same problems at metaverse scale! Simple storage and connectivity is no longer enough – I&O must move upstream with more sophisticated service and product offerings generated through proper governance and stewardship.

      Challenge: Expand the I&O border

      The hidden message in this report is that I&O priorities extend beyond the traditional scope of I&O functions. I&O members need to collaborate across functional areas to successfully address the priorities presented in this report.

      Info-Tech can help! Align your priorities with our material on how to Build a Business-Aligned IT Strategy. Use a modified version of the Strategy Initiative Template (next slide) to convey your strong opinion on the priorities you need your stakeholders to know about. And do so in a way that is familiar so they will easily understand.

      		The image contains a screenshot of Info-Tech's Maturity Ladder.
      Info-Tech 2023 Trends Survey Results

      Call your Executive Advisor or Counselor to help identify the one or two key messages you want to bring forward for success in 2023!

      Info-Tech IT Strategy Initiative Template, from the IT Strategy Presentation Template & Priorities Report Initiative Template

      .
      The image contains a screenshot of a template for your priorities.

      Protect from threats

      Get out of your silo. Forget your job description and just start doing what needs to be done.

      Enhance I&O Cybersecurity

      Produce ESG Reporting

      Recession Readiness

      Enhance cybersecurity response

      SIGNALS

      Cybersecurity incidents are
      a clear and present danger
      to I&O members.

      Cybersecurity incidents have
      a large financial impact
      on organizations.

      Related Info-Tech Research

      Of the surveyed I&O members, 53% identified cybersecurity incidents as the number one threat disrupting their operations in 2023. It’s understandable, as over 18% of surveyed I&O members experienced a cybersecurity incident in 2022. Alarmingly, 10% of surveyed I&O members didn’t know if they had a cybersecurity incident. The impact to the organization was with 14% of those incidents directly impacting their organizations for anywhere from 6 to 60 days.

      The 2022 report “Cost of a Data Breach” was conducted by IBM and the Ponemon Institute using data from 550 companies (across 17 countries) that experienced a security incident during a 12-month period ending in March 2022. It highlighted that the average total organizational cost of a security breach globally was USD 4.35M (locally these numbers expand to USA at USD 9.44M, Canada at USD 5.64, UK at USD 5.05M, Germany at USD 4.85M).

      (Source: IBM, 2022)

      Enhance cybersecurity response

      SIGNALS

      Organizations' exposure comes from internal and external sources.

      The right tools and process can reduce the impact of a cybersecurity incident.

      Related Info-Tech Research

      The IBM/Ponemon Institute report highlighted the following:

      • 59% of organizations didn’t deploy a zero-trust architecture on critical infrastructure to reduce exposure.
      • 19% of the breaches originated from within their business partner eco-system.
      • 45% were cloud-based.

      (Source: IBM, 2022)

      The IBM/Ponemon Institute report also identified technologies and procedures to reduce the fiscal impacts of cybersecurity breaches. Having a dedicated security incident response team with a regularly tested plan reduced the incident cost by an average of USD 2.66M. A fully implemented AI security deduction and response automation system can provide average incident savings of 27.6%.

      Enhance cybersecurity response

      SIGNALS

      Cybersecurity spending is a major and expanding expenditure for our members.

      Cybersecurity is going
      to include brand misinformation.

      For 36% of surveyed I&O members, cybersecurity consumed between 10-20% of their total budget in 2022. Moreover, cybersecurity defense funding is expected to increase for 57% of I&O members.

      A third of surveyed I&O members viewed misinformation as a major risk to their organization for 2023 and 2024. Only 38% of the I&O members reported that they will have software in place to monitor and manage social media posts.

      Increasing environment and regulatory complexity demands more sophisticated cybersecurity operations.

      Infrastructure teams must be expected to work alongside and integrate with cybersecurity operations.

      Enhance cybersecurity response

      CALL TO ACTION

      Get out of your I&O silo and form cross-functional cybersecurity teams.

      I&O priority actions

      Establish a cross-functional security steering committee to coordinate security processes and technologies. The complexity of managing security across modern applications, cloud, IoT, and network infrastructure that members operate is greater than ever before and requires coordinated teamwork.

      Contain the cyber threat with zero trust (ZT) architecture. Extend ZT to network and critical infrastructure to limit exposure.

      Leverage AI to build vigilant security intelligence. Smart I&O operators will make use of AI automation to augment their security technologies to help detect threats and contain security incidents on critical infrastructure.

      Enhance cybersecurity response

      I&O priority actions

      Build specialized cybersecurity incident management protocols with your service desk. Build integrated security focused teams within service desk operations that continually test and improve security incident response protocols internally and with specialized security vendors. In some organizations, security incident response teams extend beyond traditional infrastructure into social media. Work cross-functionally to determine the risk exposure to misinformation and incident response procedures.

      Treat lost or stolen equipment as a security incident. Develop hardware asset management protocols for tracking and reporting on these incidents and keep a record of equipment disposal. Implement tools that allow for remote deletion of data and report on lost or stolen equipment.

      Produce ESG reporting

      SIGNALS

      Government mandates present an operational risk to I&O members.

      ESG reporting is
      often incomplete.

      Related Info-Tech Research

      Surveyed members identified government-enacted policy changes to be a top risk to disrupting to their business operations in 2023. One of the trends identified by Info-Tech is that the impact of regulations on environmental, social, and governance (ESG) reporting are being rolled out by governments worldwide.

      Alarmingly, only 7% of surveyed members responded that they could very accurately report on their carbon footprint and 23% said they were not able to report accurately at all.

      Produce ESG reporting

      SIGNALS

      ESG mandates are being rolled out globally.

      ESG reporting has greatly expanded since a 2017 report by Task Force on Climate-Related Financial Disclosures (TCFD, 2017) which recommended that organizations disclose climate-related financial metrics for investors to appropriately price climate-related risks to share price. In 2021, the Swiss Finance Institute research paper (Sautner, 2021) identified 29 countries that require ESG reporting, primarily for larger public companies, financial institutions, and state-owned corporations.

      Global ESG mandates

      The image contains a screenshot of a world map that demonstrates the Global ESG Mandates.

      29 nations with ESG mandates identified by the Swiss Finance Institute

      Produce ESG reporting

      SIGNALS

      ESG mandates are being rolled out globally.

      The EU has mandated ESG reporting for approximately 11,700 large public companies with more than 500 employees under the Non-Financial Reporting Directive (NFRD), since 2014. The EU is going to replace the NFRD with the Corporate Sustainability Reporting Directive (European Council, 2022), which has set a 3-year timetable for escalating the ESG reporting level to what is estimated to be about 75% of EU total turnover (WorldFavor, 2022).

      • 2024: Companies with 500 or more employees.
      • 2025: Companies with 250 or more employee or 40M EU in revenue/20M in total assets.
      • 2026: SMEs, smaller credit financial, and captive insurance institutions.

      It's been a long time since most enterprises had to report on things like power efficiency factors.

      But don't think that being in the cloud will insulate you from a renewed interest in ESG reporting.

      Produce ESG reporting

      CALL TO ACTION

      Being unprepared for new ESG reporting mandates without a clear and validated ESG reporting process puts your organization at risk.

      I&O priority actions

      Understand ESG risk exposure. Define the gap between what ESG reporting is required in your jurisdiction and current reporting capabilities to meet them. Build the I&O role with responsibility for ESG reporting.

      Include vendors in ESG reporting. Review infrastructure facilities with landlords, utilities, and hosting providers to see if they can provide ESG reporting on sustainable power generation, then map it to I&O power consumption as part of their contractual obligations. Ask equipment vendors to provide ESG reporting on manufacturing materials and energy consumption to boot-strap data collection.

      Implement a HAM process to track asset disposal and other types of e-waste. Update agreements with disposal vendors to get reporting on waste and recycle volumes.

      Produce ESG reporting

      I&O priority actions

      Implement an ESG reporting framework. There are five major ESG reporting frameworks being used globally. Select one of the frameworks below that makes sense for your organization, and implement it.

      ISO 14001 Environmental Management: Part of the ISO Technical Committee family of standards that allows your organization to understand its legal requirements to become certified in ESG.

      Global Reporting Initiative (GRI) Sustainability Reporting Standards: GRI has been developing ESG reporting standards since 1997. GRI provides a modular ESG framework applicable to all sizes and sectors of organizations worldwide.

      Principles for Responsible Investment: UN-developed framework for ESG reporting framework for disclosure in responsible investments.

      Sustainability Accounting Standards Board (SASB): ESG report framework to be used by investors.

      UN Global Compact: ESG reporting framework based on 10 principles that organizations can voluntarily contribute data to.

      Implement a HAM process to track asset disposal and other types of e-waste. Update agreements with disposal vendors to get reports on waste and recycle volumes.

      Recession readiness

      SIGNALS

      Managing accelerated technical debt.

      Recessionary pressures.

      Related Info-Tech Research

      I&O members experienced a spike in technical debt following the global pandemic economic shutdown, workforce displacement, and highly disrupted supply chains. 2023 presents a clear opportunity to work on these projects.

      The shortages in workforce and supply chain have accelerated inflation post pandemic. Central banks have started to slow down inflation in 2022 by raising interest rates. However, the World Bank has forecast a potential 2% rise in interest rates as the battle with inflation continues into 2023 and beyond, which could set off a global slowdown in GDP growth to 0.5%, qualifying as a recession. If interest rates continue to climb, I&O members may struggle with the higher cost of capital for their investments.

      (Source: World Bank Organization, 2022)

      Recession readiness

      SIGNALS

      I&O budgets expected to increase.

      Focused budgetary increases.

      Despite economists’ prediction of a looming recession and inflationary pressures, only 11% of I&O members surveyed indicated that they anticipated any reduction in IT budgets for 2023. In fact, 44% of I&O members expected an increase of IT budgets of between 6% and 30%.

      These increases in budget are not uniform across all investments. Surveyed I&O members indicated that the largest anticipated budget increases (compared to 2022) were in the areas of:

      • AI/machine learning ( +7.5%)
      • 5G (+7%)
      • Data Mesh/Fabric and Data Lake infrastructure (+5.7% and +4.4%, respectively)
      • Mixed reality technologies (augmented or virtual reality) (+3.3%)
      • Next generation cybersecurity (+1.7%)

      "2022 has been the first true opportunity to start getting caught up on technical debt stemming from the post pandemic supply chain and resource shortages. That catch-up is going to continue for some time.

      Unfortunately, the world isn't sitting still while doing that. In fact, we see new challenges around inflationary pressures. 2023 planning is going to be a balancing act between old and new projects."

      Paul Sparks,
      CTO at Brookshire Grocery Company

      Recession readiness

      SIGNALS

      Tough choices on budgetary spends.

      The responses indicated that I&O members expect decreased reinvestment for 2023 for the following:

      • API programming (-21.7%)
      • Cloud computing (-19.4%)
      • 44% of I&O members indicated if 2023 requires costs cutting, 5-20% of their cloud computing investment will be at risk of the chopping block!
      • Workforce management (-9.4%)
      • No-code /low-code infrastructure (-5.3%)

      Make sure you can clearly measure the value of all budgeted I&O activities.

      Anything that can't demonstrate clear value to leadership is potentially on the chopping block.

      Recession readiness

      CALL TO ACTION

      Get ahead of inflationary pressures with early budgetary planning, and identify the gap between the catch-up projects and required critical net new investments.

      II&O priority actions

      Hedge against inflation on infrastructure projects. Develop and communicate value-based strategies to lock in pricing and mitigate inflationary risk with vendors.

      Communicate value-add on all I&O budgeted items. Define an infrastructure roadmap to highlight which projects are technical debt and which are new strategic investments, and note their value to the organization.

      Look for cost saving technologies. Focus on I&O projects that automate services to increase productivity and optimize head count.

      Realize opportunities

      Build on a record of COVID-related innovation success and position the enterprise to take advantage of 2023.

      AI governance: Watching the watchers

      Data stewardship: Cornerstone of value

      Prep for a brave new metaverse

      AI governance: Watching the watchers

      SIGNALS

      Continued investment
      in AI technologies

      AI technology is permeating diverse I&O functional areas.

      Related Info-Tech Research

      About 32% of survey respondents who work in I&O said that they already invest in AI, and 40% intend to invest in 2023.

      I&O members have identified the following areas as the top five focal points for AI uses within their organizations.

      • Automated repetitive, low-level tasks
      • Business analytics or intelligence
      • Identification of risks and improvement of security response
      • Monitoring and governance
      • Sensor data analysis

      AI governance: Watching the watchers

      SIGNALS

      Consequences for misbehaving AI.

      I&O leaders can expect to have silos of AI in pockets scattered across the enterprise. Without oversight on the learning model and the data used for training and analytics there is a risk of overprovisioning, which could reduce the efficiency and effectiveness of AI models and results.

      This scale advantage of AI could result in operational inefficiencies without oversight. For example, bad governance means garbage in / garbage out. Which is worse: getting 100 outputs from a system with a 1% error rate, or getting 10,000 outputs from a system with an 1% error rate?

      These are just the operational issues; legally you can be on the hook, as well. The EU Parliament has issued a civil liability regime for AI (European Parliament, n.d.) which imposes liability to operators of AI systems, regardless of whether they acted with operational due diligence. Additionally, the IEEE (IEEE, 2019) is advocating for legal frameworks and accountability for AI that violates human rights and privacy laws and causes legal harm.

      Who is going to instill standards for AI Operations? Who is going to put in the mechanisms to validate and explain the output of AI black boxes?

      If you said it’s going to end up
      being Infrastructure and Operations – you were right!

      AI governance: Watching the watchers

      CALL TO ACTION

      Establish I&O within an AI governance program to build trust in AI results and behaviors and limit legal exposure.

      I&O priority actions

      Define who has overall AI accountability for AI governance within I&O. This role is responsible for establishing strategic governance metrics over AI use and results, and identifying liability risks.

      Maintain an inventory of AI use. Conduct an audit of where AI is used within I&O, and identify gaps in documentation and alignment with I&O processes and organizational values.

      Define an I&O success map. Provide transparency of AI use by generating pseudo code of AI models, and scorecard AI decision making with expected predictions and behavioral actions taken.

      AI governance: Watching the watchers

      Manage bias in AI decision making. Work with AI technology vendors to identify how unethical bias can enter the results, using operational data sets for validation prior to rollout.

      Protect AI data sets from manipulation. Generate new secure storage for AI technology audit trails on AI design making and results. Work with your security team to ensure data sets used by AI for training can’t be corrupted.

      Data governance: Cornerstone of value

      SIGNALS

      Data volumes grow
      with time.

      Data is seen as a source for generating new value.

      Related Info-Tech Research

      Of surveyed I&O members, 63% expected to see the data storage grow by at least 10% in 2023, and 15% expected a 30% or more growth in data storage volumes.

      I&O members identified the top three ways data brings value to the organization:

      • Helping reduce operational costs.
      • Presenting value-added to existing products and services.
      • Acquiring new customers.

      Data governance: Cornerstone of value

      SIGNALS

      Approach to data analysis is primarily done in-house.

      85% of surveyed I&O members are doing data analysis with custom-made or external tools. Interestingly, 10% of I&O members do not conduct any data analysis.

      Members are missing a formal data governance process.

      81% of surveyed I&O members do not have a formal or automated process for data governance. Ironically, 24% of members responded that they aim to have publicly accessible data-as-a-service or information repositories.

      Despite investment in data initiatives, organizations carry high levels of data debt.

      Info-Tech research, Establish Data Governance, points out that data debt, the accumulated cost associated with sub-optimal governance of data assets, is a problem for 78% of organizations.

      What the enterprise expects out of enterprise storage is much more complicated in 2023.

      Data protection and governance are non-negotiable aspects of enterprise storage, even when it’s unstructured.

      Data governance: Cornerstone of value

      SIGNALS

      Data quality is the primary driver for data governance.

      The data governance market
      is booming.

      Related Info-Tech Research

      In the 2022 Zaloni survey of data governance professionals, 71% indicated that consistent data quality was the top metric for data governance, followed by reduced time to insight and regulatory compliance.

      (Source: Zaloni DATAVERSITY, 2022)

      The Business Research Company determined that the global data governance market is expected to grow from $3.28 billion in 2022 to $7.42 billion in 2026 at a CAGR of 22.7% in response to 74 zettabytes of data in 2021, with a growth rate of 1.145 trillion MB of new data being created every day.

      (Source: Business Research Company, 2022)

      Data governance: Cornerstone of value

      CALL TO ACTION

      Develop a data governance program that includes an I&O data steward for oversight.

      I&O priority actions

      Establish an I&O data steward. Make data governance by establishing a data steward role with accountability for governance. The steward works collaboratively with DataOPs to control access to I&O data, enforce policies, and reduce the time to make use of the data.

      Define a comprehensive storage architecture. If you thought you had a data sprawl problem before, wait until you see the volume of data generated from IoT and Web 3.0 applications. Get ahead of the problem by creating an infrastructure roadmap for structured and unstructured data storage.

      Build a solid backbone for AI Operations using data quality best practices. Data quality is the foundation for generation of operational value from the data and artificial intelligence efforts. Focus on using a methodology to build a culture of data quality within I&O systems and applications that generate data rather than reactive fixes.

      Look to partner with third-party vendors for your master data management (MDM) efforts. Modern MDM vendors can work with your existing data fabrics/lake and help leverage your data governance policies into the cloud.

      Prep for a brave new metaverse

      SIGNALS

      From science fiction to science fact.

      The term metaverse was coined in 1992 by Neal Stephenson and is a common theme in science fiction. For most I&O surveyed professionals, the term metaverse conjures up more confusion than clarity, as it’s not one place, but multiple metaverse worlds. The primordial metaverse was focused on multiplayer gaming and some educational experiences. It wasn’t until recently that it gained a critical mass in the fashion and entertainment industries with the use of non-fungible tokens (NFT). The pandemic created a unique opportunity for metaverse-related technologies to expand Web 3.0.

      Related Info-Tech Research

      Prep for a brave new metaverse

      SIGNALS

      Collaboration and beyond.

      On one hand, metaverse technologies virtual reality(VR)/augmented reality (AR) headsets can be a method of collaborating internally within a single organization. About 10% of our surveyed I&O members engaged this type of collaborative metaverse in 2022, with another 24% looking to run proof of concept projects in 2023. However, there is a much larger terrain for metaverse projects outside of workforce collaboration, which 17% of surveyed I&O members are planning to engage with in 2023.

      These are sophisticated new metaverse worlds, and digital twins of production environments are being created for B2B collaboration, operations, engineering, healthcare, architecture, and education that include the use of block chain, NFTs, smart contracts, and other Web 3.0 technologies

      “They are the audiovisual bodies that people use to communicate with each other in the Metaverse.”

      Neal Stephenson,
      Snow Crash 1992

      Prep for a brave new metaverse

      SIGNALS

      Metaverse requires multidimensional security.

      Security in the context of the metaverse presents new challenges to I&O. The infrastructure that runs the metaverse is still vulnerable to “traditional” security threats. New attack vectors include financial and identity fraud, privacy and data loss, along with new cyber-physical threats which are predicted to occur as the metaverse begins to integrate with IoT and other 3D objects in the physical world.

      The ultimate in "not a product" – the metaverse promises to be a hodgepodge of badly standardized technologies for the near future.

      Be prepared to take care of pets and not cattle for the foreseeable future, but keep putting the fencing around the ranch.

      Prep for a brave new metaverse

      SIGNALS

      Generating new wave of sophisticated engineering coming.

      Economics boom around metaverse set to explode.

      Related Info-Tech Research

      Beyond the current online educational resources, there are reputable universities around the world, including Stanford University, that are offering courses on metaverse and Web 3.0 concepts.

      (Source: Arti, 2022)

      So, what’s providing the impetus for all this activity and investment? Economics. In their 2022 report, Metaverse and Money, Citi estimated that the economic value of the metaverse(s) will have 900M to 1B VR/AR users and 5 billion Web 3.0 users with market sizes of $1-2T and $8-$13T, respectively. Yes, that’s a “T” for Trillions.

      (Source: Ghose, 2022)

      Prep for a brave new metaverse

      CALL TO ACTION

      Ready or not, the metaverse is coming to an infrastructure near you. Start expanding I&O technologies and processes to support a metaverse infrastructure.

      I&O priority actions

      Develop a plan for network upgrades.

      A truly immersive VR/AR experience requires very low latency. Identify gaps and develop a plan to enhance your network infrastructure surrounding your metaverse space(s) and end users.

      Extend security posture into the metaverse.

      Securing the infrastructure that runs your metaverse is going to extend the end-user equipment used to navigate it. More importantly, security policies need to encompass the avatars that navigate it and the spatial web that they interact with, which can include physical world items like IoT.

      Prep for a brave new metaverse

      I&O priority actions

      Metaverse theft prevention

      Leverage existing strategies to identify management in the metaverse. Privacy policies need to extend their focus to data loss prevention within the metaverse.

      Collaborate

      The skill set required to build, deploy, manage, and support the metaverse is complex. Develop a metaverse support organization that extends beyond I&O functions into security, DevOps, and end-user experiences.

      Educate

      Web 3.0 technologies and business models are complex. Education of I&O technical- and commerce-focused team members is going to help prevent you from getting blindsided. Seek out specialized training programs for technical staff and strategic education for executives, like the Wharton School of Business certification program.

      Authors

      John Annand

      Theo Antoniadis

      John Annand

      Principal Research Director

      Theo Antoniadis

      Principal Research Director

      Contributors

      Paul Sparks,
      CTO at Brookshire Grocery Company

      2 Anonymous Contributors

      Figuring out the true nature of the “Turbo” button of his 486DX100 launched John on a 20-year career in managed services and solution architecture, exploring the secrets of HPC, virtualization, and DIY WANs built with banks of USR TotalControl modems. Today he focuses his research and advisory on software-defined infrastructure technologies, strategy, organization, and service design in an increasingly Agile and DevOps world.

      Theo has decades of operational and project management experience with start-ups and multinationals across North America and Europe. He has held various consulting, IT management and operations leadership positions within telecommunications, SaaS, and software companies.

      Bibliography

      “3 Cybersecurity Trends that are Changing Financial Data Management." FIMA US. Accessed August 2022.
      Arti. “While much of the world is just discovering the Metaverse, a number of universities have already established centers for studying Web 3." Analytics Insight. 10 July 2022.
      “Artificial intelligence (AI) for cybersecurity." IBM. Accessed September 2022
      “Business in the Metaverse Economy." Wharton School of University of Pennsylvania. Accessed October 2022.
      “Cost of a data breach 2022: A million-dollar race to detect and respond." IBM. Accessed September 2022.
      “Countries affected by mandatory ESG reporting – here’s the list." New Zealand Ministry of Business, Innovation & Employment. Accessed September 2022.
      “Countries affected by mandatory ESG reporting – here’s the list.” WorldFavor. Accessed September 2022.
      Crenshaw, Caroline A. “SEC Proposes to Enhance Disclosures by Certain Investment Advisers and Investment Companies About ESG Investment Practices." U.S. Securities and Exchange Commission. May 2022.
      “Cutting through the metaverse hype: Practical guidance and use cases for business." Avanade. Accessed October 2022.
      “Data Governance Global Market Sees Growth Rate Of 25% Through 2022." The Business Research Company. August 2022.
      “DIRECTIVE 2014/95/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 22 October 2014 amending Directive 2013/34/EU as regards disclosure of non-financial and diversity information by certain large undertakings and groups." UER-Lex. Accessed September 2022.
      "Ethically Aligned Design: A Vision for Prioritizing Human Well-being with Autonomous and Intelligent Systems." IEEE. March 2019.
      “European Parliament resolution of 20 October 2020 with recommendations to the Commission on a civil liability regime for artificial intelligence." European Parliament. Accessed October 2022.
      Ghose, Ronit et al. "Metaverse and Money." Citi GPS. March 2022.
      Hernandez, Roberto, et al. “Demystifying the metaverse." PWC. Accessed August 2022.
      Info-Tech Trends Report Survey, 2023; N=813.
      “ISO 14000 Family: Environmental Management." ISO. Accessed October 2022.
      Knight, Michelle & Bishop, Annie, ”The 2022 State of Cloud Data Governance.“ Zaloni DATAVERSITY. 2022.

      Bibliography

      Kompella, Kashyap, “What is AI governance and why do you need it?“ TechTarget. March 2022.
      “Management of electronic waste worldwide in 2019, by method." Statista. 2022.
      “Model Artificial Intelligence Governance Framework and Assessment Guide.“ World Economic Forum. Accessed September 2022.
      “Model Artificial Intelligence Governance Framework." PDPC Singapore. Accessed October 2022.
      “New rules on corporate sustainability reporting: provisional political agreement between the Council and the European Parliament.“ European Council. June 2022.
      "OECD Economic Outlook Volume 2022." OECD iLibrary. June 2022.
      "Recommendations of the Task Force on Climate-related Financial Disclosures." TCFD. Accessed August 2022.
      “Risk of Global Recession in 2023 Rises Amid Simultaneous Rate Hikes.” World Bank Organization. September 2022.
      Sautner, Zacharias, et al. “The Effects of Mandatory ESG Disclosure around the World.” SSRN. November 2021.
      Sondergaard, Peter. “AI GOVERNANCE – WHAT ARE THE KPIS? AND WHO IS ACCOUNTABLE?“ The Sondergaard Group. November 2019.
      Srivastavam Sudeep, “How can your business enter the Metaverse?." Appinventiv.
      September 2022.
      “Standards Overview." SASB. Accessed October 2022.
      Stephenson, Neal. Snow Crash. Bantam Books, 1992.
      “Sustainability Reporting Standards." Global Reporting Initiative. Accessed October 2022.
      “The Ten Principles of the UN Global Compact." UN Global Compact. Accessed October 2022.
      Tian Tong Lee, Sheryl. "China Unveils ESG Reporting Guidelines to Catch Peers.” Bloomberg. May 2022.
      “What are the Principles for Responsible Investment?" UNPRI. Accessed October 2022.
      "What is the EU's Corporate Sustainability Reporting Directive (CSRD)?" WorldFavor.
      June 2022.
      West, Darrell M. “Six Steps to Responsible AI in the Federal Government.“ Brookings Institution. March 2022. Web.

      Master Your Security Incident Response Communications Program

      • Buy Link or Shortcode: {j2store}321|cart{/j2store}
      • member rating overall impact: 8.0/10 Overall Impact
      • member rating average dollars saved: $2,339 Average $ Saved
      • member rating average days saved: 5 Average Days Saved
      • Parent Category Name: Threat Intelligence & Incident Response
      • Parent Category Link: /threat-intelligence-incident-response
      • When a significant security incident is discovered, usually very few details are known for certain. Nevertheless, the organization will need to say something to affected stakeholders.
      • Security incidents tend to be ongoing situations that last considerably longer than other types of crises, making communications a process rather than a one-time event.
      • Effective incident response communications require collaboration from: IT, Legal, PR, and HR – groups that often speak “different languages.”

      Our Advice

      Critical Insight

      • There’s no such thing as successful incident response communications; strive instead for effective communications. There will always be some fallout after a security incident, but it can be effectively mitigated through honesty, transparency, and accountability.
      • Effective external communications begin with effective internal communications. Security Incident Response Team members come from departments that don’t usually work closely with each other. This means they often have different ways of thinking and speaking about issues. Be sure they are familiar with each other before a crisis occurs.
      • You won’t save face by withholding embarrassing details. Lying only makes a bad situation worse, but coming clean and acknowledging shortcomings (and how you’ve fixed them) can go a long way towards restoring stakeholders’ trust.

      Impact and Result

      • Effective and efficient management of security incidents involves a formal process of preparation, detection, analysis, containment, eradication, recovery, and post-incident activities: communications must be integrated into each of these phases.
      • Understand that prior planning helps to take the guesswork out of incident response communications. By preparing for several different types of security incidents, the communications team will get used to working with each other, as well as learning what strategies are and are not effective. Remember, the communications team contains diverse members from various departments, and each may have different ideas about what information is important to release.

      Master Your Security Incident Response Communications Program Research & Tools

      Start here – read the Executive Brief

      Read our concise Executive Brief to find out why you should implement a security incident response communications plan, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Dive into communications planning

      This phase addresses the benefits and challenges of incident response communications and offers advice on how to assemble a communications team and develop a threat escalation protocol.

      • Master Your Security Incident Response Communications Program – Phase 1: Dive Into Communications Planning
      • Security Incident Management Plan

      2. Develop your communications plan

      This phase focuses on creating an internal and external communications plan, managing incident fallout, and conducting a post-incident review.

      • Master Your Security Incident Response Communications Program – Phase 2: Develop Your Communications Plan
      • Security Incident Response Interdepartmental Communications Template
      • Security Incident Communications Policy Template
      • Security Incident Communications Guidelines and Templates
      • Security Incident Metrics Tool
      • Tabletop Exercises Package
      [infographic]

      Optimize Your SQA Practice Using a Full Lifecycle Approach

      • Buy Link or Shortcode: {j2store}405|cart{/j2store}
      • member rating overall impact: 10.0/10 Overall Impact
      • member rating average dollars saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
      • member rating average days saved: Read what our members are saying
      • Parent Category Name: Testing, Deployment & QA
      • Parent Category Link: /testing-deployment-and-qa
      • Your software quality assurance (SQA) program is using the wrong set of metrics to measure how process improvements influence product quality improvements.
      • Roles & responsibilities and quality assurance initiatives are not well defined and need to be allocated to individuals that can be held responsible for quality-related issues.
      • You are finding it hard to determine a causation between SQA process improvements and an improvement in product quality.

      Our Advice

      Critical Insight

      • Your product is only as good as your process. A robust development and SQA process creates artifacts that are highly testable, easily maintained, and strongly traceable across the development lifecycle, ensuring that the product delivered meets expectations set out by the business.
      • A small issue within your development process can have a ripple effect on the level of product quality. Discover what you don’t know and identify areas within your SQA practice that require attention.

      Impact and Result

      • SQA must be viewed as more than defect analysis and testing. Instead, place greater emphasis on preventative measures to ensure application quality across the entire development lifecycle.
      • IT must create a comprehensive SQA plan that delineates roles and responsibilities as they relate to quality assurance. Ensure tasks and procedures improve process efficiency and quality, and formalize metrics that help to implement a continuous improvement cycle for SQA.
      • Our methodology provides simple-to-follow steps to develop an SQA plan that provides clear insight into your current quality assurance practices.
      • Establish a synchronous relationship between the business and IT to help stakeholders understand the importance and relative value of quality assurance tasks to current costs.

      Optimize Your SQA Practice Using a Full Lifecycle Approach Research & Tools

      Start here – read the Executive Brief

      Read our concise Executive Brief to find out why you should optimize your SQA practice using a full lifecycle approach, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Assess your current SQA capabilities

      Evaluate and understand your current SQA capabilities, as well as the degree to which metric objectives are being met.

      • Optimize Your SQA Practice Using a Full Lifecycle Approach – Phase 1: Assess Your Current SQA Capabilities
      • Software Quality Assurance Current State Assessment Tool
      • Software Quality Assurance Assessment Workbook

      2. Define SQA target state processes

      Identify and define SQA processes and metrics needed to meet quality objectives set by development teams and the business.

      • Optimize Your SQA Practice Using a Full Lifecycle Approach – Phase 2: Define SQA Target State Processes

      3. Determine optimization initiatives for improving your SQA practice

      Build your SQA plan and optimization roadmap.

      • Optimize Your SQA Practice Using a Full Lifecycle Approach – Phase 3: Determine Optimization Initiatives
      • Software Quality Assurance Plan Template
      • Software Quality Assurance Optimization Roadmap Tool
      • Software Quality Assurance Communication Template
      [infographic]

      Workshop: Optimize Your SQA Practice Using a Full Lifecycle Approach

      Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

      1 Assess Your Current SQA Capabilities

      The Purpose

      To help you assess and understand your current SQA capabilities as well as the degree to which metric objectives are being met.

      Key Benefits Achieved

      An analysis of current SQA practices to provide insight into potential inefficiencies, opportunities, and to provide the business with sufficient rationale for improving current quality assurance initiatives.

      Activities

      1.1 Conduct a high-level assessment of where to focus your current state analysis.

      1.2 Document your high-level development process.

      1.3 Create a RACI chart to understand roles and responsibilities.

      1.4 Perform a SIPOC-MC analysis for problem areas identified in your SDLC.

      1.5 Identify the individual control points involved with passing software artifacts through SDLC stages being assessed.

      1.6 Identify problem areas within your SDLC as they relate to SQA.

      Outputs

      Understanding of current overall development process and where it is most weak in the context of quality assurance

      Understanding of assigned roles and responsibilities across development teams, including individuals who are involved with making quality-related decisions for artifact hand-off

      Identification of problem areas within SQA process for further analysis

      2 Define SQA Target State Processes

      The Purpose

      To help you identify and define SQA processes and metrics needed to meet quality objectives set out by development teams and the business.

      Key Benefits Achieved

      A revised list of key SQA tasks along with metrics and associated tolerance limits used universally for all development projects.

      Activities

      2.1 Establish SQA metrics and tolerance limits across your SDLC.

      2.2 Determine your target state for SQA processes within the define/design stage of the SDLC.

      2.3 Determine your target state for SQA processes within the development stage of the SDLC.

      2.4 Determine your target state for SQA processes within the testing stage of the SDLC.

      2.5 Determine your target state for SQA processes within the deploy/release stage of the SDLC.

      Outputs

      Identification of the appropriate metrics and their associated tolerance limits to provide insights into meeting quality goals and objectives during process execution

      Identification of target state SQA processes that are required for ensuring quality across all development projects

      3 Prioritize SQA Optimization Initiatives and Develop Optimization Roadmap

      The Purpose

      Based on discovered inefficiencies, define optimization initiatives required to improve your SQA practice.

      Key Benefits Achieved

      Optimization initiatives and associated tasks required to address gaps and improve SQA capabilities.

      Activities

      3.1 Determine optimization initiatives for improving your SQA process.

      3.2 Gain the full scope of effort required to implement your SQA optimization initiatives.

      3.3 Identify the enablers and blockers of your SQA optimization.

      3.4 Define your SQA optimization roadmap.

      Outputs

      Prioritized list of optimization initiatives for SQA

      Assessment of level of effort for each SQA optimization initiative

      Identification of enablers and blockers for optimization initiatives

      Identification of roadmap timeline for implementing optimization initiatives

      M&A Runbook for Infrastructure and Operations

      • Buy Link or Shortcode: {j2store}60|cart{/j2store}
      • member rating overall impact: 9.0/10 Overall Impact
      • member rating average dollars saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
      • member rating average days saved: Read what our members are saying
      • Parent Category Name: Strategy and Organizational Design
      • Parent Category Link: /strategy-and-organizational-design
      • I&O is often the last to be informed of an impending M&A deal.
      • The business doesn’t understand the necessary requirements or timeline for integration.
      • It’s hard to prioritize when you’re buried under a mountain of work.
      • Documentation may be lacking or nonexistent, and members of the target organization may be uncooperative.

      Our Advice

      Critical Insight

      • Manage expectations. The business often expects integration in days or weeks, not months or years. You need to set them straight.
      • Open your checkbook and prepare to hire. Integration will require a temporary increase in resources.
      • Tackle organizational and cultural change. People are harder to integrate than technology. Culture change is the hardest part, and the integration plan should address it.

      Impact and Result

      • Tailor your approach based on the business objectives of the merger or acquisition.
      • Separate the must-haves from the nice-to-haves.
      • Ensure adequate personnel and budget.
      • Plan for the integration into normal operations.

      M&A Runbook for Infrastructure and Operations Research & Tools

      Start here – read the Executive Brief

      Read our concise Executive Brief to find out how to partner with the business to conquer the challenges in your next merger or acquisition.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Establish goals

      Partner with the business to determine goals and establish high-level scope.

      • M&A Runbook for Infrastructure and Operations – Phase 1: Establish Goals
      • I&O M&A Project Napkin

      2. Conduct discovery

      Find out what the target organization’s I&O looks like.

      • M&A Runbook for Infrastructure and Operations – Phase 2: Conduct Discovery
      • I&O M&A Discovery Letter Template
      • I&O M&A Discovery Template
      • I&O M&A Workbook
      • I&O M&A Risk Assessment Tool

      3. Plan short-term integration

      Build a plan to achieve a day 1 MVP.

      • M&A Runbook for Infrastructure and Operations – Phase 3: Plan Short-Term Integration
      • I&O M&A Short-Term Integration Capacity Assessment Tool

      4. Map long-term integration

      Chart a roadmap for long-term integration.

      • M&A Runbook for Infrastructure and Operations – Phase 4: Map Long-Term Integration
      • I&O M&A Long-Term Integration Portfolio Planning Tool
      [infographic]

      Workshop: M&A Runbook for Infrastructure and Operations

      Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

      1 High-Level Scope

      The Purpose

      Establish goals and conduct discovery.

      Key Benefits Achieved

      Alignment with business goals

      Documentation of target organization’s current state

      Activities

      0.1 Consult with stakeholders.

      0.2 Establish M&A business goals.

      0.3 Conduct target discovery.

      0.4 Document own environment.

      0.5 Clarify goals.

      Outputs

      Stakeholder communication plan

      M&A business goals

      I&O M&A Discovery Template

      Current state of organization

      2 Target Assessment

      The Purpose

      Assess risk and value of target organization.

      Key Benefits Achieved

      Accurate scope of I&O integration

      Risk mitigation plans

      Value realization strategies

      Activities

      1.1 Scope I&O M&A project.

      1.2 Assess risks.

      1.3 Assess value.

      Outputs

      I&O M&A Project Napkin

      Risk assessment

      Value assessment

      3 Day 1 Integration Project Plan

      The Purpose

      Establish day 1 integration project plan.

      Key Benefits Achieved

      Smoother day 1 integration

      Activities

      2.1 Determine Day 1 minimum viable operating model post M&A.

      2.2 Identify gaps.

      2.3 Build day 1 project plan.

      2.4 Estimate required resources.

      Outputs

      Day 1 project plan

      4 Long-Term Project Plan

      The Purpose

      Draw long-term integration roadmap.

      Key Benefits Achieved

      Improved alignment with M&A goals

      Greater realization of the deal’s value

      Activities

      3.1 Set long-term future state goals.

      3.2 Create a long-term project plan.

      3.3 Consult with business stakeholders on the long-term plan.

      Outputs

      Long-term integration project plan

      5 Change Management and Continual Improvement

      The Purpose

      Prepare for organization and culture change.

      Refine M&A I&O integration process.

      Key Benefits Achieved

      Smoother change management

      Improved M&A integration process

      Activities

      4.1 Complete a change management plan.

      4.2 Conduct a process post-mortem.

      Outputs

      Change management plan

      Process improvements action items

      Select an EA Tool Based on Business and User Need

      • Buy Link or Shortcode: {j2store}274|cart{/j2store}
      • member rating overall impact: 10.0/10 Overall Impact
      • member rating average dollars saved: $62,999 Average $ Saved
      • member rating average days saved: 18 Average Days Saved
      • Parent Category Name: Architecture Domains
      • Parent Category Link: /architecture-domains
      • A mature EA function is increasingly becoming an organizational priority to drive innovation, provide insight, and define digital capabilities.
      • Proliferation of digital technology has increased complexity, straining the EA function to deliver insights.
      • An EA tool increases the efficiency with which the EA function can deliver insights, but a large number of organizations have not a selected an EA tool that suits their needs.

      Our Advice

      Critical Insight

      • EA tool value largely comes from tying organizational context and requirements to the selection process.
      • Organizations that have selected an EA tool often fail to have it adopted and show its true value. To ensure successful adoption and value delivery, the EA tool selection process must account for the needs of business stakeholders and tool users.

      Impact and Result

      • Link the need for the EA tool to your organization’s EA value proposition. The connection enables the EA tool to address the future needs of stakeholders and the design style of the EA team.
      • Use Info-Tech’s EA Solution Recommendation Tool to create a shortlist of EA tools that is suited to the preferences of the organization.
      • Gather additional information on the shortlist of EA tool vendors to narrow down the selection using the EA Tool Request for Information Template.

      Select an EA Tool Based on Business and User Need Research & Tools

      Start here – read the Executive Brief

      Read our concise Executive Brief to find out why you should procure an EA tool in the digital age, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      • Select an EA Tool Based on Business and User Need – Executive Brief
      • Select an EA Tool Based on Business and User Need – Phases 1-3

      1. Make the case

      Decide if an EA tool is needed in your organization and define the requirements of EA tool users.

      • Select an EA Tool Based on Business and User Need – Phase 1: Make the Case
      • EA Value Proposition Template
      • EA Tool User Requirements Template

      2. Shortlist EA tools

      Determine your organization’s preferences in terms of product capabilities and vendor characteristics.

      • Select an EA Tool Based on Business and User Need – Phase 2: Shortlist EA Tools
      • EA Solution Recommendation Tool

      3. Select and communicate the process

      Gather information on shortlisted vendors and make your final decision.

      • Select an EA Tool Based on Business and User Need – Phase 3: Select and Communicate the Process
      • EA Tool Request for Information Template
      • EA Tool Demo Script Template
      • Request for Proposal (RFP) Template
      • EA Tool Selection Process Template
      [infographic]

      Establish Data Governance – APAC Edition

      • Buy Link or Shortcode: {j2store}348|cart{/j2store}
      • member rating overall impact: 10.0/10 Overall Impact
      • member rating average dollars saved: $172,999 Average $ Saved
      • member rating average days saved: 63 Average Days Saved
      • Parent Category Name: Data Management
      • Parent Category Link: /data-management
      • Organisations are faced with challenges associated with changing data landscapes, evolving business models, industry disruptions, regulatory and compliance obligations, and changing and maturing user landscapes and demands for data.
      • Although the need for a data governance program is often evident, organisations miss the mark when their data governance efforts are not directly aligned to delivering measurable business value by supporting key strategic initiatives, value streams, and their underlying business capabilities.

      Our Advice

      Critical Insight

      • Your organisation’s value streams and the associated business capabilities require effectively governed data. Without this, you face the impact of elevated operational costs, missed opportunities, eroded stakeholder satisfaction, and exposure to increased business risk.
      • Ensure your data governance program delivers measurable business value by aligning the associated data governance initiatives with the business architecture.
      • Data governance must continuously align with the organisation’s enterprise governance function. It should not be perceived as an IT pet project, but rather as a business-driven initiative.

      Impact and Result

      Info-Tech’s approach to establishing and sustaining effective data governance is anchored in the strong alignment of organisational value streams and their business capabilities with key data governance dimensions and initiatives.

      • Align with enterprise governance, business strategy and organizational value streams to ensure the program delivers measurable business value.
      • Understand your current data governance capabilities and build out a future state that is right sized and relevant.
      • Define data governance leadership, accountability, and responsibility, supported by an operating model that effectively manages change and communication and fosters a culture of data excellence.

      Establish Data Governance – APAC Edition Research & Tools

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Data Governance Research – A step-by-step document to ensure that the people handling the data are involved in the decisions surrounding data usage, data quality, business processes, and change implementation.

      Data governance is a strategic program that will help your organisation control data by managing the people, processes, and information technology needed to ensure that accurate and consistent data policies exist across varying lines of the business, enabling data-driven insight. This research will provide an overview of data governance and its importance to your organization, assist in making the case and securing buy-in for data governance, identify data governance best practices and the challenges associated with them, and provide guidance on how to implement data governance best practices for a successful launch.

      • Establish Data Governance – Phases 1-3 – APAC

      2. Data Governance Planning and Roadmapping Workbook – A structured tool to assist with establishing effective data governance practices.

      This workbook will help your organisation understand the business and user context by leveraging your business capability map and value streams, developing data use cases using Info-Tech's framework for building data use cases, and gauging the current state of your organisation's data culture.

      • Data Governance Planning and Roadmapping Workbook – APAC

      3. Data Use Case Framework Template – An exemplar template to highlight and create relevant use cases around the organisation’s data-related problems and opportunities.

      This business needs gathering activity will highlight and create relevant use cases around data-related problems or opportunities that are clear and contained and, if addressed, will deliver value to the organisation. This template provides a framework for data requirements and a mapping methodology for creating use cases.

      • Data Use Case Framework Template – APAC

      4. Data Governance Initiative Planning and Roadmap Tool – A visual roadmapping tool to assist with establishing effective data governance practices.

      This tool will help your organisation plan the sequence of activities, capture start dates and expected completion dates, and create a roadmap that can be effectively communicated to the organisation.

      • Data Governance Initiative Planning and Roadmap Tool – APAC

      5. Business Data Catalogue – A comprehensive template to help you to document the key data assets that are to be governed based on in-depth business unit interviews, data risk/value assessments, and a data flow diagram for the organisation.

      Use this template to document information about key data assets such as data definition, source system, possible values, data sensitivity, data steward, and usage of the data.

      • Business Data Catalogue – APAC

      6. Data Governance Program Charter Template – A program charter template to sell the importance of data governance to senior executives.

      This template will help get the backing required to get a data governance project rolling. The program charter will help communicate the project purpose, define the scope, and identify the project team, roles, and responsibilities.

      • Data Governance Program Charter Template – APAC

      7. Data Policies – A set of policy templates to support the data governance framework for the organisation.

      This set of policies supports the organisation's use and management of data to ensure that it efficiently and effectively serves the needs of the organisation.

      • Data Governance Policy – APAC
      • Data Classification Policy, Standard, and Procedure – APAC
      • Data Quality Policy, Standard, and Procedure – APAC
      • Data Management Definitions – APAC
      • Metadata Management Policy, Standard, and Procedure – APAC
      • Data Retention Policy and Procedure – APAC
      [infographic]

      Workshop: Establish Data Governance – APAC Edition

      Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

      1 Establish Business Context and Value

      The Purpose

      Identify key business data assets that need to be governed.

      Create a unifying vision for the data governance program.

      Key Benefits Achieved

      Understand the value of data governance and how it can help the organisation better leverage its data.

      Gain knowledge of how data governance can benefit both IT and the business.

      Activities

      1.1 Establish business context, value, and scope of data governance at the organisation.

      1.2 Introduction to Info-Tech’s data governance framework.

      1.3 Discuss vision and mission for data governance.

      1.4 Understand your business architecture, including your business capability map and value streams.

      1.5 Build use cases aligned to core business capabilities.

      Outputs

      Sample use cases (tied to the business capability map) and a repeatable use case framework

      Vision and mission for data governance

      2 Understand Current Data Governance Capabilities and Plot Target-State Levels

      The Purpose

      Assess which data contains value and/or risk and determine metrics that will determine how valuable the data is to the organisation.

      Assess where the organisation currently stands in data governance initiatives.

      Determine gaps between the current and future states of the data governance program.

      Key Benefits Achieved

      Gain a holistic understanding of organisational data and how it flows through business units and systems.

      Identify which data should fall under the governance umbrella.

      Determine a practical starting point for the program.

      Activities

      2.1 Understand your current data governance capabilities and maturity.

      2.2 Set target-state data governance capabilities.

      Outputs

      Current state of data governance maturity

      Definition of target state

      3 Build Data Domain to Data Governance Role Mapping

      The Purpose

      Determine strategic initiatives and create a roadmap outlining key steps required to get the organisation to start enabling data-driven insights.

      Determine timing of the initiatives.

      Key Benefits Achieved

      Establish clear direction for the data governance program.

      Step-by-step outline of how to create effective data governance, with true business-IT collaboration.

      Activities

      3.1 Evaluate and prioritise performance gaps.

      3.2 Develop and consolidate data governance target-state initiatives.

      3.3 Define the role of data governance: data domain to data governance role mapping.

      Outputs

      Target-state data governance initiatives

      Data domain to data governance role mapping

      4 Formulate a Plan to Get to Your Target State

      The Purpose

      Consolidate the roadmap and other strategies to determine the plan of action from day one.

      Create the required policies, procedures, and positions for data governance to be sustainable and effective.

      Key Benefits Achieved

      Prioritised initiatives with dependencies mapped out.

      A clearly communicated plan for data governance that will have full business backing.

      Activities

      4.1 Identify and prioritise next steps.

      4.2 Define roles and responsibilities and complete a high-level RACI.

      4.3 Wrap-up and discuss next steps and post-workshop support.

      Outputs

      Initialised roadmap

      Initialised RACI

      Further reading

      Establish Data Governance

      Deliver measurable business value.

      Analyst Perspective

      Establish a data governance program that brings value to your organisation.

      Picture of analyst

      Data governance does not sit as an island on its own in the organisation – it must align with and be driven by your enterprise governance. As you build out data governance in your organisation, it's important to keep in mind that this program is meant to be an enabling framework of oversight and accountabilities for managing, handling, and protecting your company's data assets. It should never be perceived as bureaucratic or inhibiting to your data users. It should deliver agreed-upon models that are conducive to your organisation's operating culture, offering clarity on who can do what with the data and via what means. Data governance is the key enabler for bringing high-quality, trusted, secure, and discoverable data to the right users across your organisation. Promote and drive the responsible and ethical use of data while helping to build and foster an organisational culture of data excellence.

      Crystal Singh

      Director, Research & Advisory, Data & Analytics Practice

      Info-Tech Research Group

      Executive Summary

      Your Challenge

      The amount of data within organisations is growing at an exponential rate, creating a need to adopt a formal approach to governing data. However, many organisations remain uninformed on how to effectively govern their data. Comprehensive data governance should define leadership, accountability, and responsibility related to data use and handling and be supported by a well-oiled operating model and relevant policies and procedures. This will help ensure the right data gets to the right people at the right time, using the right mechanisms.

      Common Obstacles

      Organisations are faced with challenges associated with changing data landscapes, evolving business models, industry disruptions, regulatory and compliance obligations, and changing and maturing user landscape and demand for data. Although the need for a data governance program is often evident, organisations miss the mark when their data governance efforts are not directly aligned to delivering measurable business value. Initiatives should support key strategic initiatives, as well as value streams and their underlying business capabilities.

      Info-Tech's Approach

      Info-Tech's approach to establishing and sustaining effective data governance is anchored in the strong alignment of organisational value streams and their business capabilities with key data governance dimensions and initiatives. Organisations should:

      • Align their data governance with enterprise governance, business strategy and value streams to ensure the program delivers measurable business value.
      • Understand their current data governance capabilities so as to build out a future state that is right-sized and relevant.
      • Define data leadership, accountability, and responsibility. Support these with an operating model that effectively manages change and communication and fosters a culture of data excellence.

      Info-Tech Insight

      Your organisation's value streams and the associated business capabilities require effectively governed data. Without this, you face elevated operating costs, missed opportunities, eroded stakeholder satisfaction, and increased business risk.

      Your challenge

      This research is designed to help organisations build and sustain an effective data governance program.

      • Your organisation has recognised the need to treat data as a corporate asset for generating business value and/or managing and mitigating risk.
      • This has brought data governance to the forefront and highlighted the need to build a performance-driven enterprise program for delivering quality, trusted, and readily consumable data to users.
      • An effective data governance program is one that defines leadership, accountability. and responsibility related to data use and handling. It's supported by a well-oiled operating model and relevant policies and procedures, all of which help build and foster a culture of data excellence where the right users get access to the right data at the right time via the right mechanisms.

      As you embark on establishing data governance in your organisation, it's vital to ensure from the get-go that you define the drivers and business context for the program. Data governance should never be attempted without direction on how the program will yield measurable business value.

      'Data processing and cleanup can consume more than half of an analytics team's time, including that of highly paid data scientists, which limits scalability and frustrates employees.' – Petzold, et al., 2020

      Image is a circle graph and 30% of it is coloured with the number 30% in the middle of the graph

      'The productivity of employees across the organisation can suffer.' – Petzold, et al., 2020

      Respondents to McKinsey's 2019 Global Data Transformation Survey reported that an average of 30% of their total enterprise time was spent on non-value-added tasks because of poor data quality and availability. – Petzold, et al., 2020

      Common obstacles

      Some of the barriers that make data governance difficult to address for many organisations include:

      • Gaps in communicating the strategic value of data and data governance to the organisation. This is vital for securing senior leadership buy-in and support, which, in turn, is crucial for sustained success of the data governance program.
      • Misinterpretation or a lack of understanding about data governance, including what it means for the organisation and the individual data user.
      • A perception that data governance is inhibiting or an added layer of bureaucracy or complication rather than an enabling and empowering framework for stakeholders in their use and handling of data.
      • Embarking on data governance without firmly substantiating and understanding the organisational drivers for doing so. How is data governance going to support the organisation's value streams and their various business capabilities?
      • Neglecting to define and measure success and performance. Just as in any other enterprise initiative, you have to be able to demonstrate an ROI for time, resources and funding. These metrics must demonstrate the measurable business value that data governance brings to the organisation.
      • Failure to align data governance with enterprise governance.
      Image is a circle graph and 78% of it is coloured with the number 78% in the middle of the graph

      78% of companies (and 92% of top-tier companies) have a corporate initiative to become more data-driven. – Alation, 2020.

      Image is a circle graph and 58% of it is coloured with the number 58% in the middle of the graph

      But despite these ambitions, there appears to be a 'data culture disconnect' – 58% of leaders overestimate the current data culture of their enterprises, giving a grade higher than the one produced by the study. – Fregoni, 2020.

      The strategic value of data

      Power intelligent and transformative organisational performance through leveraging data.

      Respond to industry disruptors

      Optimise the way you serve your stakeholders and customers

      Develop products and services to meet ever-evolving needs

      Manage operations and mitigate risk

      Harness the value of your data

      The journey to being data-driven

      The journey to declaring that you are a data-driven organisation requires a pit stop at data enablement.

      The Data Economy

      Data Disengaged

      You have a low appetite for data and rarely use data for decision making.

      Data Enabled

      Technology, data architecture, and people and processes are optimised and supported by data governance.

      Data Driven

      You are differentiating and competing on data and analytics; described as a 'data first' organisation. You're collaborating through data. Data is an asset.

      Data governance is essential for any organisation that makes decisions about how it uses its data.

      Data governance is an enabling framework of decision rights, responsibilities, and accountabilities for data assets across the enterprise.

      Data governance is:

      • Executed according to agreed-upon models that describe who can take what actions with what information, when, and using what methods (Olavsrud, 2021).
      • True business-IT collaboration that will lead to increased consistency and confidence in data to support decision making. This, in turn, helps fuel innovation and growth.

      If done correctly, data governance is not:

      • An annoying, finger-waving roadblock in the way of getting things done.
      • Meant to solve all data-related business or IT problems in an organisation.
      • An inhibitor or impediment to using and sharing data.

      Info-Tech's Data Governance Framework

      An image of Info-Tech's Data Governance Framework

      Create impactful data governance by embedding it within enterprise governance

      A model is depicted to show the relationship between enterprise governance and data governance.

      Organisational drivers for data governance

      Data governance personas:

      Conformance: Establishing data governance to meet regulations and compliance requirements.

      Performance: Establishing data governance to fuel data-driven decision making for driving business value and managing and mitigating business risk.

      Two images are depicted that show the difference between conformance and performance.

      Data Governance is not a one-person show

      • Data governance needs a leader and a home. Define who is going to be leading, driving, and steering data governance in your organisation.
      • Senior executive leaders play a crucial role in championing and bringing visibility to the value of data and data governance. This is vital for building and fostering a culture of data excellence.
      • Effective data governance comes with business and IT alignment, collaboration, and formally defined roles around data leadership, ownership, and stewardship.
      Four circles are depicted. There is one person in the circle on the left and is labelled: Data Governance Leadership. The circle beside it has two people in it and labelled: Organisational Champions. The circle beside it has three people in it and labelled: Data Owners, Stewards & Custodians. The last circle has four people in it and labelled: The Organisation & Data Storytellers.

      Traditional data governance organisational structure

      A traditional structure includes committees and roles that span across strategic, tactical, and operational duties. There is no one-size-fits-all data governance structure. However, most organisations follow a similar pattern when establishing committees, councils, and cross-functional groups. Most organisations strive to identify roles and responsibilities at a strategic and operational level. Several factors will influence the structure of the program, such as the focus of the data governance project and the maturity and size of the organisation.

      A triangular model is depicted and is split into three tiers to show the traditional data governance organisational structure.

      A healthy data culture is key to amplifying the power of your data.

      'Albert Einstein is said to have remarked, "The world cannot be changed without changing our thinking." What is clear is that the greatest barrier to data success today is business culture, not lagging technology.' – Randy Bean, 2020

      What does it look like?

      • Everybody knows the data.
      • Everybody trusts the data.
      • Everybody talks about the data.

      'It is not enough for companies to embrace modern data architectures, agile methodologies, and integrated business-data teams, or to establish centres of excellence to accelerate data initiatives, when only about 1 in 4 executives reported that their organisation has successfully forged a data culture.'– Randy Bean, 2020

      Data literacy is an essential part of a data-driven culture

      • In a data-driven culture, decisions are made based on data evidence, not on gut instinct.
      • Data often has untapped potential. A data-driven culture builds tools and skills, builds users' trust in the condition and sources of data, and raises the data skills and understanding among their people on the front lines.
      • Building a data culture takes an ongoing investment of time, effort, and money. This investment will not achieve the transformation you want without data literacy at the grassroots level.

      Data-driven culture = 'data matters to our company'

      Despite investments in data initiative, organisations are carrying high levels of data debt

      Data debt is 'the accumulated cost that is associated with the sub-optimal governance of data assets in an enterprise, like technical debt.'

      Data debt is a problem for 78% of organisations.

      40% of organisations say individuals within the business do not trust data insights.

      66% of organisations say a backlog of data debt is impacting new data management initiatives.

      33% of organisations are not able to get value from a new system or technology investment.

      30% of organisations are unable to become data-driven.

      Source: Experian, 2020

      Absent or sub-optimal data governance leads to data debt

      Only 3% of companies' data meets basic quality standards. (Source: Nagle, et al., 2017)

      Organisations suspect 28% of their customer and prospect data is inaccurate in some way. (Source: Experian, 2020)

      Only 51% of organisations consider the current state of their CRM or ERP data to be clean, allowing them to fully leverage it. (Source: Experian, 2020)

      35% of organisations say they're not able to see a ROI for data management initiatives. (Source: Experian, 2020)

      Embrace the technology

      Make the available data governance tools and technology work for you:

      • Data catalogue
      • Business data glossary
      • Data lineage
      • Metadata management

      While data governance tools and technologies are no panacea, leverage their automated and AI-enabled capabilities to augment your data governance program.

      Logos of data governance tools and technology.

      Measure success to demonstrate tangible business value

      Put data governance into the context of the business:

      • Tie the value of data governance and its initiatives back to the business capabilities that are enabled.
      • Leverage the KPIs of those business capabilities to demonstrate tangible and measurable value. Use terms and language that will resonate with senior leadership.

      Don't let measurement be an afterthought:

      Start substantiating early on how you are going to measure success as your data governance program evolves.

      Build a right-sized roadmap

      Formulate an actionable roadmap that is right-sized to deliver value in your organisation.

      Key considerations:

      • When building your data governance roadmap, ensure you do so through an enterprise lens. Be cognizant of other initiatives that might be coming down the pipeline that may require you to align your data governance milestones accordingly.
      • Apart from doing your planning with consideration for other big projects or launches that might be in-flight and require the time and attention of your data governance partners, also be mindful of the more routine yet still demanding initiatives.
      • When doing your roadmapping, consider factors like the organisation's fiscal cycle, typical or potential year-end demands, and monthly/quarterly reporting periods and audits. Initiatives such as these are likely to monopolise the time and focus of personnel key to delivering on your data governance milestones.

      Sample milestones:

      Data Governance Leadership & Org Structure Definition

      Define the home for data governance and other key roles around ownership and stewardship, as approved by senior leadership.

      Data Governance Charter and Policies

      Create a charter for your program and build/refresh associated policies.

      Data Culture Diagnostic

      Understand the organisation's current data culture, perception of data, value of data, and knowledge gaps.

      Use Case Build and Prioritisation

      Build a use case that is tied to business capabilities. Prioritise accordingly.

      Business Data Glossary

      Build and/or refresh the business' glossary for addressing data definitions and standardisation issues.

      Tools & Technology

      Explore the tools and technology offering in the data governance space that would serve as an enabler to the program. (e.g. RFI, RFP).

      Key takeaways for effective business-driven data governance

      Data governance leadership and sponsorship is key.

      Ensure strategic business alignment.

      Build and foster a culture of data excellence.

      Evolve along the data journey.

      Make data governance an enabler, not a hindrance.

      Insight summary

      Overarching insight

      Your organisation's value streams and the associated business capabilities require effectively governed data. Without this, you face the impact of elevated operational costs, missed opportunities, eroded stakeholder satisfaction, and exposure to increased business risk.

      Insight 1

      Data governance should not sit as an island in your organisation. It must continuously align with the organisation's enterprise governance function. It shouldn't be perceived as a pet project of IT, but rather as an enterprise-wide, business-driven initiative.

      Insight 2

      Ensure your data governance program delivers measurable business value by aligning the associated data governance initiatives with the business architecture. Leverage the measures of success or KPIs of the underlying business capabilities to demonstrate the value data governance has yielded for the organisation.

      Insight 3

      Data governance remains the foundation of all forms of reporting and analytics. Advanced capabilities such as AI and machine learning require effectively governed data to fuel their success.

      Tactical insight

      Tailor your data literacy program to meet your organisation's needs, filling your range of knowledge gaps and catering to your different levels of stakeholders. When it comes to rolling out a data literacy program, there is no one-size-fits-all solution. Your data literacy program is intended to fill the knowledge gaps about data, as they exist in your organisation. It should be targeted across the board – from your executive leadership and management through to the subject matter experts across different lines of the business in your organisation.

      Info-Tech's methodology for establishing data governance

      1. Build Business and User Context 2. Understand Your Current Data Governance Capabilities 3. Build a Target State Roadmap and Plan
      Phase Steps
      1. Substantiate Business Drivers
      2. Build High-Value Use Cases for Data Governance
      1. Understand the Key Components of Data Governance
      2. Gauge Your Organisation's Current Data Culture
      1. Formulate an Actionable Roadmap and Right-Sized Plan
      Phase Outcomes
      • Your organisation's business capabilities and value streams
      • A business capability map for your organisation
      • Categorisation of your organisation's key capabilities
      • A strategy map tied to data governance
      • High-value use cases for data governance
      • An understanding of the core components of an effective data governance program
      • An understanding your organisation's current data culture
      • A data governance roadmap and target-state plan comprising of prioritised initiatives

      Blueprint deliverables

      Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

      Screenshot of Info-Tech's Data Governance Planning and Roadmapping Workbook data-verified=

      Data Governance Planning and Roadmapping Workbook

      Use the Data Governance Planning and Roadmapping Workbook as you plan, build, roll out, and scale data governance in your organisation.

      Screenshot of Info-Tech's Data Use Case Framework Template

      Data Use Case Framework Template

      This template takes you through a business needs gathering activity to highlight and create relevant use cases around the organisation's data-related problems and opportunities.

      Screenshot of Info-Tech's Business Data Glossary data-verified=

      Business Data Glossary

      Use this template to document the key data assets that are to be governed and create a data flow diagram for your organisation.

      Screenshot of Info-Tech's Data Culture Diagnostic and Scorecard data-verified=

      Data Culture Diagnostic and Scorecard

      Leverage Info-Tech's Data Culture Diagnostic to understand how your organisation scores across 10 areas relating to data culture.

      Key deliverable:

      Data Governance Planning and Roadmapping Workbook

      Blueprint deliverables

      Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

      Data Governance Initiative Planning and Roadmap Tool

      Leverage this tool to assess your current data governance capabilities and plot your target state accordingly.

      This tool will help you plan the sequence of activities, capture start dates and expected completion dates, and create a roadmap that can be effectively communicated to the organisation.

      Data Governance Program Charter Template

      This template will help get the backing required to get a data governance project rolling. The program charter will help communicate the project purpose, define the scope, and identify the project team, roles, and responsibilities.

      Data Governance Policy

      This policy establishes uniformed data governance standards and identifies the shared responsibilities for assuring the integrity of the data and that it efficiently and effectively serves the needs of your organisation

      Other Deliverables:

      • Data Governance Initiative Planning and Roadmap Tool
      • Data Governance Program Charter Template
      • Data Governance Policy

      Blueprint benefits

      Defined data accountability & responsibility

      Shared knowledge & common understanding of data assets

      Elevated trust & confidence in traceable data

      Improved data ROI & reduced data debt

      Support for ethical use and handling of data in a culture of excellence

      Measure the value of this blueprint

      Leverage this blueprint's approach to ensure your data governance initiatives align and support your key value streams and their business capabilities.

      • Aligning your data governance program and its initiatives to your organisation's business capabilities is vital for tracing and demonstrating measurable business value for the program.
      • This alignment of data governance with value streams and business capabilities enables you to use business-defined KPIs and demonstrate tangible value.
      Screenshot from this blueprint on the Measurable Business Value

      In phases 1 and 2 of this blueprint, we will help you establish the business context, define your business drivers and KPIs, and understand your current data governance capabilities and strengths.

      In phase 3, we will help you develop a plan and a roadmap for addressing any gaps and improving the relevant data governance capabilities so that data is well positioned to deliver on those defined business metrics.

      Info-Tech offers various levels of support to best suit your needs

      DIY Toolkit

      'Our team, has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.'

      Guided Implementation

      'Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keeps us on track.'

      Workshop

      'We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.'

      Consulting

      'Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.'

      Diagnostics and consistent frameworks are used throughout all four options.

      Establish Data Governance project overview

      Contact your account representative for more information. workshops@infotech.com 1-888-670-8889

      1. Build Business and User context2. Understand Your Current Data Governance Capabilities3. Build a Target State Roadmap and Plan
      Best-Practice Toolkit
      1. Substantiate Business Drivers
      2. Build High-Value Use Cases for Data Governance
      1. Understand the Key Components of Data Governance
      2. Gauge Your Organisation's Current Data Culture
      1. Formulate an Actionable Roadmap and Right-Sized Plan
      Guided Implementation
      • Call 1
      • Call 2
      • Call 3
      • Call 4
      • Call 5
      • Call 6
      • Call 7
      • Call 8
      • Call 9
      Phase Outcomes
      • Your organisation's business capabilities and value streams
      • A business capability map for your organisation
      • Categorisation of your organisation's key capabilities
      • A strategy map tied to data governance
      • High-value use cases for data governance
      • An understanding of the core components of an effective data governance program
      • An understanding your organisation's current data culture
      • A data governance roadmap and target-state plan comprising of prioritised initiatives

      Guided Implementation

      What does a typical GI on this topic look like?

      An outline of what guided implementation looks like.

      A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organisation. A typical GI is between 8 to 12 calls over the course of 4 to 6 months.

      Workshop overview

      Contact your account representative for more information. workshops@infotech.com 1-888-670-8889

      Day 1 Day 2 Day 3 Day 4
      Establish Business Context and Value Understand Current Data Governance Capabilities and Plot Target-State Levels Build Data Domain to Data Governance Role Mapping Formulate a Plan to Get to Your Target State
      Activities
      • Establish business context, value, and scope of data governance at the organisation
      • Introduction to Info-Tech's data governance framework
      • Discuss vision and mission for data governance
      • Understand your business architecture, including your business capability map and value streams
      • Build use cases aligned to core business capabilities
      • Understand your current data governance capabilities and maturity
      • Set target state data governance capabilities
      • Evaluate and prioritise performance gaps
      • Develop and consolidate data governance target-state initiatives
      • Define the role of data governance: data domain to data governance role mapping
      • Identify and prioritise next steps
      • Define roles and responsibilities and complete a high-level RACI
      • Wrap-up and discuss next steps and post-workshop support
      Deliverables
      1. Sample use cases (tied to the business capability map) and a repeatable use case framework
      2. Vision and mission for data governance
      1. Current state of data governance maturity
      2. Definition of target state
      1. Target-state data governance initiatives
      2. Data domain to data governance role mapping
      1. Initialised roadmap
      2. Initialised RACI
      3. Completed Business Data Glossary (BDG)

      Phase 1

      Build Business and User Context

      Three circles are in the image that list the three phases and the main steps. Phase 1 is highlighted.

      'When business users are invited to participate in the conversation around data with data users and IT, it adds a fundamental dimension — business context. Without a real understanding of how data ties back to the business, the value of analysis and insights can get lost.' – Jason Lim, Alation

      This phase will guide you through the following activities:

      • Identify Your Business Capabilities
      • Define your Organisation's Key Business Capabilities
      • Develop a Strategy Map that Aligns Business Capabilities to Your Strategic Focus

      This phase involves the following participants:

      • Data Governance Leader/Data Leader (CDO)
      • Senior Business Leaders
      • Business SMEs
      • Data Leadership, Data Owners, Data Stewards and Custodians

      Step 1.1

      Substantiate Business Drivers

      Activities

      1.1.1 Identify Your Business Capabilities

      1.1.2 Categorise Your Organisation's Key Business Capabilities

      1.1.3 Develop a Strategy Map Tied to Data Governance

      This step will guide you through the following activities:

      • Leverage your organisation's existing business capability map or initiate the formulation of a business capability map, guided by Info-Tech's approach
      • Determine which business capabilities are considered high priority by your organisation
      • Map your organisation's strategic objectives to value streams and capabilities to communicate how objectives are realised with the support of data

      Outcomes of this step

      • A foundation for data governance initiative planning that's aligned with the organisation's business architecture: value streams, business capability map, and strategy map

      Info-Tech Insight

      Gaining a sound understanding of your business architecture (value streams and business capabilities) is a critical foundation for establishing and sustaining a data governance program that delivers measurable business value.

      1.1.1 Identify Your Business Capabilities

      Confirm your organisation's existing business capability map or initiate the formulation of a business capability map:

      1. If you have an existing business capability map, meet with the relevant business owners/stakeholders to confirm that the content is accurate and up to date. Confirm the value streams (how your organisation creates and captures value) and their business capabilities are reflective of the organisation's current business environment.
      2. If you do not have an existing business capability map, follow this activity to initiate the formulation of a map (value streams and related business capabilities):
        1. Define the organisation's value streams. Meet with senior leadership and other key business stakeholders to define how your organisation creates and captures value.
        2. Define the relevant business capabilities. Meet with senior leadership and other key business stakeholders to define the business capabilities.

      Note: A business capability defines what a business does to enable value creation. Business capabilities are business terms defined using descriptive nouns such as 'Marketing' or 'Research and Development.' They represent stable business functions, are unique and independent of each other, and typically will have a defined business outcome.

      Input

      • List of confirmed value streams and their related business capabilities

      Output

      • Business capability map with value streams for your organisation

      Materials

      • Your existing business capability map or the template provided in the Data Governance Planning and Roadmapping Workbook accompanying this blueprint

      Participants

      • Key business stakeholders
      • Data stewards
      • Data custodians
      • Data Governance Working Group

      For more information, refer to Info-Tech's Document Your Business Architecture.

      Define or validate the organisation's value streams

      Value streams connect business goals to the organisation's value realisation activities. These value realisation activities, in turn, depend on data.

      If the organisation does not have a business architecture function to conduct and guide Activity 1.1.1, you can leverage the following approach:

      • Meet with key stakeholders regarding this topic, then discuss and document your findings.
      • When trying to identify the right stakeholders, consider: Who are the decision makers and key influencers? Who will impact this piece of business architecture related work? Who has the relevant skills, competencies, experience, and knowledge about the organisation?
      • Engage with these stakeholders to define and validate how the organisation creates value.
      • Consider:
        • Who are your main stakeholders? This will depend on the industry in which you operate. For example, customers, residents, citizens, constituents, students, patients.
        • What are your stakeholders looking to accomplish?
        • How does your organisation's products and/or services help them accomplish that?
        • What are the benefits your organisation delivers to them and how does your organisation deliver those benefits?
        • How do your stakeholders receive those benefits?

      Align data governance to the organisation's value realisation activities.

      Value streams enable the organisation to create or capture value in the market in which it operates by engaging in a set of interconnected activities.

      Info-Tech Insight

      Your organisation's value streams and the associated business capabilities require effectively governed data. Without this, you face the possibilities of elevated operational costs, missed opportunities, eroded stakeholder satisfaction, negative impact to reputation and brand, and/or increased exposure to business risk.

      Example of value streams – Retail Banking

      Value streams connect business goals to the organisation's value realisation activities.

      Example value stream descriptions for: Retail Banking

      Value streams enable the organisation to create or capture value in the market in which it operates by engaging in a set of interconnected activities.

      Model example of value streams for retail banking.

      For this value stream, download Info-Tech's Info-Tech's Industry Reference Architecture for Retail Banking.

      Example of value streams – Higher Education

      Value streams connect business goals to the organisation's value realisation activities.

      Example value stream descriptions for: Higher Education

      Value streams enable the organisation to create or capture value in the market in which it operates by engaging in a set of interconnected activities.

      Model example of value streams for higher education

      For this value stream, download Info-Tech's Industry Reference Architecture for Higher Education.

      Example of value streams – Local Government

      Value streams connect business goals to the organisation's value realisation activities.

      Example value stream descriptions for: Local Government

      Value streams enable the organisation to create or capture value in the market in which it operates by engaging in a set of interconnected activities.

      Model example of value streams for local government

      For this value stream, download Info-Tech's Industry Reference Architecture for Local Government.

      Example of value streams – Manufacturing

      Value streams connect business goals to the organisation's value realisation activities.

      Example value stream descriptions for: Manufacturing

      Value streams enable the organisation to create or capture value in the market in which it operates by engaging in a set of interconnected activities.

      Model example of value streams for manufacturing

      For this value stream, download Info-Tech's Industry Reference Architecture for Manufacturing.

      Example of value streams – Retail

      Value streams connect business goals to the organisation's value realisation activities.

      Example value stream descriptions for: Retail

      Model example of value streams for retail

      Value streams enable the organisation to create or capture value in the market in which it operates by engaging in a set of interconnected activities.

      For this value stream, download Info-Tech's Industry Reference Architecture for Retail.

      Define the organisation's business capabilities in a business capability map

      A business capability defines what a business does to enable value creation. Business capabilities represent stable business functions and typically will have a defined business outcome.

      Business capabilities can be thought of as business terms defined using descriptive nouns such as 'Marketing' or 'Research and Development.'

      If your organisation doesn't already have a business capability map, you can leverage the following approach to build one. This initiative requires a good understanding of the business. By working with the right stakeholders, you can develop a business capability map that speaks a common language and accurately depicts your business.

      Working with the stakeholders as described above:

      • Analyse the value streams to identify and describe the organisation's capabilities that support them.
      • Consider: What is the objective of your value stream? (This can highlight which capabilities support which value stream.)
      • As you initiate your engagement with your stakeholders, don't start a blank page. Leverage the examples on the next slides as a starting point for your business capability map.
      • When using these examples, consider: What are the activities that make up your particular business? Keep the ones that apply to your organisation, remove the ones that don't, and add any needed.

      Align data governance to the organisation's value realisation activities.

      Info-Tech Insight

      A business capability map can be thought of as a visual representation of your organisation's business capabilities and hence represents a view of what your data governance program must support.

      For more information, refer to Info-Tech's Document Your Business Architecture.

      Example business capability map – Retail Banking

      A business capability map can be thought of as a visual representation of your organisation's business capabilities and hence represents a view of what your data governance program must support.

      Validate your business capability map with the right stakeholders, including your executive team, business unit leaders, and/or other key stakeholders.

      Info-Tech Tip:

      Leverage your business capability map verification session with these key stakeholders as a prime opportunity to share and explain the role of data and data governance in supporting the very value realisation capabilities under discussion. This will help to build awareness and visibility of the data governance program.

      Example business capability map for: Retail Banking

      Model example business capability map for retail banking

      For this business capability map, download Info-Tech's Industry Reference Architecture for Retail Banking.

      Example business capability map – Higher Education

      A business capability map can be thought of as a visual representation of your organisation's business capabilities and hence represents a view of what your data governance program must support.

      Validate your business capability map with the right stakeholders, including your executive team, business unit leaders, and/or other key stakeholders.

      Info-Tech Tip:

      Leverage your business capability map verification session with these key stakeholders as a prime opportunity to share and explain the role of data and data governance in supporting the very value realisation capabilities under discussion. This will help to build awareness and visibility of the data governance program.

      Example business capability map for: Higher Education

      Model example business capability map for higher education

      For this business capability map, download Info-Tech's Industry Reference Architecture for Higher Education.

      Example business capability map – Local Government

      A business capability map can be thought of as a visual representation of your organisation's business capabilities and hence represents a view of what your data governance program must support.

      Validate your business capability map with the right stakeholders, including your executive team, business unit leaders, and/or other key stakeholders.

      Info-Tech Tip:

      Leverage your business capability map verification session with these key stakeholders as a prime opportunity to share and explain the role of data and data governance in supporting the very value realisation capabilities under discussion. This will help to build awareness and visibility of the data governance program.

      Example business capability map for: Local Government

      Model example business capability map for local government

      For this business capability map, download Info-Tech's Industry Reference Architecture for Local Government.

      Example business capability map – Manufacturing

      A business capability map can be thought of as a visual representation of your organisation's business capabilities and hence represents a view of what your data governance program must support.

      Validate your business capability map with the right stakeholders, including your executive team, business unit leaders, and/or other key stakeholders.

      Info-Tech Tip:

      Leverage your business capability map verification session with these key stakeholders as a prime opportunity to share and explain the role of data and data governance in supporting the very value realisation capabilities under discussion. This will help to build awareness and visibility of the data governance program.

      Example business capability map for: Manufacturing

      Model example business capability map for manufacturing

      For this business capability map, download Info-Tech's Industry Reference Architecture for Manufacturing.

      Example business capability map - Retail

      A business capability map can be thought of as a visual representation of your organisation's business capabilities and hence represents a view of what your data governance program must support.

      Validate your business capability map with the right stakeholders, including your executive team, business unit leaders, and/or other key stakeholders.

      Info-Tech Tip:

      Leverage your business capability map verification session with these key stakeholders as a prime opportunity to share and explain the role of data and data governance in supporting the very value realisation capabilities under discussion. This will help to build awareness and visibility of the data governance program.

      Example business capability map for: Retail

      Model example business capability map for retail

      For this business capability map, download Info-Tech's Industry Reference Architecture for Retail.

      1.1.2 Categorise Your Organisation's Key Capabilities

      Determine which capabilities are considered high priority in your organisation.

      1. Categorise or heatmap the organisation's key capabilities. Consult with senior and other key business stakeholders to categorise and prioritise the business' capabilities. This will aid in ensuring your data governance future state planning is aligned with the mandate of the business. One approach to prioritising capabilities with business stakeholders is to examine them through the lens of cost advantage creators, competitive advantage differentiators, and/or by high value/high risk.
      2. Identify cost advantage creators. Focus on capabilities that drive a cost advantage for your organisation. Highlight these capabilities and prioritise programs that support them.
      3. Identify competitive advantage differentiators. Focus on capabilities that give your organisation an edge over rivals or other players in your industry.

      This categorisation/prioritisation exercise helps highlight prime areas of opportunity for building use cases, determining prioritisation, and the overall optimisation of data and data governance.

      Input

      • Strategic insight from senior business stakeholders on the business capabilities that drive value for the organisation

      Output

      • Business capabilities categorised and prioritised (e.g. cost advantage creators, competitive advantage differentiators, high value/high risk)

      Materials

      • Your existing business capability map or the business capability map derived in the previous activity

      Participants

      • Key business stakeholders
      • Data stewards
      • Data custodians
      • Data Governance Working Group

      For more information, refer to Info-Tech's Document Your Business Architecture.

      Example of business capabilities categorisation or heatmapping – Retail

      This exercise is useful in ensuring the data governance program is focused and aligned to support the priorities and direction of the business.

      • Depending on the mandate from the business, priority may be on developing cost advantage. Hence the capabilities that deliver efficiency gains are the ones considered to be cost advantage creators.
      • The business' priority may be on maintaining or gaining a competitive advantage over its industry counterparts. Differentiation might be achieved in delivering unique or enhanced products, services, and/or experiences, and the focus will tend to be on the capabilities that are more end-stakeholder-facing (e.g. customer-, student-, patient,- and/or constituent-facing). These are the organisation's competitive advantage creators.

      Example: Retail

      Example of business capabilities categorisation or heatmapping – Retail

      For this business capability map, download Info-Tech's Industry Reference Architecture for Retail.

      1.1.3 Develop a Strategy Map Tied to Data Governance

      Identify the strategic objectives for the business. Knowing the key strategic objectives will drive business-data governance alignment. It's important to make sure the right strategic objectives of the organisation have been identified and are well understood.

      1. Meet with senior business leaders and other relevant stakeholders to help identify and document the key strategic objectives for the business.
      2. Leverage their knowledge of the organisation's business strategy and strategic priorities to visually represent how these map to value streams, business capabilities, and, ultimately, to data and data governance needs and initiatives. Tip: Your map is one way to visually communicate and link the business strategy to other levels of the organisation.
      3. Confirm the strategy mapping with other relevant stakeholders.

      Guide to creating your map: Starting with strategic objectives, map the value streams that will ultimately drive them. Next, link the key capabilities that enable each value stream. Then map the data and data governance to initiatives that support those capabilities. This is one approach to help you prioritise the data initiatives that deliver the most value to the organisation.

      Input

      • Strategic objectives as outlined by the organisation's business strategy and confirmed by senior leaders

      Output

      • A strategy map that maps your organisational strategic objectives to value streams, business capabilities, and, ultimately, to data program

      Materials

      Participants

      • Key business stakeholders
      • Data stewards
      • Data custodians
      • Data Governance Working Group

      Download Info-Tech's Data Governance Planning and Roadmapping Workbook

      Example of a strategy map tied to data governance

      • Strategic objectives are the outcomes that the organisation is looking to achieve.
      • Value streams enable an organisation to create and capture value in the market through interconnected activities that support strategic objectives.
      • Business capabilities define what a business does to enable value creation in value streams.
      • Data capabilities and initiatives are descriptions of action items on the data and data governance roadmap and which will enable one or multiple business capabilities in its desired target state.

      Info-Tech Tip:

      Start with the strategic objectives, then map the value streams that will ultimately drive them. Next, link the key capabilities that enable each value stream. Then map the data and data governance initiatives that support those capabilities. This process will help you prioritise the data initiatives that deliver the most value to the organisation.

      Example: Retail

      Example of a strategy map tied to data governance for retail

      For this strategy map, download Info-Tech's Industry Reference Architecture for Retail.

      Step 1.2

      Build High-Value Use Cases for Data Governance

      Activities

      1.2.1 Build High-Value Use Cases

      This step will guide you through the following activities:

      • Leveraging your categorised business capability map to conduct deep-dive sessions with key business stakeholders for creating high-value uses cases
      • Discussing current challenges, risks, and opportunities associated with the use of data across the lines of business
      • Exploring which other business capabilities, stakeholder groups, and business units will be impacted

      Outcomes of this step

      • Relevant use cases that articulate the data-related challenges, needs, or opportunities that are clear and contained and, if addressed ,will deliver value to the organisation

      Info-Tech Tip

      One of the most important aspects when building use cases is to ensure you include KPIs or measures of success. You have to be able to demonstrate how the use case ties back to the organisational priorities or delivers measurable business value. Leverage the KPIs and success factors of the business capabilities tied to each particular use case.

      1.2.1 Build High-Value Use Cases

      This business needs-gathering activity will highlight and create relevant use cases around data-related problems or opportunities that are clear and contained and, if addressed, will deliver value to the organisation.

      1. Bring together key business stakeholders (data owner, stewards, SMEs) from a particular line of business as well as the relevant data custodian(s) to build cases for their units. Leverage the business capability map you created for facilitating this act.
      2. Leverage Info-Tech's framework for data requirements and methodology for creating use cases, as outlined in the Data Use Case Framework Template and seen on the next slide.
      3. Have the stakeholders move through each breakout session outlined in the Use Case Worksheet. Use flip charts or a whiteboard to brainstorm and document their thoughts.
      4. Debrief and document results in the Data Use Case Framework Template.
      5. Repeat this exercise with as many lines of the business as possible, leveraging your business capability map to guide your progress and align with business value.

      Tip: Don't conclude these use case discussions without substantiating what measures of success will be used to demonstrate the business value of the effort to produce the desired future state, as relevant to each particular use case.

      This business needs-gathering activity will highlight and create relevant use cases around data-related problems or opportunities that are clear and contained and, if addressed, will deliver value to the organisation.

      1. Bring together key business stakeholders (data owner, stewards, SMEs) from a particular line of business as well the relevant data custodian(s) to build cases for their units. Leverage the business capability map you created for facilitating this act.
      2. Leverage Info-Tech's framework for data requirements and methodology for creating use cases, as outlined in the Data Use Case Framework Template and seen on the next slide.
      3. Have the stakeholders move through each breakout session outlined in the Use Case Worksheet. Use flip charts or a whiteboard to brainstorm and document their thoughts.
      4. Debrief and document results in the Data Use Case Framework Template
      5. Repeat this exercise with as many lines of the business as possible, leveraging your business capability map to guide your progress and align with business value.

      Tip: Don't conclude these use case discussions without substantiating what measures of success will be used to demonstrate the business value of the effort to produce the desired future state, as relevant to each particular use case.

      Input

      • Value streams and business capabilities as defined by business leaders
      • Business stakeholders' subject area expertise
      • Data custodian systems, integration, and data knowledge

      Output

      • Use cases that articulate data-related challenges, needs or opportunities that are tied to defined business capabilities and hence if addressed will deliver measurable value to the organisation.

      Materials

      • Your business capability map from activity 1.1.1
      • Info-Tech's Data Use Case Framework Template
      • Whiteboard or flip charts (or shared screen if working remotely)
      • Markers/pens

      Participants

      • Key business stakeholders
      • Data stewards and business SMEs
      • Data custodians
      • Data Governance Working Group

      Download Info-Tech's Data Use Case Framework Template

      Info-Tech's Framework for Building Use Cases

      Objective: This business needs-gathering activity will highlight and create relevant use cases around data-related problems or opportunities that are clear and contained and, if addressed, will deliver value to the organisation.

      Leveraging your business capability map, build use cases that align with the organisation's key business capabilities.

      Consider:

      • Is the business capability a cost advantage creator or an industry differentiator?
      • Is the business capability currently underserved by data?
      • Does this need to be addressed? If so, is this risk- or value-driven?

      Info-Tech's Data Requirements and Mapping Methodology for Creating Use Cases

      1. What business capability (or capabilities) is this use case tied to for your business area(s)?
      2. What are your data-related challenges in performing this today?
      3. What are the steps in this process/activity today?
      4. What are the applications/systems used at each step today?
      5. What data domains are involved, created, used, and/or transformed at each step today?
      6. What does an ideal or improved state look like?
      7. What other business units, business capabilities, activities, and/or processes will be impacted or improved if this issue was solved?
      8. Who are the stakeholders impacted by these changes? Who needs to be consulted?
      9. What are the risks to the organisation (business capability, revenue, reputation, customer loyalty, etc.) if this is not addressed?
      10. What compliance, regulatory, and/or policy concerns do we need to consider in any solution?
      11. What measures of success or change should we use to prove the value of the effort (such as KPIs, ROI)? What is the measurable business value of doing this?

      The resulting use cases are to be prioritised and leveraged for informing the business case and the data governance capabilities optimisation plan.

      Taken from Info-Tech's Data Use Case Framework Template

      Phase 2

      Understand Your Current Data Governance Capabilities

      Three circles are in the image that list the three phases and the main steps. Phase 2 is highlighted.

      This phase will guide you through the following activities:

      • Understand the Key Components of Data Governance
      • Gauge Your Organisation's Current Data Culture

      This phase involves the following participants:

      • Data Leadership
      • Data Ownership & Stewardship
      • Policies & Procedures
      • Data Literacy & Culture
      • Operating Model
      • Data Management
      • Data Privacy & Security
      • Enterprise Projects & Services

      Step 2.1

      Understand the Key Components of Data Governance

      This step will guide you through the following activities:

      • Understanding the core components of an effective data governance program and determining your organisation's current capabilities in these areas:
        • Data Leadership
        • Data Ownership & Stewardship
        • Policies & Procedures
        • Data Literacy & Culture
        • Operating Model
        • Data Management
        • Data Privacy & Security
        • Enterprise Projects & Services

      Outcomes of this step

      • An understanding of the core components of an effective data governance program
      • An understanding your organisation's current data governance capabilities

      Leverage Info-Tech's: Data Governance Initiative Planning and Roadmap Tool to assess your current data governance capabilities and plot your target state accordingly.

      This tool will help your organisation plan the sequence of activities, capture start dates and expected completion dates, and create a roadmap that can be effectively communicated to the organisation.

      Review: Info-Tech's Data Governance Framework

      An image of Info-Tech's Data Governance Framework

      Key components of data governance

      A well-defined data governance program will deliver:

      • Defined accountability and responsibility for data.
      • Improved knowledge and common understanding of the organisation's data assets.
      • Elevated trust and confidence in traceable data.
      • Improved data ROI and reduced data debt.
      • An enabling framework for supporting the ethical use and handling of data.
      • A foundation for building and fostering a data-driven and data-literate organisational culture.

      The key components of establishing sustainable enterprise data governance, taken from Info-Tech's Data Governance Framework:

      • Data Leadership
      • Data Ownership & Stewardship
      • Operating Model
      • Policies & Procedures
      • Data Literacy & Culture
      • Data Management
      • Data Privacy & Security
      • Enterprise Projects & Services

      Data Leadership

      • Data governance needs a dedicated head or leader to steer the organisation's data governance program.
      • For organisations that do have a chief data officer (CDO), their office is the ideal and effective home for data governance.
      • Heads of data governance also have titles such as director of data governance, director of data quality, and director of analytics.
      • The head of your data governance program works with all stakeholders and partners to ensure there is continuous enterprise governance alignment and oversight and to drive the program's direction.
      • While key stakeholders from the business and IT will play vital data governance roles, the head of data governance steers the various components, stakeholders, and initiatives, and provides oversight of the overall program.
      • Vital data governance roles include: data owners, data stewards, data custodians, data governance steering committee (or your organisation's equivalent), and any data governance working group(s).

      The role of the CDO: the voice of data

      The office of the chief data officer (CDO):

      • Has a cross-organisational vision and strategy for data.
      • Owns and drives the data strategy; ensures it supports the overall organisational strategic direction and business goals.
      • Leads the organisational data initiatives, including data governance
      • Is accountable for the policy, strategy, data standards, and data literacy necessary for the organisation to operate effectively.
      • Educates users and leaders about what it means to be 'data-driven.'
      • Builds and fosters a culture of data excellence.

      'Compared to most of their C-suite colleagues, the CDO is faced with a unique set of problems. The role is still being defined. The chief data officer is bringing a new dimension and focus to the organisation: "data." '
      – Carruthers and Jackson, 2020

      Who does the CDO report to?

      Example reporting structure.
      • The CDO should be a true C- level executive.
      • Where the organisation places the CDO role in the structure sends an important signal to the business about how much it values data.

      'The title matters. In my opinion, you can't have a CDO without executive authority. Otherwise no one will listen.'

      – Anonymous European CDO

      'The reporting structure depends on who's the 'glue' that ties together all these uniquely skilled individuals.'

      – John Kemp, Senior Director, Executive Services, Info-Tech Research Group

      Data Ownership & Stewardship

      Who are best suited to be data owners?

      • Wherever they may sit in your organisation, data owners will typically have the highest stake in that data.
      • Data owners needs to be suitably senior and have the necessary decision-making power.
      • They have the highest interest in the related business data domain, whether they are the head of a business unit or the head of a line of business that produces data or consumes data (or both).
      • If they are neither of these, it's unlikely they will have the interest in the data (in terms of its quality, protection, ethical use, and handling, for instance) necessary to undertake and adopt the role effectively.

      Data owners are typically senior business leaders with the following characteristics:

      • Positioned to accept accountability for their data domain.
      • Hold authority and influence to affect change, including across business processes and systems, needed to improve data quality, use, handling, integration, etc.
      • Have access to a budget and resources for data initiatives such as resolving data quality issues, data cleansing initiatives, business data catalogue build, related tools and technology, policy management, etc.
      • Hold the influence needed to drive change in behaviour and culture.
      • Act as ambassadors of data and its value as an organisational strategic asset.

      Right-size your data governance organisational structure

      • Most organisations strive to identify roles and responsibilities at a strategic, and operational level. Several factors will influence the structure of the program such as the focus of the data governance project as well as the maturity and size of the organisation.
      • Your data governance structure has to work for your organisation, and it has to evolve as the organisation evolves.
      • Formulate your blend of data governance roles, committees, councils, and cross-functional groups, that make sense for your organisation.
      • Your data governance organisational structure should not add complexity or bureaucracy to your organisation's data landscape; it should support and enable your principle of treating data as an asset.

      There is no one-size-fits-all data governance organisational structure.

      Example of a Data Governance Organisational Structure

      Critical roles and responsibilities for data governance

      Data Governance Working Groups

      Data governance working groups:

      • Are cross-functional teams
      • Deliver on data governance projects, initiatives, and ad hoc review committees.

      Data Stewards

      Traditionally, data stewards:

      • Serve on an operational level addressing issues related to adherence to standards/procedures, monitoring data quality, raising issues identified, etc.
      • Are responsible for managing access, quality, escalating issues, etc.

      Data Custodians

      • Traditionally, data custodians:
      • Serve on an operational level addressing issues related to data and database administration.
      • Support the management of access, data quality, escalating issues, etc.
      • Are SMEs from IT and database administration.

      Example: Business capabilities to data owner and data stewards mapping for a selected data domain

      Info-Tech Insight

      Your organisation's value streams and the associated business capabilities require effectively governed data. Without this, you face elevated operational costs, missed opportunities, eroded stakeholder satisfaction, and exposure to increased business risk.

      Enabling business capabilities with data governance role definitions

      Example: Business capabilities to data owner and data stewards mapping for a selected data domain

      Operating Model

      Your operating model is the key to designing and operationalizing a form of data governance that delivers measurable business value to your organisation.

      'Generate excitement for data: When people are excited and committed to the vision of data enablement, they're more likely to help ensure that data is high quality and safe.' – Petzold, et al., 2020

      Operating Model

      Defining your data governance operating model will help create a well-oiled program that sustainably delivers value to the organisation and manages risks while building and fostering a culture of data excellence along the way. Some organisations are able to establish a formal data governance office, whether independent or attached to the office of the chief data officer. Regardless of how you are organised, data governance requires a home, a leader, and an operating model to ensure its sustainability and evolution.

      Examples of focus areas for your operating model:

      • Delivery: While there are core tenets to every data governance program, there is a level of variability in the implementation of data governance programs across organisations, sectors, and industries. Every organisation has its own particular drivers and mandates, so the level and rigour applied will also vary.

        • The key is to determine what style will work best in your organisation, taking into consideration your organisational culture, executive leadership support (present and ongoing), catalysts such as other enterprise-wide transformative and modernisation initiatives, and/or regulatory and compliances drivers.

      • Communication: Communication is vital across all levels and stakeholder groups. For instance, there needs to be communication from the data governance office up to senior leadership, as well as communication within the data governance organisation, which is typically made up of the data governance steering committee, data governance council, executive sponsor/champion, data stewards, and data custodians and working groups.

        • Furthermore, communication with the wider organisation of data producers, users, and consumers is one of the core elements of the overall data governance communications plan.

      Communication is vital for ensuring acceptance of new processes, rules, guidelines, and technologies by all data producers and users as well as for sharing success stories of the program.

      Operating Model

      Tie the value of data governance and its initiatives back to the business capabilities that are enabled.

      'Leading organisations invest in change management to build data supporters and convert the sceptics. This can be the most difficult part of the program, as it requires motivating employees to use data and encouraging producers to share it (and ideally improve its quality at the source)[.]' – Petzold, et al., 2020

      Operating Model

      Examples of focus areas for your operating model (continued):

      • Change management and issue resolution: Data governance initiatives will very likely bring about a level of organisational disruption, with governance recommendations and future state requiring potentially significant business change. This may include a redesign of a substantial number of data processes affecting various business units, which will require tweaking the organisation's culture, thought processes, and procedures surrounding its data.

        • Preparing people for change well in advance will allow them to take the steps necessary to adapt and reduce potential confrontation. By planning for and efficiently communicating any changes that a data governance initiative may bring, many initial issues can be resolved from the outset.

        Attempting to implement change without an effective communications plan can result in disagreements over data control and stalemates between stakeholder units. The recommendations of the governance group must reflect the needs of all stakeholders or there will be pushback.

      • Performance measuring, monitoring and reporting: Measuring and reporting on performance, successes, and realisation of tangible business value are a must for sustaining, growing, and scaling your data governance program.

        • Aligning your data governance to the organisation's value realisation activities enables you to leverage the KPIs of those business capabilities to demonstrate tangible and measurable value. Use terms and language that will resonate with your senior business leadership.

      Info-Tech Tip:

      Launching a data governance program will bring with it a level of disruption to the culture of the organisation. That disruption doesn't have to be detrimental if you are prepared to manage the change proactively and effectively.

      Policies, Procedures & Standards

      'Data standards are the rules by which data are described and recorded. In order to share, exchange, and understand data, we must standardise the format as well as the meaning.' – U.S. Geological Survey

      Policies, Procedures & Standards

      • When defining, updating, or refreshing your data policies, procedures, and standards, ensure they are relevant, serve a purpose, and/or support the use of data in the organisation.
      • Avoid the common pitfall of building out a host of policies, procedures, and standards that are never used or followed by users and therefore don't bring value or serve to mitigate risk for the organisation.
      • Data policies can be thought of as formal statements and are typically created, approved, and updated by the organisation's data decision-making body (such as a data governance steering committee).
      • Data standards and procedures function as actions, or rules, that support the policies and their statements.
      • Standards and procedures are designed to standardise the processes during the overall data lifecycle. Procedures are instructions to achieve the objectives of the policies. The procedures are iterative and will be updated with approval from your data governance committee as needed.
      • Your organisation's data policies, standards, and procedures should not bog down or inhibit users; rather, they should enable confident data use and handling across the overall data lifecycle. They should support more effective and seamless data capture, integration, aggregation, sharing, and retention of data in the organisation.

      Examples of data policies:

      • Data Classification Policy
      • Data Retention Policy
      • Data Entry Policy
      • Data Backup Policy
      • Data Provenance Policy
      • Data Management Policy

      See Info-Tech's Data Governance Policy Template: This policy establishes uniformed data governance standards and identifies the shared responsibilities for assuring the integrity of the data and that it efficiently and effectively serves the needs of your organisation.

      Data Domain Documentation

      Select the correct granularity for your business need

      Diagram of data domain documentation
      Sources: Dataversity; Atlan; Analytics8

      Data Domain Documentation Examples

      Data Domain Documentation Examples

      Data Culture

      'Organisational culture can accelerate the application of analytics, amplify its power, and steer companies away from risky outcomes.' – Petzold, et al., 2020

      A healthy data culture is key to amplifying the power of your data and to building and sustaining an effective data governance program.

      What does a healthy data culture look like?

      • Everybody knows the data.
      • Everybody trusts the data.
      • Everybody talks about the data.

      Building a culture of data excellence.

      Leverage Info-Tech's Data Culture Diagnostic to understand your organisation's culture around data.

      Screenshot of Data Culture Scorecard

      Contact your Info-Tech Account Representative for more information on the Data Culture Diagnostic

      Cultivating a data-driven culture is not easy

      'People are at the heart of every culture, and one of the biggest challenges to creating a data culture is bringing everyone into the fold.' – Lim, Alation

      It cannot be purchased or manufactured,

      It must be nurtured and developed,

      And it must evolve as the business, user, and data landscapes evolve.

      'Companies that have succeeded in their data-driven efforts understand that forging a data culture is a relentless pursuit, and magic bullets and bromides do not deliver results.' – Randy Bean, 2020

      Hallmarks of a data-driven culture

      There is a trusted, single source of data the whole company can draw from.

      There's a business glossary and data catalogue and users know what the data fields mean.

      Users have access to data and analytics tools. Employees can leverage data immediately to resolve a situation, perform an activity, or make a decision – including frontline workers.

      Data literacy, the ability to collect, manage, evaluate, and apply data in a critical manner, is high.

      Data is used for decision making. The company encourages decisions based on objective data and the intelligent application of it.

      A data-driven culture requires a number of elements:

      • High-quality data
      • Broad access and data literacy
      • Data-driven decision-making processes
      • Effective communication

      Data Literacy

      Data literacy is an essential part of a data-driven culture.

      • Building a data-driven culture takes an ongoing investment of time, effort, and money.
      • This investment will not realise its full return without building up the organisation's data literacy.
      • Data literacy is about filling data knowledge gaps across all levels of the organisation.
      • It's about ensuring all users – senior leadership right through to core users – are equipped with appropriate levels of training, skills, understanding, and awareness around the organisation's data and the use of associated tools and technologies. Data literacy ensures users have the data they need and they know how to interpret and leverage it.
      • Data literacy drives the appetite, demand, and consumption for data.
      • A data-literate culture is one where the users feel confident and skilled in their use of data, leveraging it for making informed or evidence-based decisions and generating insights for the organisation.

      Data Management

      • Data governance serves as an enabler to all of the core components that make up data management:
        • Data quality management
        • Data architecture management
        • Data platform
        • Data integration
        • Data operations management
        • Data risk management
        • Reference and master data management (MDM)
        • Document and content management
        • Metadata management
        • Business intelligence (BI), reporting, analytics and advanced analytics, artificial intelligence (AI), machine learning (ML)
      • Key tools such as the business data glossary and data catalogue are vital for operationalizing data governance and in supporting data management disciplines such as data quality management, metadata management, and MDM as well as BI, reporting, and analytics.

      Enterprise Projects & Services

      • Data governance serves as an enabler to enterprise projects and services that require, use, share, sell, and/or rely on data for their viability and, ultimately, their success.
      • Folding or embedding data governance into the organisation's project management function or project management office (PMO) serves to ensure that, for any initiative, suitable consideration is given to how data is treated.
      • This may include defining parameters, following standards and procedures around bringing in new sources of data, integrating that data into the organisation's data ecosystem, using and sharing that data, and retaining that data post-project completion.
      • The data governance function helps to identify and manage any ethical issues, whether at the start of the project and/or throughout.
      • It provides a foundation for asking relevant questions as it relates to the use or incorporation of data in delivering the specific project or service. Do we know where the data obtained from? Do we have rights to use that data? Are there legislations, policies, or regulations that guide or dictate how that data can be used? What are the positive effects, negative impacts, and/or risks associated with our intended use of that data? Are we positioned to mitigate those risks?
      • Mature data governance creates organisations where the above considerations around data management and the ethical use and handling of data is routinely implemented across the business and in the rollout and delivery of projects and services.

      Data Privacy & Security

      • Data governance supports the organisation's data privacy and security functions.
      • Key tools include the data classification policy and standards and defined roles around data ownership and data stewardship. These are vital for operationalizing data governance and supporting data privacy, security, and the ethical use and handling of data.
      • While some organisations may have a dedicated data security and privacy group, data governance provides an added level of oversight in this regard.
      • Some of the typical checks and balances include ensuring:
        • There are policies and procedures in place to restrict and monitor staff's access to data (one common way this is done is according to job descriptions and responsibilities) and that these comply with relevant laws and regulations.
        • There's a data classification scheme in place where data has been classified on a hierarchy of sensitivity (e.g. top secret, confidential, internal, limited, public).
        • The organisation has a comprehensive data security framework, including administrative, physical, and technical procedures for addressing data security issues (e.g. password management and regular training).
        • Risk assessments are conducted, including an evaluation of risks and vulnerabilities related to intentional and unintentional misuse of data.
        • Policies and procedures are in place to mitigate the risks associated with incidents such as data breaches.
        • The organisation regularly audits and monitors its data security.

      Ethical Use & Handling of Data

      Data governance will support your organisation's ethical use and handling of data by facilitating definition around important factors, such as:

      • What are the various data assets in the organisation and what purpose(s) can they be used for? Are there any limitations?
      • Who is the related data owner? Who holds accountability for that data? Who will be answerable?
      • Where was the data obtained from? What is the intended use of that data? Do you have rights to use that data? Are there legislations, policies, or regulations that guide or dictate how that data can be used?
      • What are the positive effects, negative impacts, and/or risks associated with the use of that data?

      Ethical Use & Handling of Data

      • Data governance serves as an enabler to the ethical use and handling of an organisation's data.
      • The Open Data Institute (ODI) defines data ethics as: 'A branch of ethics that evaluates data practices with the potential to adversely impact on people and society – in data collection, sharing and use.'
      • Data ethics relates to good practice around how data is collected, used and shared. It's especially relevant when data activities have the potential to impact people and society, whether directly or indirectly (Open Data Institute, 2019).
      • A failure to handle and use data ethically can negatively impact an organisation's direct stakeholders and/or the public at large, lead to a loss of trust and confidence in the organisation's products and services, lead to financial loss, and impact the organisation's brand, reputation, and legal standing.
      • Data governance plays a vital role is building and managing your data assets, knowing what data you have, and knowing the limitations of that data. Data ownership, data stewardship, and your data governance decision-making body are key tenets and foundational components of your data governance. They enable an organisation to define, categorise, and confidently make decisions about its data.

      Step 2.2

      Gauge Your Organisation's Current Data Culture

      Activities

      2.2.1 Gauge Your Organisation's Current Data Culture

      This step will guide you through the following activities:

      • Conduct a data culture survey or leverage Info-Tech's Data Culture Diagnostic to increase your understanding of your organisation's data culture

      Outcomes of this step

      • An understanding of your organisational data culture

      2.2.1 Gauge Your Organisation's Current Data Culture

      Conduct a Data Culture Survey or Diagnostic

      The objectives of conducting a data culture survey are to increase the understanding of the organisation's data culture, your users' appetite for data, and their appreciation for data in terms of governance, quality, accessibility, ownership, and stewardship. To perform a data culture survey:

      1. Identify members of the data user base, data consumers, and other key stakeholders for surveying.
      2. Conduct an information session to introduce Info-Tech's Data Culture Diagnostic survey. Explain the objective and importance of the survey and its role in helping to understand the organisation's current data culture and inform the improvement of that culture.
      3. Roll out the Info-Tech Data Culture Diagnostic survey to the identified users and stakeholders.
      4. Debrief and document the results and scorecard in the Data Strategy Stakeholder Interview Guide and Findings document.

      Input

      • Email addresses of participants in your organisation who should receive the survey

      Output

      • Your organisation's Data Culture Scorecard for understanding current data culture as it relates to the use and consumption of data
      • An understanding of whether data is currently perceived to be an asset to the organisation

      Materials

      Screenshot of Data Culture Scorecard

      Participants

      • Participants include those at the senior leadership level through to middle management, as well as other business stakeholders at varying levels across the organisation
      • Data owners, stewards, and custodians
      • Core data users and consumers

      Contact your Info-Tech Account Representative for details on launching a Data Culture Diagnostic.

      Phase 3

      Build a Target State Roadmap and Plan

      Three circles are in the image that list the three phases and the main steps. Phase 3 is highlighted.

      'Achieving data success is a journey, not a sprint. Companies that set a clear course, with reasonable expectations and phased results over a period of time, get to the destination faster.' – Randy Bean, 2020

      This phase will guide you through the following activities:

      • Build your Data Governance Roadmap
      • Develop a target state plan comprising of prioritised initiatives

      This phase involves the following participants:

      • Data Governance Leadership
      • Data Owners/Data Stewards
      • Data Custodians
      • Data Governance Working Group(s)

      Step 3.1

      Formulate an Actionable Roadmap and Right-Sized Plan

      This step will guide you through the following activities:

      • Build your data governance roadmap
      • Develop a target state plan comprising of prioritised initiatives

      Download Info-Tech's Data Governance Planning and Roadmapping Workbook

      See Info-Tech's Data Governance Program Charter Template: A program charter template to sell the importance of data governance to senior executives.

      This template will help get the backing required to get a data governance project rolling. The program charter will help communicate the project purpose, define the scope, and identify the project team, roles, and responsibilities.

      Outcomes of this step

      • A foundation for data governance initiative planning that's aligned with the organisation's business architecture: value streams, business capability map, and strategy map

      Build a right-sized roadmap

      Formulate an actionable roadmap that is right sized to deliver value in your organisation.

      Key considerations:

      • When building your data governance roadmap, ensure you do so through an enterprise lens. Be cognizant of other initiatives that might be coming down the pipeline that may require you to align your data governance milestones accordingly.
      • Apart from doing your planning with consideration for other big projects or launches that might be in-flight and require the time and attention of your data governance partners, also be mindful of the more routine yet still demanding initiatives.
      • When doing your roadmapping, consider factors like the organisation's fiscal cycle, typical or potential year-end demands, and monthly/quarterly reporting periods and audits. Initiatives such as these are likely to monopolise the time and focus of personnel key to delivering on your data governance milestones.

      Sample milestones:

      Data Governance Leadership & Org Structure Definition

      Define the home for data governance and other key roles around ownership and stewardship, as approved by senior leadership.

      Data Governance Charter and Policies

      Create a charter for your program and build/refresh associated policies.

      Data Culture Diagnostic

      Understand the organisation's current data culture, perception of data, value of data, and knowledge gaps.

      Use Case Build and Prioritisation

      Build a use case that is tied to business capabilities. Prioritise accordingly.

      Business Data Glossary/catalogue

      Build and/or refresh the business' glossary for addressing data definitions and standardisation issues.

      Tools & Technology

      Explore the tools and technology offering in the data governance space that would serve as an enabler to the program. (e.g. RFI, RFP).

      Recall: Info-Tech's Data Governance Framework

      An image of Info-Tech's Data Governance Framework

      Build an actionable roadmap

      Data Governance Leadership & Org Structure Division

      Define key roles for getting started.

      Use Case Build & Prioritisation

      Start small and then scale – deliver early wins.

      Literacy Program

      Start understanding data knowledge gaps, building the program, and delivering.

      Tools & Technology

      Make the available data governance tools and technology work for you.

      Key components of your data governance roadmap

      Data Governance Program Charter Template – A program charter template to sell the importance of data governance to senior executives.

      This template will help get the backing required to get a data governance project rolling. The program charter will help communicate the project purpose, define the scope, and identify the project team, roles, and responsibilities.

      By now, you have assessed current data governance environment and capabilities. Use this assessment, coupled with the driving needs of your business, to plot your data Governance roadmap accordingly.

      Sample data governance roadmap milestones:

      • Define data governance leadership.
      • Define and formalise data ownership and stewardship (as well as the role IT/data management will play as data custodians).
      • Build/confirm your business capability map and data domains.
      • Build business data use cases specific to business capabilities.
      • Define business measures/KPIs for the data governance program (i.e. metrics by use case that are relevant to business capabilities).
      • Data management:
        • Build your data glossary or catalogue starting with identified and prioritised terms.
        • Define data domains.
      • Design and define the data governance operating model (oversight model definition, communication plan, internal marketing such as townhalls, formulate change management plan, RFP of data governance tool and technology options for supporting data governance and its administration).
      • Data policies and procedures:
        • Formulate, update, refresh, consolidate, rationalise, and/or retire data policies and procedures.
        • Define policy management and administration framework (i.e. roll-out, maintenance, updates, adherence, system to be used).
      • Conduct Info-Tech's Data Culture Diagnostic or survey (across all levels of the organisation).
      • Define and formalise the data literacy program (build modules, incorporate into LMS, plan lunch and learn sessions).
      • Data privacy and security: build data classification policy, define classification standards.
      • Enterprise projects and services: embed data governance in the organisation's PMO, conduct 'Data Governance 101' for the PMO.

      Defining data governance roles and organisational structure at Organisation

      The approach employed for defining the data governance roles and supporting organisational structure for .

      Key Considerations:

      • The data owner and data steward roles are formally defined and documented within the organisation. Their involvement is clear, well-defined, and repeatable.
      • There are data owners and data stewards for each data domain within the organisation. The data steward role is given to someone with a high degree of subject matter expertise.
      • Data owners and data stewards are effective in their roles by ensuring that their data domain is clean and free of errors and that they protect the organisation against data loss.
      • Data owners and data stewards have the authority to make final decisions on data definitions, formats, and standard processes that apply to their respective data sets. Data owners and data stewards have authority regarding who has access to certain data.
      • Data owners and data stewards are not from the IT side of the organisation. They understand the lifecycle of the data (how it is created, curated, retrieved, used, archived, and destroyed) and they are well-versed in any compliance requirements as it relates to their data.
      • The data custodian role is formally defined and is given to the relevant IT expert. This is an individual with technical administrative and/or operational responsibility over data (e.g. a DBA).
      • A data governance steering committee exists and is comprised of well-defined roles, responsibilities, executive sponsors, business representatives, and IT experts.
      • The data governance steering committee works to provide oversight and enforce policies, procedures, and standards for governing data.
      • The data governance working group has cross-functional representation. This comprises business and IT representation, as well as project management and change management where applicable: data stewards, data custodians, business subject matter experts, PM, etc.).
      • Data governance meetings are coordinated and communicated about. The meeting agenda is always clear and concise, and meetings review pressing data-related issues. Meeting minutes are consistently documented and communicated.

      Sample: Business capabilities to data owner and data stewards mapping for a selected data domain

      Info-Tech Insight

      Your organisation's value streams and the associated business capabilities require effectively governed data. Without this, you face elevated operational costs, missed opportunities, eroded stakeholder satisfaction, and exposure to increased business risk.

      Enable business capabilities with data governance role definitions.

      Sample: Business capabilities to data owner and data stewards mapping for a selected data domain

      Consider your technology options:

      Make the available data governance tools and technology work for you:

      • Data catalogue
      • Business data glossary
      • Data lineage
      • Metadata management

      Logos of data governance tools and technology.

      These are some of the data governance tools and technology players. Check out SoftwareReviews for help making better software decisions.

      Make the data steward the catalyst for organisational change and driving data culture

      The data steward must be empowered and backed politically with decision-making authority, or the role becomes stale and powerless.

      Ensuring compliance can be difficult. Data stewards may experience pushback from stakeholders who must deliver on the policies, procedures, and processes that the data steward enforces.

      Because the data steward must enforce data processes and liaise with so many different people and departments within the organisation, the data steward role should be their primary full-time job function – where possible.

      However, in circumstances where budget doesn't allow a full-time data steward role, develop these skills within the organisation by adding data steward responsibilities to individuals who are already managing data sets for their department or line of business.

      Info-Tech Tip

      A stewardship role is generally more about managing the cultural change that data governance brings. This requires the steward to have exceptional interpersonal skills that will assist in building relationships across departmental boundaries and ensuring that all stakeholders within the organisation believe in the initiative, understand the anticipated outcomes, and take some level of responsibility for its success.

      Changes to organisational data processes are inevitable; have a communication plan in place to manage change

      Create awareness of your data governance program. Use knowledge transfer to get as many people on board as possible.

      Data governance initiatives must contain a strong organisational disruption component. A clear and concise communication strategy that conveys milestones and success stories will address the various concerns that business unit stakeholders may have.

      By planning for and efficiently communicating any changes that a data governance initiative may bring, many initial issues can be resolved from the outset.

      Governance recommendations will require significant business change. The redesign of a substantial number of data processes affecting various business units will require an overhaul of the organisation's culture, thought processes, and procedures surrounding its data. Preparing people for change well in advance will allow them to take the necessary steps to adapt and reduce potential confrontation.

      Because a data governance initiative will involve data-driven business units across the organisation, the governance team must present a compelling case for data governance to ensure acceptance of new processes, rules, guidelines, and technologies by all data producers and users.

      Attempting to implement change without an effective communication plan can result in disagreements over data control and stalemates between stakeholder units. The recommendations of the governance group must reflect the needs of all stakeholders or there will be pushback.

      Info-Tech Insight

      Launching a data governance initiative is guaranteed to disrupt the culture of the organisation. That disruption doesn't have to be detrimental if you are prepared to manage the change proactively and effectively.

      Create a common data governance vision that is consistently communicated to the organisation

      A data governance program should be an enterprise-wide initiative.

      To create a strong vision for data governance, there must be participation from the business and IT. A common vision will articulate the state the organisation wishes to achieve and how it will reach that state. Visioning helps to develop long-term goals and direction.

      Once the vision is established, it must be effectively communicated to everyone, especially those who are involved in creating, managing, disposing, or archiving data.

      The data governance program should be periodically refined. This will ensure the organisation continues to incorporate best methods and practices as the organisation grows and data needs evolve.

      Info-Tech Tips

      • Use information from the stakeholder interviews to derive business goals and objectives.
      • Work to integrate different opinions and perspectives into the overall vision for data governance.
      • Brainstorm guiding principles for data and understand the overall value to the organisation.

      Develop a compelling data governance communications plan to get all departmental lines of business on board

      A data governance program will impact all data-driven business units within the organisation.

      A successful data governance communications plan involves making the initiative visible and promoting staff awareness. Educate the team on how data is collected, distributed, and used, what internal processes use data, and how that data is used across departmental boundaries.

      By demonstrating how data governance will affect staff directly, you create a deeper level of understanding across lines of business, and ultimately, a higher level of acceptance for new processes, rules, and guidelines.

      A clear and concise communications strategy will raise the profile of data governance within the organisation, and staff will understand how the program will benefit them and how they can share in the success of the initiative. This will end up providing support for the initiative across the board.

      A proactive communications plan will:

      • Assist in overcoming issues with data control, stalemates between stakeholder units, and staff resistance.
      • Provide a formalised process for implementing new policies, rules, guidelines, and technologies, and managing organisational data.
      • Detail data ownership and accountability for decision making, and identify and resolve data issues throughout the organisation.
      • Encourage acceptance and support of the initiative.

      Info-Tech Tip

      Focus on literacy and communication: include training in the communication plan. Providing training for data users on the correct procedures for updating and verifying the accuracy of data, data quality, and standardised data policies will help validate how data governance will benefit them and the organisation.

      Leverage the data governance program to communicate and promote the value of data within the organisation

      The data governance program is responsible for continuously promoting the value of data to the organisation. The data governance program should seek a variety of ways to educate the organisation and data stakeholders on the benefit of data management.

      Even if data policies and procedures are created, they will be highly ineffective if they are not properly communicated to the data producers and users alike.

      There needs to be a communication plan that highlights how the data producer and user will be affected, what their new responsibilities are, and the value of that change.

      To learn how to manage organisational change, refer to Info-Tech's Master Organisational Change Management Practices.

      Understand what makes for an effective policy for data governance

      It can be difficult to understand what a policy is, and what it is not. Start by identifying the differences between a policy and standards, guidelines, and procedures.

      Diagram of an effective policy for data governance

      The following are key elements of a good policy:

      Heading Descriptions
      Purpose Describes the factors or circumstances that mandate the existence of the policy. Also states the policy's basic objectives and what the policy is meant to achieve.
      Scope Defines to whom and to what systems this policy applies. Lists the employees required to comply or simply indicates 'all' if all must comply. Also indicates any exclusions or exceptions, i.e. those people, elements, or situations that are not covered by this policy or where special consideration may be made.
      Definitions Define any key terms, acronyms, or concepts that will be used in the policy. A standard glossary approach is sufficient.
      Policy Statements Describe the rules that comprise the policy. This typically takes the form of a series of short prescriptive and proscriptive statements. Sub-dividing this section into sub-sections may be required depending on the length or complexity of the policy.
      Non-Compliance Clearly describe consequences (legal and/or disciplinary) for employee non-compliance with the policy. It may be pertinent to describe the escalation process for repeated non-compliance.
      Agreement Confirms understanding of the policy and provides a designated space to attest to the document.

      Leverage myPolicies, Info-Tech's web-based application for managing your policies and procedures

      Most organisations have problems with policy management. These include:

      1. Policies are absent or out of date
      2. Employees largely unaware of policies in effect
      3. Policies are unmonitored and unenforced
      4. Policies are in multiple locations
      5. Multiple versions of the same policy exist
      6. Policies managed inconsistently across different silos
      7. Policies are written poorly by untrained authors
      8. Inadequate policy training program
      9. Draft policies stall and lose momentum
      10. Weak policy support from senior management

      Technology should be used as a means to solve these problems and effectively monitor, enforce, and communicate policies.

      Product Overview

      myPolicies is a web-based solution to create, distribute, and manage corporate policies, procedures, and forms. Our solution provides policy managers with the tools they need to mitigate the risk of sanctions and reduce the administrative burden of policy management. It also enables employees to find the documents relevant to them and build a culture of compliance.

      Some key success factors for policy management include:

      • Store policies in a central location that is well known and easy to find and access. A key way that technology can help communicate policies is by having them published on a centralised website.
      • Link this repository to other policies' taxonomies of your organisation. E.g. HR policies to provide a single interface for employees to access guidance across the organisation.
      • Reassess policies annually at a minimum. myPolicies can remind you to update the organisation's policies at the appropriate time.
      • Make the repository searchable and easily navigable.
      • myPolicies helps you do all this and more.
      myPolicies logo myPolicies

      Enforce data policies to promote consistency of business processes

      Data policies are short statements that seek to manage the creation, acquisition, integrity, security, compliance, and quality of data. These policies vary amongst organisations, depending on your specific data needs.

      • Policies describe what to do, while standards and procedures describe how to do something.
      • There should be few data policies, and they should be brief and direct. Policies are living documents and should be continuously updated to respond to the organisation's data needs.
      • The data policies should highlight who is responsible for the data under various scenarios and rules around how to manage it effectively.

      Examples of Data Policies

      Trust

      • Data Cleansing and Quality Policy
      • Data Entry Policy

      Availability

      • Acceptable Use Policy
      • Data Backup Policy

      Security

      • Data Security Policy
      • Password Policy Template
      • User Authorisation, Identification, and Authentication Policy Template
      • Data Protection Policy

      Compliance

      • Archiving Policy
      • Data Classification Policy
      • Data Retention Policy

      Leverage data management-related policies to standardise your data management practices

      Info-Tech's Data Management Policy:

      This policy establishes uniform data management standards and identifies the shared responsibilities for assuring the integrity of the data and that it efficiently and effectively serves the needs of the organisation. This policy applies to all critical data and to all staff who may be creators and/or users of such data.

      Info-Tech's Data Entry Policy:

      The integrity and quality of data and evidence used to inform decision making is central to both the short-term and long-term health of an organisation. It is essential that required data be sourced appropriately and entered into databases and applications in an accurate and complete manner to ensure the reliability and validity of the data and decisions made based on the data.

      Info-Tech's Data Provenance Policy:

      Create policies to keep your data's value, such as:

      • Only allow entry of data from reliable sources.
      • Employees entering and accessing data must observe requirements for capturing/maintaining provenance metadata.
      • Provenance metadata will be used to track the lifecycle of data from creation through to disposal.

      Info-Tech's Data Integration and Virtualisation Policy:

      This policy aims to assure the organisation, staff, and other interested parties that data integration, replication, and virtualisation risks are taken seriously. Staff must use the policy (and supporting guidelines) when deciding whether to integrate, replicate, or virtualise data sets.

      Select the right mix of metrics to successfully supervise data policies and processes

      Policies are only as good as your level of compliance. Ensure supervision controls exist to oversee adherence to policies and procedures.

      Although they can be highly subjective, metrics are extremely important to data governance success.

      • Establishing metrics that measure the performance of a specific process or data set will:
        • Create a greater degree of ownership from data stewards and data owners.
        • Help identify underperforming individuals.
        • Allow the steering committee to easily communicate tailored objectives to individual data stewards and owners.
      • Be cautious when establishing metrics. The wrong metrics can have negative repercussions.
        • They will likely draw attention to an aspect of the process that doesn't align with the initial strategy.
        • Employees will work hard and grow frustrated as their successes aren't accurately captured.

      Policies are great to have from a legal perspective, but unless they are followed, they will not benefit the organisation.

      • One of the most useful metrics for policies is currency. This tracks how up to date the policy is and how often employees are informed about the policy. Often, a policy will be introduced and then ignored. Policies must be continuously reviewed by management and employees.
      • Some other metrics include adherence (including performance in tests for adherence) and impacts from non-adherence.

      Review metrics on an ongoing basis with those data owners/stewards who are accountable, the data governance steering committee, and the executive sponsors.

      Establish data standards and procedures for use across all organisational lines of business

      A data governance program will impact all data-driven business units within the organisation.

      • Data management procedures are the methods, techniques, and steps to accomplish a specific data objective. Creating standard data definitions should be one of the first tasks for a data governance steering committee.
      • Data moves across all departmental boundaries and lines of business within the organisation. These definitions must be developed as a common set of standards that can be accepted and used enterprise wide.
      • Consistent data standards and definitions will improve data flow across departmental boundaries and between lines of business.
      • Ensure these standards and definitions are used uniformly throughout the organisation to maintain reliable and useful data.

      Data standards and procedural guidelines will vary from company to company.

      Examples include:

      • Data modelling and architecture standards.
      • Metadata integration and usage procedures.
      • Data security standards and procedures.
      • Business intelligence standards and procedures.

      Info-Tech Tip

      Have a fundamental data definition model for the entire business to adhere to. Those in the positions that generate and produce data must follow the common set of standards developed by the steering committee and be accountable for the creation of valid, clean data.

      Changes to organisational data processes are inevitable; have a communications plan in place to manage change

      Create awareness of your data governance program, using knowledge transfer to get as many people on board as possible.

      By planning for and efficiently communicating any changes that a data governance initiative may bring, many initial issues can be resolved from the outset.

      Governance recommendations will require significant business change. The redesign of a substantial number of data processes affecting various business units will require an overhaul of the organisation's culture, thought processes, and procedures surrounding its data. Preparing people for change well in advance will allow them to take the necessary steps to adapt and reduce potential confrontation.

      Because a data governance initiative will involve data-driven business units across the organisation, the governance team must present a compelling case for data governance to ensure acceptance of new processes, rules, guidelines, and technologies by all data producers and users.

      Attempting to implement change without an effective communications plan can result in disagreements over data control and stalemates between stakeholder units. The recommendations of the governance group must reflect the needs of all stakeholders or there will be pushback.

      Data governance initiatives will very likely bring about a level of organisational disruption. A clear and concise communications strategy that conveys milestones and success stories will address the various concerns that business unit stakeholders may have.

      Info-Tech Tip

      Launching a data governance program will bring with it a level of disruption to the culture of the organisation. That disruption doesn't have to be detrimental if you are prepared to manage the change proactively and effectively.

      Other Deliverables:

      The list of supporting deliverables will help to kick start on some of the Data Governance initiatives

      • Data Classification Policy, Standard, and Procedure
      • Data Quality Policy, Standard, and Procedure
      • Metadata Management Policy, Standard, and Procedure
      • Data Retention Policy and Procurement

      Screenshot from Data Classification Policy, Standard, and Procedure

      Data Classification Policy, Standard, and Procedure

      Screenshot from Data Retention Policy and Procedure

      Data Retention Policy and Procedure

      Screenshot from Metadata Management Policy, Standard, and Procedure

      Metadata Management Policy, Standard, and Procedure

      Screenshot from Data Quality Policy, Standard, and Procedure

      Data Quality Policy, Standard, and Procedure

      Additional Support

      If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop.

      Picture of analyst

      Contact your account representative for more information.

      workshops@infotech.com 1-888-670-8889

      To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team. Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.

      The following are sample activities that will be conducted by Info-Tech analysts with your team:

      Screenshot of example data governance strategy map.

      Build Your Business and User Context

      Work with your core team of stakeholders to build out your data governance strategy map, aligning data governance initiatives with business capabilities, value streams, and, ultimately, your strategic priorities.

      Screenshot of Data governance roadmap

      Formulate a Plan to Get to Your Target State

      Develop a data governance future state roadmap and plan based on an understanding of your current data governance capabilities, your operating environment, and the driving needs of your business.

      Related Info-Tech Research

      Build a Robust and Comprehensive Data Strategy

      Key to building and fostering a data-driven culture.

      Create a Data Management Roadmap

      Streamline your data management program with our simplified framework.

      The First 100 Days as CDO

      Be the voice of data in a time of transformation.

      Research Contributors

      Name Position Company
      David N. Weber Executive Director - Planning, Research and Effectiveness Palm Beach State College
      Izabela Edmunds Information Architect Mott MacDonald
      Andy Neill Practice Lead, Data & Analytics Info-Tech Research Group
      Dirk Coetsee Research Director, Data & Analytics Info-Tech Research Group
      Graham Price Executive Advisor, Advisory Executive Services Info-Tech Research Group
      Igor Ikonnikov Research Director, Data & Analytics Info-Tech Research Group
      Jean Bujold Senior Workshop Delivery Director Info-Tech Research Group
      Rajesh Parab Research Director, Data & Analytics Info-Tech Research Group
      Reddy Doddipalli Senior Workshop Director Info-Tech Research Group
      Valence Howden Principal Research Director, CIO Info-Tech Research Group

      Bibliography

      Alation. “The Alation State of Data Culture Report – Q3 2020.” Alation, 2020. Accessed 25 June 2021.

      Allott, Joseph, et al. “Data: The Next Wave in Forestry Productivity.” McKinsey & Company, 27 Oct. 2020. Accessed 25 June 2021.

      Bean, Randy. “Why Culture Is the Greatest Barrier to Data Success.” MIT Sloan Management Review, 30 Sept. 2020. Accessed 25 June 2021.

      Brence, Thomas. “Overcoming the Operationalization Challenge With Data Governance at New York Life.” Informatica, 18 March 2020. Accessed 25 June 2021.

      Bullmore, Simon, and Stuart Coleman. “ODI Inside Business – A Checklist for Leaders.” Open Data Institute, 19 Oct. 2020. Accessed 25 June 2021.

      Canadian Institute for Health Information. “Developing and Implementing Accurate National Standards for Canadian Health Care Information.” Canadian Institute for Health Information. Accessed 25 June 2021.

      Carruthers, Caroline, and Peter Jackson. “The Secret Ingredients of the Successful CDO.” IRM UK Connects, 23 Feb. 2017.

      Dashboards. “Useful KPIs for Healthy Hospital Quality Management.” Dashboards. Accessed 25 June 2021.

      Dashboards. “Why (and How) You Should Improve Data Literacy in Your Organization Today.” Dashboards. Accessed 25 June 2021.

      Datapine. “Healthcare Key Performance Indicators and Metrics.” Datapine. Accessed 25 June 2021.

      Datapine. “KPI Examples & Templates: Measure what matters the most and really impacts your success.” Datapine. Accessed 25 June 2021.

      Diaz, Alejandro, et al. “Why Data Culture Matters.” McKinsey Quarterly, Sept. 2018. Accessed 25 June 2021.

      Everett, Dan. “Chief Data Officer (CDO): One Job, Four Roles.” Informatica, 9 Sept. 2020. Accessed 25 June 2021.

      Experian. “10 Signs You Are Sitting On A Pile Of Data Debt.” Experian. Accessed 25 June 2021.

      Fregoni, Silvia. “New Research Reveals Why Some Business Leaders Still Ignore the Data.” Silicon Angle, 1 Oct. 2020

      Informatica. Holistic Data Governance: A Framework for Competitive Advantage. Informatica, 2017. Accessed 25 June 2021.

      Knight, Michelle. “What Is a Data Catalog?” Dataversity, 28 Dec. 2017. Web.

      Lim, Jason. “Alation 2020.3: Getting Business Users in the Game.” Alation, 2020. Accessed 25 June 2021.

      McDonagh, Mariann. “Automating Data Governance.” Erwin, 29 Oct. 2020. Accessed 25 June 2021.

      NewVantage Partners. Data-Driven Business Transformation: Connecting Data/AI Investment to Business Outcomes. NewVantage Partners, 2020. Accessed 25 June 2021.

      Olavsrud, Thor. “What Is Data Governance? A Best Practices Framework For Managing Data Assets.” CIO.com, 18 March 2021. Accessed 25 June 2021.

      Open Data Institute. “Introduction to Data Ethics and the Data Ethics Canvas.” Open Data Institute, 2020. Accessed 25 June 2021.

      Open Data Institute. “The UK National Data Strategy 2020: Doing Data Ethically.” Open Data Institute, 17 Nov. 2020. Accessed 25 June 2021.

      Open Data Institute. “What Is the Data Ethics Canvas?” Open Data Institute, 3 July 2019. Accessed 25 June 2021.

      Pathak, Rahul. “Becoming a Data-Driven Enterprise: Meeting the Challenges, Changing the Culture.” MIT Sloan Management Review, 28 Sept. 2020. Accessed 25 June 2021.

      Petzold, Bryan, et al. “Designing Data Governance That Delivers Value.” McKinsey & Company, 26 June 2020. Accessed 25 June 2021.

      Redman, Thomas, et al. “Only 3% of Companies’ Data Meets Basic Quality Standards.” Harvard Business Review. 11 Sept 2017.

      Smaje, Kate. “How Six Companies Are Using Technology and Data To Transform Themselves.” McKinsey & Company, 12 Aug. 2020. Accessed 25 June 2021.

      Talend. “The Definitive Guide to Data Governance.” Talend. Accessed 25 June 2021.

      “The Powerfully Simple Modern Data Catalog.” Atlan, 2021. Web.

      U.S. Geological Survey. “Data Management: Data Standards.” U.S. Geological Survey. Accessed 25 June 2021.

      Waller, David. “10 Steps to Creating a Data-Driven Culture.” Harvard Business Review, 6 Feb. 2020. Accessed 25 June 2021.

      “What Is the Difference Between A Business Glossary, A Data Dictionary, and A Data Catalog, and How Do They Play A Role In Modern Data Management?” Analytics8, 23 June 2021. Web.

      Wikipedia. “RFM (Market Research).” Wikipedia. Accessed 25 June 2021.

      Windheuser, Christoph, and Nina Wainwright. “Data in a Modern Digital Business.” Thoughtworks, 12 May 2020. Accessed 25 June 2021.

      Wright, Tom. “Digital Marketing KPIs - The 12 Key Metrics You Should Be Tracking.” Cascade, 3 March 2021. Accessed 25 June 2021.

      State of Hybrid Work in IT

      • Buy Link or Shortcode: {j2store}551|cart{/j2store}
      • member rating overall impact: N/A
      • member rating average dollars saved: N/A
      • member rating average days saved: N/A
      • Parent Category Name: Attract & Select
      • Parent Category Link: /attract-and-select

      Hybrid work is here, but there is no consensus among industry leaders on how to do it right. IT faces the dual challenge of supporting its own employees while enabling the success of the broader organization. In the absence of a single best practice to adopt, how can IT departments make the right decisions when it comes to the new world of hybrid?

      Our Advice

      Critical Insight

      • Don’t make the mistake of emulating the tech giants, unless they are your direct competition. Instead, look to organizations that have walked your path in terms of scope, organizational goals, industry, and organizational structure. Remember, your competitors are not just those who compete for the same customers but also those who compete for your employees.
      • Hybrid and remote teams require more attention, connection, and leadership from managers. The shift from doing the day-to-day to effectively leading is critical for the success of nontraditional work models. As hybrid and remote work become engrained in society, organizations must ensure that the concept of the “working manager” is as obsolete as the rotary telephone.

      Impact and Result

      Read this concise report to learn:

      • What other IT organizations are doing in the new hybrid world.
      • How hybrid has impacted infrastructure, operations, and business relations.
      • How to succeed at building a highly effective hybrid team.
      • How Info-Tech can help you make hybrid an asset for your IT department.

      State of Hybrid Work in IT Research & Tools

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. State of Hybrid Work in IT: A Trend Report – A walkthrough of the latest data on the impact of the hybrid work revolution in IT.

      Read this report to learn how IT departments are using the latest trends in hybrid work for greater IT effectiveness. Understand what work models are best for IT, how IT can support a remote organization, and how hybrid work changes team dynamics.

      • State of Hybrid Work in IT: A Trends Report

      Infographic

      Further reading

      State of Hybrid Work in IT: A Trend Report

      When tech giants can’t agree and best practices change by the minute, forge your own path to your next normal.

      Hybrid is here. Now how do we do this?

      The pandemic has catapulted hybrid work to the forefront of strategic decisions an organization needs to make. According to our State of Hybrid Work in IT survey conducted in July of 2022, nearly all organizations across all industries are continuing some form of hybrid or remote work long-term (n=518). Flexible work location options are the single greatest concern for employees seeking a new job. IT departments are tasked with not only solving hybrid work questions for their own personnel but also supporting a hybrid-first organization, which means significant changes to technology and operations.

      Faced with decisions that alter the very foundation of how an organization functions, IT leaders are looking for best practices and coming up empty. The world of work has changed quickly and unexpectedly. If you feel you are “winging it” in the new normal, you are not alone.

      95% of organizations are continuing some form of hybrid or remote work.

      n=518

      47% of respondents look at hybrid work options when evaluating a new employer, vs. 46% who look at salary.

      n=518

      Hybrid work model decision tree

      Your organization, your employees, your goals – your hybrid work

      The days of a “typical” workplace have passed. When it comes to the new world of hybrid work, there is no best-of-breed example to follow.

      Among the flood of contradictory decisions made by industry leaders, your IT organization must forge its own path, informed by the needs of your employees and your organizational goals.

      All IT work models can support the broader organization. However, IT is more effective in a hybrid work mode.

      Stay informed on where your industry is headed, but learn from, rather than follow, industry leaders.

      All industries reported primarily using partial, balanced & full hybrid work models.

      All industries reported some fully remote work, ranging from 2-10% of organizations surveyed.

      Construction and healthcare & life sciences did not require any fully in-office work. Other industries, between 1-12% required fully in-office work.

      The image contains a screenshot of the Enablement of Organizational Goals.

      Move beyond following tech giants

      The uncomfortable truth about hybrid work is that there are many viable models, and the “best of breed” depends on who you ask. In the post-pandemic workspace, for every work location model there is an industry leader that has made it functional. And yet this doesn’t mean that every model will be viable for your organization.

      In the absence of a single best practice, rely on an individualized cost-benefit assessment rooted in objective feasibility criteria. Every work model – whether it continues your status quo or overhauls the working environment – introduces risk. Only in the context of your particular organization does that risk become quantifiable.

      Don’t make the mistake of emulating the tech giants, unless they are your direct competition. Instead, look to organizations that have walked your path in terms of scope, organizational goals, industry, and organizational structure.

      External

      Internal

      Political

      Economic

      Social

      Technological

      Legal

      Environmental

      Operations

      Culture

      Resources

      Risk

      Benefit

      Employee Preferences

      Comparative

      Your competitors

      Info-Tech Insight

      Remember, your competitors are not just those who compete for the same customers but also those who compete for your employees.

      IT must balance commitments to both the organization and its employees

      IT has two roles: to effectively support the broader organization and to function effectively within the department. It therefore has two main stakeholder relationships: the organization it supports and the employees it houses. Hybrid work impacts both. Don't make the mistake of overweighting one relationship at the expense of the other. IT will only function effectively when it addresses both.

      Track your progress with the right metrics

      IT and the organization

      • Business satisfaction with IT
      • Perception of IT value

      Diagnostic tool: Business Vision

      IT and its employees

      • Employee engagement

      Diagnostic tool:
      Employee Engagement Surveys

      This report contains:

      1. IT and the Organization
        1. IT Effectiveness
          in a Hybrid World
        2. The Impact of Hybrid on Infrastructure & Operations
      2. IT and Its Employees
        1. What Hybrid Means for the IT Workforce
        2. Leadership for Hybrid IT Teams

      This report is based on organizations like yours

      The image contains graphs that demonstrate demographics of organizations.

      This report is based on organizations like yours

      The image contains two graphs that demonstrate a breakdown of departments in an organization.

      This report is based on organizations like yours

      The image contains two graphs that demonstrate the workforce type and operating budget.


      This report is based on organizations like yours

      The image contains two graphs that demonstrate organization maturity and effectiveness score.

      At a high level, hybrid work in IT is everywhere

      INDUSTRY

      • Arts & Entertainment (including sports)
      • Retail & Wholesale
      • Utilities
      • Transportation & Warehousing
      • Not-for-Profit (incl. professional associations)
      • Education
      • Professional Services
      • Manufacturing
      • Media, Information, Telecom & Technology
      • Construction
      • Gaming & Hospitality
      • Government
      • Healthcare & Life Sciences
      • Financial Services (incl. banking & insurance)

      ORGANIZATIONAL SIZE

      Small

      <100

      Medium

      101-5,000

      Large

      >5,000

      Employees

      POSITION LEVEL

      • Executive
      • Director
      • Supervisor/Manager
      • Student/Contractor/Team Member

      100% of industries, organizational sizes, and position levels reported some form of hybrid or remote work.

      Work model breakdown at the respondent level

      5% 21% 30% 39% 5%

      No Remote
      Work

      Partial Hybrid

      Balanced Hybrid

      Full Hybrid

      Full Remote

      Work

      n=516

      Industry lens: Work location model

      The image contains a screenshot of a graph that demonstrates the work location model with the work model breakdown at the respondent level.

      Percentage of IT roles currently in a hybrid or remote work arrangement

      The image contains a screenshot of two graphs that demonstrate the percentage of IT roles currently in a hybrid or remote work arrangement.

      Work location model by organization size

      The image contains a screenshot of a graph that demonstrates work location model by organization size.

      Hybrid work options

      The image contains a screenshot of two pie graphs that demonstrate hybrid work options.

      Expense reimbursement

      28% 27% 22% 26% 13% 4%

      None

      Internet/home phone

      Just internet

      Home office setup

      Home utilities

      Other

      NOTES

      n=518

      Home office setup: One-time lump-sum payment

      Home utilities: Gas, electricity, lights, etc.

      Other: Office supplies, portion of home rent/mortgage payments, etc.

      01 TECHNOLOGY

      IT and the Organization

      Section 1

      The promise of hybrid work for IT department effectiveness and the costs of making it happen

      In this section:

      1. IT Effectiveness in a Hybrid World
      2. The Impact of Hybrid on Infrastructure & Operations

      Hybrid work models in IT bolster effectiveness

      IT’s effectiveness, meaning its ability to enable organizational goal attainment, is its ultimate success metric. In the post-pandemic world, this indicator is intimately tied to IT’s work location model, as well as IT’s ability to support the work location model used by the broader organization.

      In 2022, 90% of organizations have embraced some form of hybrid work (n=516). And only a small contingent of IT departments have more than 90% of roles still working completely in office, with no remote work offered (n=515).

      This outcome was not unexpected, given the unprecedented success of remote work during the pandemic. However, the implications of this work model were far less certain. Would productivity remain once the threat of layoffs had passed? Would hybrid work be viable in the long term, once the novelty wore off? Would teams be able to function collaboratively without meeting face to face? Would hybrid allow a great culture
      to continue?

      All signs point to yes. For most IT departments, the benefits of hybrid work outweigh its costs. IT is significantly more effective when some degree of remote or hybrid work is present.

      The image contains a screenshot of a graph on how hybrid work models in IT bolster effectiveness.

      n=518

      Remote Work Effectiveness Paradox

      When IT itself works fully onsite, lower effectiveness is reported (6.2). When IT is tasked with supporting fully, 100% remote organizations (as opposed to being fully remote only within IT), lower effectiveness is reported then as well (5.9). A fully remote organization means 100% virtual communication, so the expectations placed on IT increase, as do the stakes of any errors. Of note, hybrid work models yield consistent effectiveness scores when implemented at both the IT and organizational levels.

      IT has risen to the challenge of hybrid

      Despite the challenges initially posed by hybrid and remote organizations, IT has thrived through the pandemic and into this newly common workplace.

      Most organizations have experienced an unchanged or increased level of service requests and incidents. However, for the majority of organizations, service desk support has maintained (58%) or improved (35%). Only 7% of IT organizations report decreased service desk support.

      Is your service desk able to offer the same level of support compared to the pre-pandemic/pre-hybrid work model?

      The image contains a screenshot of a graph that demonstrates service desk levels.

      How has the volume of your service requests/incidents changed?

      The image contains a screenshot of a graph that demonstrates volume of service requests/incidents changed.

      Has hybrid work impacted your customer satisfaction scores?

      The image contains a graph that demonstrates if hybrid work impacted customer satisfaction scores.

      Industry lens: Volume of service requests

      It is interesting to note that service request volumes have evolved similarly across industries, mirroring the remarkable consistency with which hybrid work has been adopted across disparate fields, from construction to government.

      Of note are two industries where the volume of service requests mostly increased: government and media, information, telecom & technology.

      With the global expansion of digital products and services through the pandemic, it’s no surprise to see volumes increase for media, information, telecom & technology. With government, the shift from on premises to rapid and large-scale hybrid or remote work for administrative and knowledge worker roles likely meant additional support from IT to equip employees and end users with the necessary tools to carry out work offsite.

      How has the volume of your service requests/incidents changed?

      The image contains a screenshot of a graph that demonstrates the volume of service requests/incidents changed.

      The transition to hybrid was worth the effort

      Hybrid and remote work have been associated with greater productivity and organizational benefits since before the pandemic. During emergency remote work, doubts arose about whether productivity would be maintained under such extreme circumstances and were quickly dispelled. The promise of remote productivity held up.

      Now, cautiously entering a “new normal,” the question has emerged again. Will long-term hybrid work bring the same benefits?

      The expectations have held up, with hybrid work benefits ranging from reduced facilities costs to greater employee performance.

      Organizational hybrid work may place additional strain on IT,
      but it is clear IT can handle the challenge. And when it does,
      the organizational benefits are tremendous.

      88% of respondents reported increased or consistent Infrastructure & Operations customer satisfaction scores.

      What benefits has the organization achieved as a result of moving to a hybrid work model?

      The image contains a bar graph that demonstrates the benefits of a hybrid work model.

      n=487

      Hybrid has sped up modernization of IT processes and infrastructure

      Of the organizations surveyed, the vast majority reported significant changes to both the process and the technology side of IT operations. Four key processes affected by the move to hybrid were:

      • Incident management
      • Service request support
      • Asset management
      • Change management

      Within Infrastructure & Operations, the area with the greatest degree
      of change was network architecture (reported by 44% of respondents), followed closely by service desk (41%) and recovery workspaces and mitigations (40%).

      63% of respondents reported changes to conference room technology to support hybrid meetings.

      n=496

      IT Infrastructure & Operations changes, upgrades, and modernization

      The image contains a screenshot of a bar graph that demonstrates IT Infrastructure & Operations Changes, Upgrades, and Modernizations.

      What process(es) had the highest degree of change in response to supporting hybrid work?

      The image contains a screenshot of a bar graph that demonstrates the highest degree of change in response to supporting hybrid work.

      Hybrid has permanently changed deployment strategy

      Forty-five percent of respondents reported significant changes to deployment as a result of hybrid work, with an additional 42% reporting minor changes. Only 13% of respondents stated that their deployment processes remained unchanged following the shift to hybrid work.

      With the ever-increasing globalization of business, deployment modernization practices such as the shift to zero touch are no longer optional or a bonus. They are a critical part of business operation that bring efficiency benefits beyond just supporting hybrid work.

      The deployment changes brought on by hybrid span across industries. Even in manufacturing, with the greatest proportion of respondents reporting “no change” to deployment practices (33%), most organizations experienced some degree of change.

      Has a hybrid work model led you to make any changes to your deployment, such as zero touch, to get equipment to end users?

      The image contains a graph to demonstrate if change was possible with hybrid models.

      Industry lens: Deployment changes

      Has a hybrid work model led you to make any changes to your deployment, such as zero touch, to get equipment to end users?

      The image contains a screenshot of a graph that demonstrates deployment changes at an industry lens.

      Hybrid work has accelerated organizational digitization

      Over half of respondents reported significantly decreased reliance on printed copies as a result of hybrid. While these changes were on the horizon for many organizations even before the pandemic, the necessity of keeping business operations running during lockdowns meant that critical resources could be invested in these processes. As a result, digitization has leapt forward.

      This represents an opportunity for businesses to re-evaluate their relationships with printing vendors. Resources spent on printing can be reduced or reallocated, representing additional savings as a result of moving to hybrid. Additionally, many respondents report a willingness – and ability – from vendors to partner with organizations in driving innovation and enabling digitization.

      With respect to changes pertaining to hard copies/printers as a result of your hybrid work model:

      The image contains a screenshot of a bar graph that demonstrates how hybrid work has accelerated organizational digitization.

      Hybrid work necessitates network and communications modernization

      The majority (63%) of respondents reported making significant changes to conference room technology as a result of hybrid work. A significant proportion (30%) report that such changes were not needed, but this includes organizations who had already set up remote communication.

      An important group is the remaining 8% of respondents, who cite budgetary restrictions as a key barrier in making the necessary technology upgrades. Ensure the business case for communication technology appropriately reflects the impact of these upgrades, and reduce the impact of legacy technology where possible:

      • Recognize not just meeting efficiency but also the impact on culture, engagement, morale, and external and internal clients.
      • Connect conference room tech modernization to the overall business goals and work it into the IT strategy.
      • Leverage the scheduling flexibility available in hybrid work arrangements to reduce reliance on inadequate conference technology by scheduling in-person meetings where possible and necessary.

      Have you made changes/upgrades
      to the conference room technology to support hybrid meetings?
      (E.g. Some participants joining remotely, some participants present in a conference room)

      The image contains a screenshot of a graph that demonstrates if network and communications modernization was needed.

      How we can help

      Metrics

      Resources

      Create a Work-From-Anywhere IT Strategy

      Stabilize Infrastructure & Operations During Work-From-Anywhere

      Sustain Work-From-Home in the New Normal

      Establish a Communication & Collaboration Systems Strategy

      Modernize the Network

      Simplify Remote Deployment With Zero-Touch Provisioning

      For a comprehensive list of resources, visit
      Info-Tech’s Hybrid Workplace Research Center

      02 PEOPLE

      IT and Its Employees

      Section 2

      Cultivate the dream team in a newly hybrid world

      In this section:

      1. What Hybrid Means for the IT Workforce
      2. Leadership for IT Hybrid Teams

      Hybrid means permanent change to how IT hires

      Since before the pandemic, the intangibles of having a job that works with your lifestyle have been steadily growing in importance. Considerations like flexible work options, work-life balance, and culture are more important to employees now than they were two years ago, and employers must adapt.

      Salary alone is no longer enough to recruit the best talent, nor is it the key to keeping employees engaged and productive. Hybrid work options are the single biggest concern for IT professionals seeking new employment, just edging out salary. This means employers must not offer just some work flexibility but truly embrace a hybrid environment.

      The image contains a screenshot of several graphs that compare results from 2019 to 2021 on what is important to employees.

      What are you considering when looking at a potential employer?

      The image contains a screenshot of a bar graph that demonstrates what needs to be considered when looking at a potential employer.

      A recession may not significantly impact hybrid work decisions overall

      Declining economic conditions suggest that a talent market shift may be imminent. Moving toward a recession may mean less competition for top talent, but this doesn't mean hybrid will be left behind as a recruitment tactic.

      Just over half of IT organizations surveyed are considering expanding hybrid work or moving to fully remote work even in a recession. Hybrid work is a critical enabler of organizational success when resources are scarce, due to the productivity benefits and cost savings it has demonstrated. Organizations that recognize this and adequately invest in hybrid tools now will have equipped themselves with an invaluable tool for weathering a recession storm, should one come.

      What impact could a potential recession in the coming year have on your decisions around your work location?

      The image contains a screenshot of a graph that demonstrates the potential impact of a recession.

      Hybrid work may help small organizations in a declining economy

      The potential for a recession has a greater impact on the workforce decisions of small organizations. They likely face greater financial pressures than medium and large-sized organizations, pressures that could necessitate halting recruitment efforts or holding firm on current salaries and health benefits.

      A reliance on intangible benefits, like the continuation of hybrid work, may help offset some of negative effects of such freezes, including the risk of lower employee engagement and productivity. Survey respondents indicated that hybrid work options (47%) were slightly more important to them than salary/compensation (46%) and significantly more important than benefits (29%), which could work in favor of small organizations in keeping the critical employees needed to survive an economic downturn.

      Small

      		Medium Large
      90% 82% 66%

      Currently considering some form of hiring/salary freeze or cutbacks, if a recession occurs

      NOTES

      n=520

      Small: <101 employees

      Medium: 101-5000 employees

      Large: >5,000 employees

      Hybrid mitigates the main challenge of remote work

      One advantage of hybrid over remote work is the ability to maintain an in-office presence, which provides a failsafe should technology or other barriers stand in the way of effective distance communication. To take full advantage of this, teams should coordinate tasks with location, so that employees get the most out of the unique benefits of working in office and remotely.

      Activities to prioritize for in-office work:

      • Collaboration and brainstorming
      • Team-building activities
      • Introductions and onboarding

      Activities to prioritize for remote work:

      • Individual focus time

      As a leader, what are your greatest concerns with hybrid work?

      The image contains a bar graph that demonstrates concerns about hybrid work as an employer.

      Hybrid necessitates additional effort by managers

      When it comes to leading a hybrid team, there is no ignoring the impact of distance on communication and team cohesion. Among leaders’ top concerns are employee wellbeing and the ability to pick up on signs of demotivation among team members.

      The top two tactics used by managers to mitigate these concerns center on increasing communication:

      • Staying available through instant messaging.
      • Increasing team meetings.

      Tactics most used by highly effective IT departments

      The image contains a screenshot of tactics most used by highly effective IT departments.

      Team success is linked to the number of tools at the manager’s disposal

      The most effective hybrid team management tools focus on overcoming the greatest obstacle introduced by remote work: barriers to communication and connection.

      The most effective IT organizations use a variety of tactics. For managers looking to improve hybrid team effectiveness, the critical factor is less the tactic used and more the ability to adapt their approach to their team’s needs and incorporate team feedback. As such, IT effectiveness is linked to the total number of tactics used by managers.

      IT department effectiveness

      The image contains a screenshot of a graph that demonstrates IT department effectiveness.

      Autonomy is key to hybrid team success

      Not all hybrid work models are created equal. IT leaders working with hybrid teams have many decisions to make, from how many days will be spent in and out of office to how much control employees get over which days they work remotely.

      Employee and manager preferences are largely aligned regarding the number of days spent working remotely or onsite: Two to three days in office is the most selected option for both groups, although overall manager preferences lean slightly toward more time spent in office.

      Comparison of leader and employee preference for days in-office

      The image contains a screenshot of a graph that compares leader and employee preference for days in-office.

      Do employees have a choice in the days they work in office/offsite?

      The image contains a screenshot of a graph that demonstrates if employees have a choice in the days they work in office or offsite.

      For most organizations, employees get a choice of which days they spend working remotely. This autonomy can range from complete freedom to a choice between several pre-approved days depending on team scheduling needs.

      Work is still needed to increase autonomy in hybrid teams

      Organizations’ success in establishing hybrid team autonomy varies greatly post pandemic. Responses are roughly equally split between staff feeling more, less, or the same level of autonomy as before the pandemic. Evaluated in the context of most organizations continuing a hybrid approach, this leads to the conclusion that not all hybrid implementations are being conducted equally effectively when it comes to employee empowerment.

      As an employee, how much control do you have over the decisions related to where, when, and how you work currently?

      The image contains a screenshot of a graph that demonstrates autonomy in hybrid teams.

      Connectedness in hybrid teams lags behind

      A strong case can be made for fostering autonomy and empowerment on hybrid teams. Employees who report lower levels of control than before the pandemic also report lower engagement indicators, such as trust in senior leadership, motivation, and intention to stay with the organization. On the other hand, employees experiencing increased levels of control report gains in these areas.

      The only exception to these gains is the sense of team connectedness, which employees experiencing more control report as lower than before the pandemic. A greater sense of connectedness among employees reporting decreased control may be related to more mandatory in-office time or a sense of connection over shared team-level disengagement.

      These findings reinforce the need for hybrid teams to invest in team building and communication practices and confirm that significant benefits are to be had when a sense of autonomy can be successfully instilled.

      Employees who experience less control than before the pandemic report lowered engagement indicators ... except sense of connectedness

      The image contains a screenshot of a graph that demonstrates less control, means lowered engagement.

      Employees who experience more control than before the pandemic report increased engagement indicators ... except sense of connectedness

      The image contains a screenshot of a graph that demonstrates more control, means increased engagement.

      Case study: Hybrid work at Microsoft Canada

      The Power of Intentionality

      When the pandemic hit, technology was not in question. Flexible work options had been available and widely used, and the technology to support them was in place.

      The leadership team turned their focus to ensuring their culture survived and thrived. They developed a laser-focused approach for engaging their employees by giving their leaders tools to hold conversations. The dialogue was ongoing to allow the organization to adapt to the fast pace of changing conditions.

      Every tactic, plan, and communication started with the question, “What outcome are we striving for?”

      With a clear outcome, tools were created and leaders supported to drive the desired outcome.

      “We knew we had the technology in place. Our concern was around maintaining our strong culture and ensuring continued engagement and connection with our employees.”

      Lisa Gibson, Chief of Staff, Microsoft Canada

      How we can help

      Metrics

      Resources

      Webinar: Effectively Manage Remote Teams

      Build a Better Manager: Manage Your People

      Info-Tech Leadership Training

      Adapt Your Onboarding Process to a Virtual Environment

      Virtual Meeting Primer

      For a comprehensive list of resources, visit
      Info-Tech’s Hybrid Workplace Research Center

      Recommendations

      The last two years have been a great experiment, but it’s not over.

      BE INTENTIONAL

      • Build a team charter on how and when to communicate.
      • Create necessary tools/templates.

      INVOLVE EMPLOYEES

      • Conduct surveys and focus groups.
        Have conversations to understand sentiment.

      ALLOW CHOICE

      • Provide freedom for employees to have some level of choice in hybrid arrangements.

      BE TRANSPARENT

      • Disclose the rationale.
      • Share criteria and decision making.

      Info-Tech Insight

      Hybrid and remote teams require more attention, connection, and leadership from managers. The shift from doing the day-to-day to effectively leading is critical for the success of nontraditional work models. As hybrid and remote work become engrained in society, organizations must ensure that the concept of the “working manager” is as obsolete as the rotary telephone.

      Bibliography

      “8 Unexpected Benefits of Online Learning for Development.” Center for Creative Leadership (CCL), 14 Oct. 2020. Accessed 5 Nov. 2021.
      “2021 Global Workplace Report.” NTT, 2021. Accessed 6 July 2022.
      “Advantages of Online Learning for Leadership Development: What Our Research Says.” CCL, 8 Dec. 2020. 5 Nov. 2021.
      “Annual Work Trend Index Report – Great Expectations: Making Hybrid Work Work.” Microsoft WorkLab, 2022. Accessed 6 July 2022.
      Aten, Jason. “Google’s Employees Return to the Office Today. This Former Exec Says Hybrid Work Won’t Last.” Inc.Com, 4 April 2022. Web.
      Bariso, Justin. “Google Spent 2 Years Researching What Makes a Great Remote Team. It Came Up With These 3 Things.” Inc.Com, 8 April 2019. Web.
      Berger, Chloe. “What Is ‘Hybrid Guilt’? Going to Office Part-Time May Be Worst Option.” Fortune, 22 Aug. 2022. Web.
      Brodkin, Jon. “After Remote-Work Ultimatum, Musk Reveals Plan to Cut 10% of Tesla Jobs.” Ars Technica, 3 June 2022. Web.
      Brown, Brené, host. “Brené with Scott Sonenshein on Why We’ll Never Be the Same Again (and Why It’s Time to Talk About It).” Dare to Lead with Brené Brown, 11 April 2022. Brené Brown, https://brenebrown.com/podcast/why-well-never-be-the-same-again-and-why-its-time-to-talk-about-it/.
      Burgess, Mark. “Most Asset Managers Operating Under Hybrid Work Model: Survey.” Advisor’s Edge, 13 Sept. 2022. Web.
      Caminiti, Susan. “Workers Want Hybrid but Say It’s Exhausting Them. Here’s How Companies Can Fix That.” CNBC, 8 Feb. 2022. Web.
      Capossela, Chris. “The next Chapter of Our Hybrid Workplace: Update on Our Washington State Work Sites.” The Official Microsoft Blog, 14 Feb. 2022. Web.
      Carrigan, John. “Meta Embraces ‘Work From Anywhere’ Ahead of Return to Office.” Human Resources Director, 25 March 2022. Web.
      Chaturvedi, H., and Ajoy Kumar Dey. The New Normal: Reinventing Professional Life and Familial Bonding in the Post COVID 19 Era. Bloomsbury Publishing, 2021.
      Commonwealth of Massachusetts. “Alternative Work Options.” Mass.Gov, n.d. Accessed 17 Sept. 2022.
      Commonwealth of Massachusetts. “Hybrid Work for Commonwealth Employees.” Mass.Gov, n.d. Accessed 17 Sept. 2022.
      “COVID-19 and the Future of Business.” IBM, 21 Sept. 2020. Web.
      Daniel, Will. “The Layoffs at Tesla Show That White-Collar Workers Are Screwed, Hedge Funder Famous from ‘The Big Short’ Predicts.” Fortune, 29 June 2022. Web.
      D’Auria, Gemma, and Aaron De Smet. “Leadership in a Crisis: Responding to Coronavirus.” McKinsey, 16 March 2020. Web.
      Dave, Paresh. “Google Mandates Workers Back to Silicon Valley, Other Offices from April 4.” Reuters, 3 March. 2022. Web.
      Delaney, Kevin. “What We Know Now About the Business Impact of Hybrid Work.” Time, 6 Sept. 2022. Web.
      Dobson, Sarah. “Legal Considerations for Hybrid Work.” Canadian HR Reporter, 15 Sept. 2022. Web.
      Dondo, Jean. “Hybrid Work Is the Way for More Than a Quarter of Canadian Investment Firms.” Wealth Professional, 14 Sept. 2022. Web.
      Elias, Jennifer. “Twitter to Reopen Offices March 15, Though Remote Work Remains an Option.” CNBC, 3 March 2022. Web.
      Esade Business & Law School. “Leadership After Covid-19: Learning To Navigate The Unknown Unknowns.” Forbes, 30 March 2021. Web.
      “Famous Companies Without Offices.” The Hoxton Mix, 19 Oct. 2021. Web.
      Gerdeman, Dina. “COVID Killed the Traditional Workplace. What Should Companies Do Now?” HBS Working Knowledge, 8 March 2021. Web.
      Gleason, Mike. “Apple’s Hybrid Work Plans Draw Worker Pushback.” SearchUnifiedCommunications, TechTarget, 24 Aug. 2022. Web.
      Gleeson, Brent. “13 Tips For Leading And Managing Remote Teams.” Forbes, 26 Aug. 2020. Web.
      Gratton, Lynda. “How to Do Hybrid Right.” Harvard Business Review, 1 May 2021. Web.
      “Guide: Understand team effectiveness.” re:Work, Google, n.d. Accessed 5 Nov. 2021.
      Hardy, Karen. “Your Business Has Decided on Hybrid Work… Now What?” CIO, 12 Sept. 2022. Web.
      Hirsch, Arlene S. “How to Boost Employee Performance in a Hybrid Work Environment.” SHRM, 6 Sept. 2022. Web.
      “How to Get Hybrid Work Right.” CBRE Canada, 14 June 2022. Web.
      “Hybrid Work: When Freedom Benefits from Rules.” Audi, 12 Sept. 2022. Accessed 18 Sept. 2022.
      “Hybrid Workplace | Global Culture Report.” O.C. Tanner, 2022, Web.
      “Intel Is Hiring for Various Roles with Temporary Remote Work Benefits.” SightsIn Plus, 11 June 2022. Web.
      Iyer, Viswanathan. “Council Post: Hybrid Work: Beyond The Point Of No Return.” Forbes, 14 Sept. 2022. Web.
      Johnson, Ricardo. “Securing Hybrid Work All Starts with Zero-Trust.” SC Media, 29 Aug. 2022. Web.
      Jones, Jada. “The Rules of Work Are Changing, and Hybrid Work Is Winning.” ZDNET, 1 Sept. 2022. Web.
      Kowitt, Beth. “Inside Google’s Push to Nail Hybrid Work and Bring Its 165,000-Person Workforce Back to the Office Part-Time.” Fortune, 17 May 2022. Web.
      Kumra, Gautam, and Diaan-Yi Lin. “The Future of (Hybrid) Work.” McKinsey, 2 Sept. 2022. Web.
      Lagowska, Urszula, et al. “Leadership under Crises: A Research Agenda for the Post-COVID-19 Era.” Brazilian Administration Review, vol. 17, no. 2, Aug. 2020. Web.
      Larson, Barbara Z., et al. “A Guide to Managing Your (Newly) Remote Workers.” Harvard Business Review, 18 March 2020. Web.
      “Leadership During COVID-19: Resources for Times of Uncertainty.” CCL, n.d. Accessed 5 Nov. 2021.
      “Managing Remote Employees: How to Lead From a Distance.” CCL, 7 April 2020. Accessed 5 Nov. 2021.
      “Managing Remote Teams.” Know Your Team, n.d. Web. Accessed 5 Nov. 2021.
      Mayhem, Julian. “Virtual Leadership - Essential Skills for Managing Remote Teams.” VirtualSpeech, 4 Nov. 2020. Web.
      McKendrick, Joe. “Keeping Hybrid Workers In Sync, Digitally And In-Person.” Forbes, 22 Aug. 2022. Web.
      McKenna, Karissa, et al. “Webinar: Build Leadership Skills for the New World of Work.” CCL, 15 June 2020. Accessed 5 Nov. 2021.
      Mearian, Lucas. “Microsoft Edges Back to ‘Normal’ with Workplace Reopening Plan.” Computerworld, 14 Feb. 2022. Web.
      “Meta Careers.” Meta, n.d. Accessed 17 Sept. 2022.
      Miller, Mark. “5 Tips to Make Your Hybrid Work Model More Effective.” Entrepreneur, 25 Aug. 2022. Web.
      Nica, Irina. “How to Manage a Remote Team: 14 Effective Tips for Your Business.” Business 2 Community, 8 July 2021. Web.
      O’Halloran, Joe. “Organisations Struggle to Support IT in a Hybrid Work Model.” ComputerWeekly.com, 17 June 2022. Web.
      Ong, Ivan. “Council Post: Why Hybrid Work Is The Way To Go.” Forbes, 12 Sept. 2022. Web.
      Osborne, Charlie. “The End of Fully Remote Work? Google Begins Shift to the Hybrid Office.” ZDNet. 3 March 2022. Web.
      Pazzanese, Christina. “Back to Office? Stay Remote? Go Hybrid?” Harvard Gazette, 24 Aug. 2022. Web.
      “PinFlex.” Pinterest Careers, n.d. Accessed 17 Sept. 2022.
      Rand, Ben. “Does Hybrid Work Actually Work? Insights from 30,000 Emails.” Harvard Business School – Working Knowledge, 6 Sept. 2022. Web.
      “Remote Locations, Working with Flexibility.” Amazon.jobs, n.d. Accessed 17 Sept. 2022.
      Renjen, Punit. “The Heart of Resilient Leadership: Responding to COVID-19.” Deloitte Insights, 16 March 2020. Web.
      Shih, Clara. “Keeping Hybrid Employees Engaged.” Harvard Business Review, 11 Aug. 2022. Web.
      Singerman, Michelle. “Is the Hybrid Work Model Working? CPAs Spill the Beans.” Chartered Professional Accountants Canada, 24 Aug. 2022. Web.
      Stern, Stefan. “Hybrid Working: Why the Office-Home Balance Is Still a Challenge.” Financial Times, 4 Sept. 2022.
      Subramaniam, Vanmala, et al. “Ready to Go Back to the Office? Employers and Workers Are Divided over the Fate of Remote Work.” The Globe and Mail, 1 Sept. 2022. Web.
      Tong, Goh Chiew. “Inflation and Hybrid Work ‘skyrocketed’ Demand for Flexible Workspace, WeWork Says.” CNBC, 6 Sept. 2022. Web.
      Tsipursky, Gleb. “Commentary: The Psychology behind Why Some Leaders Are Resisting a Hybrid Work Model.” Fortune, 8 June 2021. Web.
      Turner, Jack. “Tesla Doubles Down on Remote Working Ban, Tracks Office Attendance.” Tech.Co, 3 July 2022. Web.
      “Virtual Leadership Styles for Remote Businesses.” Maryville Online, 4 Feb. 2021. Web.
      “Webinar: How Leaders Can Build Organizational Resilience.” CCL, 15 June 2020. Accessed 5 Nov. 2021.
      “Why GitLab Uses the Term All-Remote to Describe Its 100% Remote Workforce.” GitLab, 2022. Accessed 17 Sept. 2022.
      Wigert, Ben, and Sangeeta Agrawal. “Returning to the Office: The Current, Preferred and Future State of Remote Work.” Gallup, 31 Aug. 2022. Web.
      Wingard, Jason. “Elon Musk’s Big Bet Against Remote Work: Will Tesla Win?” Forbes, 4 June 2022. Web.

      Build a Security Compliance Program

      • Buy Link or Shortcode: {j2store}257|cart{/j2store}
      • member rating overall impact: 9.6/10 Overall Impact
      • member rating average dollars saved: $23,879 Average $ Saved
      • member rating average days saved: 15 Average Days Saved
      • Parent Category Name: Governance, Risk & Compliance
      • Parent Category Link: /governance-risk-compliance
      • Most organizations spend between 25 and 40 percent of their security budget on compliance-related activities.
      • Despite this growing investment in compliance, only 28% of organizations believe that government regulations help them improve cybersecurity.
      • The cost of complying with cybersecurity and data protection requirements has risen to the point where 58% of companies see compliance costs as barriers to entering new markets.
      • However, recent reports suggest that while the costs of complying are higher, the costs of non-compliance are almost three times greater.

      Our Advice

      Critical Insight

      • Test once, attest many. Having a control framework allows you to satisfy multiple compliance requirements by testing a single control.
      • Choose your own conformance adventure. Conformance levels allow your organization to make informed business decisions on how compliance resources will be allocated.
      • Put the horse before the cart. Take charge of your audit costs by preparing test scripts and evidence repositories in advance.

      Impact and Result

      • Reduce complexity within the control environment by using a single framework to align multiple compliance regimes.
      • Provide senior management with a structured framework for making business decisions on allocating costs and efforts related to cybersecurity and data protection compliance obligations.
      • Reduces costs and efforts related to managing IT audits through planning and preparation.
      • This blueprint can help you comply with NIST, ISO, CMMC, SOC2, PCI, CIS, and other cybersecurity and data protection requirements.

      Build a Security Compliance Program Research & Tools

      Start here – read the Executive Brief

      Read our concise Executive Brief to find out why you should manage your security compliance obligations, review Info-Tech’s methodology, and understand the ways we can support you in completing this project.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      Infographic

      Workshop: Build a Security Compliance Program

      Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

      1 Establish the Program

      The Purpose

      Establish the security compliance management program.

      Key Benefits Achieved

      Reviewing and adopting an information security control framework.

      Understanding and establishing roles and responsibilities for security compliance management.

      Identifying and scoping operational environments for applicable compliance obligations.

      Activities

      1.1 Review the business context.

      1.2 Review the Info-Tech security control framework.

      1.3 Establish roles and responsibilities.

      1.4 Define operational environments.

      Outputs

      RACI matrix

      Environments list and definitions

      2 Identify Obligations

      The Purpose

      Identify security and data protection compliance obligations.

      Key Benefits Achieved

      Identifying the security compliance obligations that apply to your organization.

      Documenting obligations and obtaining direction from management on conformance levels.

      Mapping compliance obligation requirements into your control framework.

      Activities

      2.1 Identify relevant security and data protection compliance obligations.

      2.2 Develop conformance level recommendations.

      2.3 Map compliance obligations into control framework.

      2.4 Develop process for operationalizing identification activities.

      Outputs

      List of compliance obligations

      Completed Conformance Level Approval forms

      (Optional) Mapped compliance obligation

      (Optional) Identification process diagram

      3 Implement Compliance Strategy

      The Purpose

      Understand how to build a compliance strategy.

      Key Benefits Achieved

      Updating security policies and other control design documents to reflect required controls.

      Aligning your compliance obligations with your information security strategy.

      Activities

      3.1 Review state of information security policies.

      3.2 Recommend updates to policies to address control requirements.

      3.3 Review information security strategy.

      3.4 Identify alignment points between compliance obligations and information security strategy.

      3.5 Develop compliance exception process and forms.

      Outputs

      Recommendations and plan for updates to information security policies

      Compliance exception forms

      4 Track and Report

      The Purpose

      Track the status of your compliance program.

      Key Benefits Achieved

      Tracking the status of your compliance obligations.

      Managing exceptions to compliance requirements.

      Reporting on the compliance management program to senior stakeholders.

      Activities

      4.1 Define process and forms for self-attestation.

      4.2 Develop audit test scripts for selected controls.

      4.3 Review process and entity control types.

      4.4 Develop self-assessment process.

      4.5 Integrate compliance management with risk register.

      4.6 Develop metrics and reporting process.

      Outputs

      Self-attestation forms

      Completed test scripts for selected controls

      Self-assessment process

      Reporting process

      Recommended metrics

      Essentials of Vendor Management for Small Business

      • Buy Link or Shortcode: {j2store}229|cart{/j2store}
      • member rating overall impact: N/A
      • member rating average dollars saved: N/A
      • member rating average days saved: N/A
      • Parent Category Name: Vendor Management
      • Parent Category Link: /vendor-management
      • Each year, SMB IT organizations spend more money “outsourcing” tasks, activities, applications, functions, and other items.
      • Many SMBs lack the affordability of implementing a sophisticated vendor management initiative or office.
      • The increased spend and associated outsourcing leads to less control, and more risk for IT organizations. Managing this becomes a higher priority for IT, but many IT organizations are ill-equipped to do this proactively.

      Our Advice

      Critical Insight

      • Vendor management is not “plug and play” – each organization’s vendor management initiative (VMI) needs to fit its culture, environment, and goals. There are commonalities among vendor management initiatives, but the key is to adapt vendor management principles to fit your needs, not the other way around.
      • All vendors are not of equal importance to an organization. Internal resources are a scarce commodity and should be deployed so that they provide the best return on the organization’s investment. Classifying or segmenting your vendors allows you to focus your efforts on the most important vendors first, allowing your VMI to have the greatest impact possible.
      • Having a solid foundation is critical to the VMI’s ongoing success. Whether you will be creating a formal vendor management office or using vendor management techniques, tools, and templates “informally”, starting with the basics is essential. Make sure you understand why the VMI exists and what it hopes to achieve, what is in and out of scope for the VMI, what strengths the VMI can leverage and the obstacles it will have to address, and how it will work with other areas within your organization.

      Impact and Result

      • Build and implement a vendor management initiative tailored to your environment.
      • Create a solid foundation to sustain your vendor management initiative as it evolves and matures.
      • Leverage vendor management-specific tools and templates to manage vendors more proactively and improve communication.
      • Concentrate your vendor management resources on the right vendors.
      • Build a roadmap and project plan for your vendor management journey to ensure you reach your destination.
      • Build collaborative relationships with critical vendors.

      Essentials of Vendor Management for Small Business Research & Tools

      Start here – read the Executive Brief

      Read this Executive Brief to understand how changes in the vendor landscape and customer reliance on vendors have made a vendor management initiative indispensible.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Plan

      This phase helps you organize your VMI and document internal processes, relationships, roles, and responsibilities. The main outcomes from this phase are organizational documents, a baseline VMI maturity level, and a desired future state for the VMI.

      • Essentials of Vendor Management for Small Business – Phase 1: Plan
      • Phase 1 Small Business Tools and Templates Compendium

      2. Build

      This phase helps you configure and create the tools and templates that will help you run the VMI. The main outcomes from this phase are a clear understanding of which vendors are important to you, the tools to manage the vendor relationships, and an implementation plan.

      • Essentials of Vendor Management for Small Business – Phase 2: Build
      • Phase 2 Small Business Vendor Classification Tool
      • Phase 2 Small Business Risk Assessment Tool
      • Phase 2 Small Business Tools and Templates Compendium

      3. Run

      This phase helps you begin operating the VMI. The main outcomes from this phase are guidance and the steps required to implement your VMI.

      • Essentials of Vendor Management for Small Business – Phase 3: Run

      4. Review

      This phase helps the VMI identify what it should stop doing, start doing, and continue doing as it improves and matures. The main outcomes from this phase are ways to advance the VMI and maintain internal alignment.

      • Essentials of Vendor Management for Small Business – Phase 4: Review
      [infographic]

      Further reading

      Essentials of Vendor Management for Small Business

      Create and implement a vendor management framework to begin obtaining measurable results in 90 days.


      EXECUTIVE BRIEF

      Analyst Perspective

      Vendor Management Challenge

      Small businesses are often challenged by the growth and complexity of their vendor ecosystem, including the degree to which the vendors control them. Vendors are increasing, obtaining more and more budget dollars, while funding for staff or headcount is decreasing as a result of cloud-based applications and an increase in our reliance on Managed Service Providers. Initiating a vendor management initiative (VMI) vs. creating a fully staffed vendor management office will get you started on the path of proactively controlling your vendors instead of consistently operating in a reactionary mode. This blueprint is designed with that very thought: to assist small businesses in creating the essentials of a vendor management initiative.

      This is a picture of Steve Jeffery

      Steve Jeffery
      Principal Research Director, Vendor Management
      Info-Tech Research Group

      Executive Summary

      Your Challenge

      Each year, IT organizations "outsource" tasks, activities, functions, and other items. During 2021:

      • Spend on as-a-service providers increased 38% over 2020.*
      • Spend on managed service providers increased 16% over 2020.*
      • IT service providers increased their merger and acquisition numbers by 47% over 2020.*

      This leads to more spend, less control, and more risk for IT organizations. Managing this becomes a higher priority for IT, but many IT organizations are ill-equipped to do this proactively.

      Common Obstacles

      As new contracts are negotiated and existing contracts are renegotiated or renewed, there is a perception that the contracts will yield certain results, output, performance, solutions, or outcomes. The hope is that these will provide a measurable expected value to IT and the organization. Oftentimes, much of the expected value is never realized. Many organizations don't have a VMI to help:

      • Ensure at least the expected value is achieved.
      • Improve on the expected value through performance management.
      • Significantly increase the expected value through a proactive VMI.

      Info-Tech's Approach

      Vendor Management is a proactive, cross-functional lifecycle. It can be broken down into four phases:

      • Plan
      • Build
      • Run
      • Review

      The Info-Tech process addresses all four phases and provides a step-by-step approach to configure and operate your VMI. The content in this blueprint helps you quickly establish your VMI and sets a solid foundation for its growth and maturity.

      Info-Tech Insight

      Vendor management is not a one-size-fits-all initiative. It must be configured:

      • For your environment, culture, and goals.
      • To leverage the strengths of your organization and personnel.
      • To focus your energy and resources on your critical vendors.

      Executive Summary

      Your challenge

      Spend on managed service providers and as-a-service providers continues to increase. In addition, IT services vendors continue to be active in the mergers and acquisitions arena. This increases the need for a VMI to help with the changing IT vendor landscape.

      38%

      2021

      16%

      2021

      47%

      2021

      Spend on as-a-service providers

      Spend on managed services providers

      IT services merger & acquisition growth (transactions)

      Source: Information Services Group, Inc., 2022.

      Executive Summary

      Common obstacles

      When organizations execute, renew, or renegotiate a contract, there is an "expected value" associated with that contract. Without a robust VMI, most of the expected value will never be realized. With a robust VMI, the realized value significantly exceeds the expected value during the contract term.

      A contract's realized value with and without a vendor management initiative

      This is an image of a bar graph showing the difference in value between those with and without a VMI, with and for those with a VMI, with Vendor Collaboration and with Vendor Performance Management. The data for those with a VMI have substantially more value.

      Source: Based on findings from Geller & Company, 2003.

      Executive Summary

      Info-Tech's approach

      A sound, cyclical approach to vendor management will help you create a VMI that meets your needs and stays in alignment with your organization as they both change (i.e. mature and grow).

      This is an image of the 4 Step Vendor Management Process. The four steps are: 1. Plan; 2. Build; 3. Run; 4. Review.

      Info-Tech's methodology for creating and operating your vmi

      Phase 1 - Plan Phase 2 - Build Phase 3 - Run Phase 4 - Review
      Phase Steps

      1.1 Mission Statement and Goals

      1.2 Scope

      1.3 Strengths and Obstacles

      1.4 Roles and Responsibilities

      2.1 Classification Model

      2.2 Risk Assessment Tool

      2.3 Scorecards and Feedback

      2.4 Business Alignment Meeting Agenda

      2.5 Relationship Alignment Document

      2.6 Vendor Orientation

      2.7 3-Year Roadmap

      2.8 90-Day Plan

      2.9 Quick Wins2.10 Reports

      3.1 Classify Vendors

      3.2 Compile Scorecards

      3.3 Conduct Business Alignment Meetings

      3.4 Work the 90-Day Plan

      3.5 Manage the 3-Year Roadmap

      3.6 Develop/Improve Vendor Relationships

      4.1 Incorporate Leading Practices

      4.2 Leverage Lessons Learned

      4.3 Maintain Internal Alignment

      Phase Outcomes This phase helps you organize your VMI and document internal processes, relationships, roles, and responsibilities. The main outcomes from this phase are organizational documents, a baseline VMI maturity level, and a desired future state for the VMI. This phase helps you configure and create the tools and templates that will help you run the VMI. The main outcomes from this phase are a clear understanding of which vendors are important to you, the tools to manage the vendor relationships, and an implementation plan. This phase helps you begin operating the VMI. The main outcomes from this phase are guidance and the steps required to implement your VMI. This phase helps the VMI identify what it should stop doing, start doing, and continue doing as it improves and matures. The main outcomes from this phase are ways to advance the VMI and maintain internal alignment.

      Insight Summary

      Insight 1

      Vendor management is not "plug and play" – each organization's vendor management initiative (VMI) needs to fit its culture, environment, and goals. While there are commonalities and leading practices associated with vendor management, your initiative won't look exactly like another organization's. The key is to adapt vendor management principles to fit your needs.

      Insight 2

      All vendors are not of equal importance to your organization. Internal resources are a scarce commodity and should be deployed so that they provide the best return on the organization's investment. Classifying or segmenting your vendors allows you to focus your efforts on the most important vendors first, allowing your VMI to have the greatest impact possible.

      Insight 3

      Having a solid foundation is critical to the VMI's ongoing success. Whether you will be creating a formal vendor management office or using vendor management techniques, tools, and templates "informally", starting with the basics is essential. Make sure you understand why the VMI exists and what it hopes to achieve, what is in and out of scope for the VMI, what strengths the VMI can leverage and the obstacles it will have to address, and how it will work with other areas within your organization.

      Blueprint benefits

      IT benefits

      • Identify and manage risk proactively.
      • Reduce costs and maximize value.
      • Increase visibility with your critical vendors.
      • Improve vendor performance.
      • Create a collaborative environment with key vendors.
      • Segment vendors to allocate resources more effectively and more efficiently.

      Business benefits

      • Improve vendor accountability.
      • Increase collaboration between departments.
      • Improve working relationships with your vendors.
      • Create a feedback loop to address vendor/customer issues before they get out of hand or are more costly to resolve.
      • Increase access to meaningful data and information regarding important vendors.

      Phase 1 - Plan

      Phase 1

      		Phase 2 Phase 3 Phase 4

      1.1 Mission Statement and Goals

      1.2 Scope

      1.3 Strengths and Obstacles

      1.4 Roles and Responsibilities

      2.1 Classification Model

      2.2 Risk Assessment Tool

      2.3 Scorecards and Feedback

      2.4 Business Alignment Meeting Agenda

      2.5 Relationship Alignment Document

      2.6 Vendor Orientation

      2.7 3-Year Roadmap

      2.8 90-Day Plan

      2.9 Quick Wins

      2.10 Reports

      3.1 Classify Vendors

      3.2 Compile Scorecards

      3.3 Conduct Business Alignment Meetings

      3.4 Work the 90-Day Plan

      3.5 Manage the 3-Year Roadmap

      3.6 Develop/Improve Vendor Relationships

      4.1 Incorporate Leading Practices

      4.2 Leverage Lessons Learned

      4.3 Maintain Internal Alignment

      This phase will walk you through the following activity:

      • Organizing your VMI and document internal processes, relationships, roles, and responsibilities. The main outcomes from this phase are organizational documents, and a desired future state for the VMI.

      This phase involves the following participants:

      • VMI team
      • Applicable stakeholders and executives
      • Procurement/Sourcing
      • IT
      • Others as needed

      Vendor Management Initiative Basics for the Small/Medium Businesses

      Phase 1 – Plan

      Get Organized

      Phase 1 – Plan focuses on getting organized. Foundational elements (Mission Statement, Goals, Scope, Strengths and Obstacles, Roles and Responsibilities, and Process Mapping) will help you define your VMI. These and the other elements of this Phase will follow you throughout the process of starting up your VMI and running it.

      Spending time up front to ensure that everyone is on the same page will help avoid headaches down the road. The tendency is to skimp (or even skip) on these steps to get to "the good stuff." To a certain extent, the process provided here is like building a house. You wouldn't start building your dream home without having a solid blueprint. The same is true with vendor management. Leveraging vendor management tools and techniques without the proper foundation may provide some benefit in the short term, but in the long term it will ultimately be a house of cards waiting to collapse.

      Step 1.1 – Mission statement and goals

      Identify why the VMI exists and what it will achieve

      Whether you are starting your vendor management journey or are already down the path, it is important to know why the vendor management initiative exists and what it hopes to achieve. The easiest way to document this is with a written declaration in the form of a Mission Statement and Goals. Although this is the easiest way to proceed, it is far from easy.

      The Mission Statement should identify at a high level the nature of the services provided by the VMI, who it will serve, and some of the expected outcomes or achievements. The Mission Statement should be no longer than one or two sentences.

      The complement to the Mission Statement is the list of goals for the VMI. Your goals should not be a reassertion of your Mission Statement in bullet format. At this stage it may not be possible to make them SMART (Specific, Measurable, Achievable/Attainable, Relevant, Time-Bound/Time-Based), but consider making them as SMART as possible. Without some of the SMART parameters attached, your goals are more like dreams and wishes. At a minimum, you should be able to determine the level of success achieved for each of the VMI goals.

      Although the VMI's Mission Statement will stay static over time (other than for significant changes to the VMI or organization as a whole), the goals should be reevaluated periodically using a SMART filter, and adjusted as needed.

      1.1.1 – Mission statement and goals

      20 – 40 Minutes

      1. Meet with the participants and use a brainstorming activity to list, on a whiteboard or flip chart, the reasons why the VMI will exist.
      2. Review external mission statements for inspiration.
      3. Review internal mission statements from other areas to ensure consistency.
      4. Draft and document your Mission Statement in the Phase 1 Tools and Templates Compendium – Tab 1.1 Mission Statement and Goals.
      5. Continue brainstorming and identify the high-level goals for the VMI.
      6. Review the list of goals and make them as SMART (Specific, Measurable, Achievable/Attainable, Relevant, Time-Bound/Time-Based) as possible.
      7. Document your goals in the Phase 1 Tools and Templates Compendium– Tab 1.1 Mission Statement and Goals.
      8. Obtain signoff on the Mission Statement and goals from stakeholders and executives as required.

      Input

      • Brainstorming results
      • Mission statements from other internal and external sources

      Output

      • Completed Mission Statement and Goals

      Materials

      • Whiteboard/Flip Charts
      • Phase 1 Tools and Templates Compendium – Tab 1.1 Mission Statement and Goals

      Participants

      • VMI team
      • Applicable stakeholders and executives (as needed)

      Download the Info-Tech Phase 1 Tools and Templates Compendium

      Step 1.2 – Scope

      Determine what is in scope and out of scope for the VMI

      Regardless of where your VMI resides or how it operates, it will be working with other areas within your organization. Some of the activities performed by the VMI will be new and not currently handled by other groups or individuals internally; at the same time, some of the activities performed by the VMI may be currently handled by other groups or individuals internally. In addition, executives, stakeholders, and other internal personnel may have expectations or make assumptions about the VMI. As a result, there can be a lot of confusion about what the VMI does and doesn't do, and the answers cannot always be found in the VMI's Mission Statement and Goals.

      One component of helping others understand the VMI landscape is formalizing the VMI Scope. The Scope will define boundaries for the VMI. The intent is not to fence itself off and keep others out but provide guidance on where the VMI's territory begins and ends. Ultimately, this will help clarify the VMI's roles and responsibilities, improve workflow, and reduce errant assumptions.

      When drafting your VMI scoping document, make sure you look at both sides of the equation (similar to what you would do when following best practices for a statement of work). Identify what is in scope and what is out of scope. Be specific when describing the individual components of the VMI Scope, and make sure executives and stakeholders are onboard with the final version.

      1.2.1 – Scope

      20 - 40 Minutes

      1. Meet with the participants and use a brainstorming activity to list, on a whiteboard or flip chart, the activities and functions in scope and out of scope for the VMI.
        1. Be specific to avoid ambiguity and improve clarity.
        2. Go back and forth between in scope and out of scope as needed; it is not necessary to list all the in-scope items and then turn your attention to the out-of-scope items.
      2. Review the lists to make sure there is enough specificity. An item may be in scope or out of scope, but not both.
      3. Use the Phase 1 Tools and Templates Compendium – Tab 1.2 Scope to document the results.
      4. Obtain signoff on the Scope from stakeholders and executives as required.

      Input

      • Brainstorming results
      • Mission Statement and Goals

      Output

      • Completed list of items in and out of scope for the VMI

      Materials

      • Whiteboard/Flip Charts
      • Phase 1 Tools and Templates Compendium – Tab 1.2 Scope

      Participants

      • VMI team
      • Applicable stakeholders and executives (as needed)

      Download the Info-Tech Phase 1 Tools and Templates Compendium

      Step 1.3 – Strengths and obstacles

      Pinpoint the VMI's strengths and obstacles

      A SWOT analysis (strengths, weaknesses, opportunities, and threats) is a valuable tool, but it is overkill for your VMI at this point. However, using a modified and simplified form of this tool (strengths and obstacles) will yield significant results and benefit the VMI as it grows and matures.

      Your output will be two lists: the strengths associated with the VMI and the obstacles the VMI is facing. For example, strengths could include items such as smart people working within the VMI and executive support. Obstacles could include items such as limited headcount and training required for VMI staff.

      The goals are 1) to harness the strengths to help the VMI be successful and 2) to understand the impact of the obstacles and plan accordingly. The output can also be used to enlighten executives and stakeholders about the challenges associated with their directives or requests (e.g. human bandwidth may not be sufficient to accomplish some of the vendor management activities and there is a moratorium on hiring until the next budget year).

      For each strength identified, determine how you will or can leverage it when things are going well or when the VMI is in a bind. For each obstacle, list the potential impact on the VMI (e.g. scope, growth rate, and number of vendors that can actively be part of the VMI).

      As you do your brainstorming, be as specific as possible and validate your lists with stakeholders and executives as needed.

      1.3.1 – Strengths and obstacles

      20 - 40 Minutes

      Meet with the participants and use a brainstorming activity to list, on a whiteboard or flip chart, the VMI's strengths and obstacles.

      Be specific to avoid ambiguity and improve clarity.

      Go back and forth between strengths and obstacles as needed; it is not necessary to list all the strengths first and then all the obstacles.

      It is possible for an item to be a strength and an obstacle; when this happens, add details to distinguish the situations.

      Review the lists to make sure there is enough specificity.

      Determine how you will leverage each strength and how you will manage each obstacle.

      Use the Phase 1 Tools and Templates Compendium – Tab 1.3 Strengths and Obstacles to document the results.

      Obtain signoff on the strengths and obstacles from stakeholders and executives as required.

      Input

      • Brainstorming
      • Mission Statement and Goals
      • Scope

      Output

      • Completed list of items impacting the VMI's ability to be successful: strengths the VMI can leverage and obstacles the VMI must manage

      Materials

      • Whiteboard/Flip Charts
      • Phase 1 Tools and Templates Compendium – Tab 1.3 Strengths and Obstacles

      Participants

      • VMI team
      • Applicable stakeholders and executives (as needed)

      Download the Info-Tech Phase 1 Tools and Templates Compendium

      Step 1.4 – Roles and responsibilities

      Obtain consensus on who is responsible for what

      One crucial success factor for VMIs is gaining and maintaining internal alignment. There are many moving parts to an organization, and a VMI must be clear on the various roles and responsibilities related to the relevant processes. Some of this information can be found in the VMI's Scope referenced in Step 1.2, but additional information is required to avoid stepping on each other's toes; many of the processes require internal departments to work together. (For example, obtaining requirements for a request for proposal takes more than one person or department). While it is not necessary to get too granular, it is imperative that you have a clear understanding of how the VMI activities will fit within the larger vendor management lifecycle (which is comprised of many sub processes) and who will be doing what.

      As we have learned through our workshops and guided implementations, a traditional RACI* or RASCI* Chart does not work well for this purpose. These charts are not intuitive, and they lack the specificity required to be effective. For vendor management purposes, a higher-level view and a slightly different approach provide much better results.

      This step will lead your through the creation of an OIC* Chart to determine vendor management lifecycle roles and responsibilities. Afterward, you'll be able to say, "Oh, I see clearly who is involved in each part of the process and what their role is."

      *RACI – Responsible, Accountable, Consulted, Informed

      *RASCI – Responsible, Accountable, Support, Consulted, Informed

      *OIC – Owner, Informed, Contributor

      This is an image of a table, where the row headings are: Role 1-5, and the Column Headings are: Step 1-5.

      Step 1.4 – Roles and responsibilities (cont'd)

      Obtain consensus on who is responsible for what

      To start, define the vendor management lifecycle steps or process applicable to your VMI. Next, determine who participates in the vendor management lifecycle. There is no need to get too granular – think along the lines of departments, subdepartments, divisions, agencies, or however you categorize internal operational units. Avoid naming individuals other than by title; this typically happens when a person oversees a large group (e.g. the CIO [chief information officer] or the CPO [chief procurement officer]). Be thorough, but don't let the chart get out of hand. For each role and step of the lifecycle, ask whether the entry is necessary; does it add value to the clarity of understanding the responsibilities associated with the vendor management lifecycle? Consider two examples, one for roles and one for lifecycle steps. 1) Is IT sufficient or do you need IT Operations and IT Development? 2) Is "negotiate contract documents" sufficient or do you need negotiate the contract and negotiate the renewal? The answer will depend on your culture and environment but be wary of creating a spreadsheet that requires an 85-inch monitor to view it.

      After defining the roles (departments, divisions, agencies) and the vendor management lifecycle steps or process, assign one of three letters to each box in your chart:

      • O – Owner – who owns the process; they may also contribute to it.
      • I – Informed – who is informed about the progress or results of the process.
      • C – Contributor – who contributes or works on the process; it can be tangible or intangible contributions.

      This activity can be started by the VMI or done as a group with representatives from each of the named roles. If the VMI starts the activity, the resulting chart should be validated by the each of the named roles.

      1.4.1 – Roles and responsibilities

      1 – 6 hours

      1. Meet with the participants and configure the OIC Chart in the Phase 1 Tools and Templates Compendium – Tab 1.4 OIC Chart.
        1. Review the steps or activities across the top of the chart and modify as needed.
        2. Review the roles listed along the left side of the chart and modify as needed.
      2. For each activity or step across the top of the chart, assign each role a letter – O for owner of that activity or step, I for informed, or C for contributor. Use only one letter per cell.
      3. Work your way across the chart. Every cell should have an entry or be left blank if it is not applicable.
      4. Review the results and validate that every activity or step has an O assigned to it; there must be an owner for every activity or step.
      5. Obtain signoff on the OIC Chart from stakeholders and executives as required.

      Input

      • A list of activities or steps to complete a project starting with requirements gathering and ending with ongoing risk management.
      • A list of internal areas (departments, divisions, agencies, etc.) and stakeholders that contribute to completing a project.

      Output

      • Completed OCI chart indicating roles and responsibilities for the VMI and other internal areas.

      Materials

      • Phase 1 Tools and Templates Compendium – Tab 1.4 OIC Chart

      Participants

      • VMI team
      • Procurement/Sourcing
      • IT
      • Representatives from other areas as needed
      • Applicable stakeholders and executives (as needed)

      Download the Info-Tech Phase 1 Tools and Templates Compendium

      Phase 2 - Build

      Create and configure tools, templates, and processes

      Phase 1

      		Phase 2Phase 3Phase 4

      1.1 Mission Statement and Goals

      1.2 Scope

      1.3 Strengths and Obstacles

      1.4 Roles and Responsibilities

      2.1 Classification Model

      2.2 Risk Assessment Tool

      2.3 Scorecards and Feedback

      2.4 Business Alignment Meeting Agenda

      2.5 Relationship Alignment Document

      2.6 Vendor Orientation

      2.7 3-Year Roadmap

      2.8 90-Day Plan

      2.9 Quick Wins

      2.10 Reports

      3.1 Classify Vendors

      3.2 Compile Scorecards

      3.3 Conduct Business Alignment Meetings

      3.4 Work the 90-Day Plan

      3.5 Manage the 3-Year Roadmap

      3.6 Develop/Improve Vendor Relationships

      4.1 Incorporate Leading Practices

      4.2 Leverage Lessons Learned

      4.3 Maintain Internal Alignment

      This phase will walk you through the following activities:

      • Configuring and creating the tools and templates that will help you run the VMI. The main outcomes from this phase are a clear understanding of which vendors are important to you, the tools to manage the vendor relationships, and an implementation plan.

      This phase involves the following participants:

      • VMI team
      • Applicable stakeholders and executives
      • Human Resources
      • Legal
      • Others as needed

      Vendor Management Initiative Basics for the Small/Medium Businesses

      Phase 2 – Build

      Create and configure tools, templates, and processes

      Phase 2 – Build focuses on creating and configuring the tools and templates that will help you run your VMI. Vendor management is not a plug and play environment, and unless noted otherwise, the tools and templates included with this blueprint require your input and thought. The tools and templates must work in concert with your culture, values, and goals. That will require teamwork, insights, contemplation, and deliberation.

      During this Phase you'll leverage the various templates and tools included with this blueprint and adapt them for your specific needs and use. In some instances, you'll be starting with mostly a blank slate; while in others, only a small modification may be required to make it fit your circumstances. However, it is possible that a document or spreadsheet may need heavy customization to fit your situation. As you create your VMI, use the included materials for inspiration and guidance purposes rather than as absolute dictates.

      Step 2.1 – Classification model

      Configure the COST vendor classification tool

      One of the functions of a VMI is to allocate the appropriate level of vendor management resources to each vendor since not all vendors are of equal importance to your organization. While some people may be able intuitively to sort their vendors into vendor management categories, a more objective, consistent, and reliable model works best. Info-Tech's COST model helps you assign your vendors to the appropriate vendor management category so that you can focus your vendor management resources where they will do the most good.

      COST is an acronym for Commodity, Operational, Strategic, and Tactical. Your vendors will occupy one of these vendor management categories, and each category helps you determine the nature of the resources allocated to that vendor, the characteristics of the relationship desired by the VMI, and the governance level used.

      The easiest way to think of the COST model is as a 2 x 2 matrix or graph. The model should be configured for your environment so that the criteria used for determining a vendor's classification align with what is important to you and your organization. However, at this point in your VMI's maturation, a simple approach works best. The Classification Model included with this blueprint requires minimal configuration to get your started, and that is discussed on the activity slide associated with this Step 2.1.

      This is an image of the COST Vendor Classification Tool.

      Step 2.1 – Classification model (cont'd)

      Configure the COST vendor classification tool

      Common characteristics by vendor management category

      Operational

      		Strategic
      • Low to moderate risk and criticality; moderate to high spend and switching costs
      • Product or service used by more than one area
      • Price is a key negotiation point
      • Product or service is valued by the organization
      • Quality or the perception of quality is a differentiator (i.e. brand awareness)
      • Moderate to high risk and criticality; moderate to high spend and switching costs
      • Few competitors and differentiated products and services
      • Product or service significantly advances the organization's vision, mission, and success
      • Well-established in their core industry

      Commodity

      		Tactical
      • Low risk and criticality; low spend and switching costs
      • Product or service is readily available from many sources
      • Market has many competitors and options
      • Relationship is transactional
      • Price is the main differentiator
      • Moderate to high risk and criticality; low to moderate spend and switching costs
      • Vendor offerings align with or support one or more strategic objectives
      • Often IT vendors "outside" of IT (i.e. controlled and paid for by other areas)
      • Often niche or new vendors

      Source: Compiled in part from Guth, Stephen. "Vendor Relationship Management Getting What You Paid for (And More)." 2015.

      2.1.1 – Classification model

      15 – 30 Minutes

      1. Meet with the participants to configure the spend ranges in Phase 2 Vendor Classification Tool – Tab 1. Configuration for your environment.
      2. Collect your vendors and their annual spend to sort by largest to lowest.
      3. Update cells F14-J14 in the Classification Model based on your actual data.
        1. Cell F14 – Set the boundary at a point between the spend for your 10th and 11th ranked vendors. For example, if the 10th vendor by spend is $1,009, 850 and the 11th vendor by spend is $980,763, the range for F14 would be $1,000,00+.
        2. Cell G14 – Set the bottom of the range at a point between the spend for your 30th and 31st ranked vendors; the top of the range will be $1 less than the bottom of the range specified in F14.
        3. Cell H14 – Set the bottom of the range slightly below the spend for your 50th ranked vendor; the top of the range will be $1 less than the bottom of the range specified in G14.
        4. Cells I14 and J14 – Divide the remaining range in half and split it between the two cells; for J14 the range will be $0 to $1 less than the bottom range in I14.
      4. Ignore the other variables at this time.

      Input

      • Phase 1 List of Vendors by Annual Spend

      Output

      • Configured Vendor Classification Tool

      Materials

      • Phase 2 Vendor Classification Tool – Tab 1. Configuration

      Participants

      • VMI team

      Download the Info-Tech Phase 2 Vendor Classification Tool

      Step 2.2 – Risk assessment tool

      Identify risks to measure, monitor, and report on

      One of the typical drivers of a VMI is risk management. Organizations want to get a better handle on the various risks their vendors pose. Vendor risks originate from many areas: financial, performance, security, legal, and others. However, security risk is the high-profile risk, and the one organizations often focus on almost exclusively, which leaves the organization vulnerable in other areas.

      Risk management is a program, not a project; there is no completion date. A proactive approach works best and requires continual monitoring, identification, and assessment. Reacting to risks after they occur can be costly and have other detrimental effects on the organization. Any risk that adversely affects IT will adversely affect the entire organization.

      While the VMI won't necessarily be quantifying or calculating the risk directly, it generally is the aggregator of risk information across the risk categories, which it then includes in its reporting function (see Steps 2.12 and 3.8).

      At a minimum, your risk management strategy should involve:

      • Identifying the risks you want to measure and monitor.
      • Identifying your risk appetite (the amount of risk you are willing to live with).
      • Measuring, monitoring, and reporting on the applicable risks.
      • Developing and deploying a risk management plan to minimize potential risk impact.

      Vendor risk is a fact of life, but you do have options for how to handle it. Be proactive and thoughtful in your approach, and focus your resources on what is important.

      2.2.1 – Risk assessment tool

      30 - 90 Minutes

      1. Meet with the participants to configure the risk indicators in Phase 2 Vendor Risk Assessment Tool – Tab 1. Set parameters for your environment.
      2. Review the risk categories and determine which ones you will be measuring and monitoring.
      3. Review the risk indicators under each risk category and determine whether the indicator is acceptable as written, is acceptable with modifications, should be replaced, or should be deleted.
      4. Make the necessary changes to the risk indicators; these changes will cascade to each of the vendor tabs. Limit the number of risk indicators to no more than seven per risk category.
      5. Gain input and approval as needed from sponsors, stakeholders, and executives as required.

      Input

      • Scope
      • OIC Chart
      • Process Maps
      • Brainstorming

      Output

      • Configured Vendor Risk Assessment Tool

      Materials

      • Phase 2 Vendor Risk Assessment Tool – Tab 1. Set Parameters

      Participants

      • VMI team

      Download the Info-Tech Phase 2 Vendor Classification Tool

      Step 2.3 – Scorecards and feedback

      Design a two-way feedback loop with your vendors

      A vendor management scorecard is a great tool for measuring, monitoring, and improving relationship alignment. In addition, it is perfect for improving communication between you and the vendor.

      Conceptually, a scorecard is similar to a school report card. At the end of a learning cycle, you receive feedback on how well you do in each of your classes. For vendor management, the scorecard is also used to provide periodic feedback, but there are some nuances and additional benefits and objectives when compared to a report card.

      Although scorecards can be used in a variety of ways, the focus here will be on vendor management scorecards – contract management, project management, and other types of scorecards will not be included in the materials covered in this Step 2.3 or in Step 3.4.

      This image contains a table with the score for objectives A-D. The scores are: A4, B3, C5, D4.

      Step 2.3 – Scorecards and feedback (cont'd)

      Design a two-way feedback loop with your vendors

      Anatomy

      The Info-Tech scorecard includes five areas:

      • Measurement categories. Measurement categories help organize the scorecard. Limit the number of measurement categories to three to five; this allows the parties to stay focused on what's important. Too many measurement categories make it difficult for the vendor to understand the expectations.
      • Criteria. The criteria describe what is being measured. Create criteria with sufficient detail to allow the reviewers to fully understand what is being measured and to evaluate it. Criteria can be objective or subjective. Use three to five criteria per measurement category.
      • Measurement category weights. Not all your measurement categories may be of equal importance to you; this area allows you to give greater weight to a measurement category when compiling the overall score.
      • Rating. Reviewers will be asked to assign a score to each criteria using a 1 to 5 scale.
      • Comments. A good scorecard will include a place for reviewers to provide additional information regarding the rating, or other items that are relevant to the scorecard.

      An overall score is calculated based on the rating for each criteria and the measurement category weights.

      Step 2.3 – Scorecards and feedback (cont'd)

      Design a two-way feedback loop with your vendors

      Goals and objectives

      Scorecards can be used for a variety of reasons. Some of the common ones are:

      • Improving vendor performance.
      • Conveying expectations to the vendor.
      • Identifying and recognizing top vendors.
      • Increasing alignment between the parties.
      • Improving communication with the vendor.
      • Comparing vendors across the same criteria.
      • Measuring items not included in contract metrics.
      • Identifying vendors for "strategic alliance" consideration.
      • Helping the organization achieve specific goals and objectives.

      Identifying and resolving issues before they impact performance or the relationship.

      Identifying your scorecard drivers first will help you craft a suitable scorecard.

      Step 2.3 – Scorecards and feedback (cont'd)

      Design a two-way feedback loop with your vendors

      Info-Tech recommends starting with simple scorecards to allow you and the vendors to acclimate to the new process and information. As you build your scorecards, keep in mind that internal personnel will be scoring the vendors and the vendors will be reviewing the scorecard. Make your scorecard easy for your personnel to fill out, and containing meaningful content to drive the vendor in the right direction. You can always make the scorecard more complex in the future.

      Our recommendation of five categories is provided below. Choose three to five of the categories that help you accomplish your scorecard goals and objectives:

      1. Timeliness – Responses, resolutions, fixes, submissions, completions, milestones, deliverables, invoices, etc.
      2. Cost – Total cost of ownership, value, price stability, price increases/decreases, pricing models, etc.
      3. Quality – Accuracy, completeness, mean time to failure, bugs, number of failures, etc.
      4. Personnel – Skilled, experienced, knowledgeable, certified, friendly, trustworthy, flexible, accommodating, etc.
      5. Risk – Adequate contractual protections, security breaches, lawsuits, finances, audit findings, etc.

      Some criteria may be applicable in more than one category. The categories above should cover at least 80% of the items that are important to your organization. The general criteria listed for each category is not an exhaustive list, but most things break down into time, money, quality, people, and risk issues.

      Step 2.3 – Scorecards and feedback (cont'd)

      Design a two-way feedback loop with your vendors

      Additional Considerations

      • Even a good rating system can be confusing. Make sure you provide some examples or a way for reviewers to discern the differences between a 1, 2, 3, 4, and 5. Don't assume your "rating key" will be intuitive.
      • When assigning weights, don't go lower than 10% for any measurement category. If the weight is too low, it won't be relevant enough to have an impact on the total score. If it doesn't "move the needle", don't include it.
      • Final sign-off on the scorecard template should occur outside the VMI. The heavy lifting can be done by the VMI to create it, but the scorecard is for the benefit of the organization overall, and those impacted by the vendors specifically. You may end up playing arbiter or referee, but the scorecard is not the exclusive property of the VMI. Try to reach consensus on your final template whenever possible.
      • You should notice improved ratings and total scores over time for your vendors. One explanation for this is the Pygmalion Effect: "The Pygmalion [E]ffect describes situations where someone's high expectations improves our behavior and therefore our performance in a given area. It suggests that we do better when more is expected of us."* Convey your expectations and let the vendors' competitive juices take over.
      • While creating your scorecard and materials to explain the process to internal personnel, identify those pieces that will help you explain it to your vendors during vendor orientation (see Steps 2.6 and 3.4). Leveraging pre-existing materials is a great shortcut.

      *Source: The Decision Lab, n.d.

      Step 2.3 – Scorecards and feedback (cont'd)

      Design a two-way feedback loop with your vendors

      Vendor Feedback

      After you've built your scorecard, turn your attention to the second half of the equation – feedback from the vendor. A communication loop cannot be successful without dialogue flowing both ways. While this can happen with just a scorecard, a mechanism specifically geared toward the vendor providing you with feedback improves communication, alignment, and satisfaction.

      You may be tempted to create a formal scorecard for the vendor to use; avoid that temptation until later in your maturity or development of the VMI. You'll be implementing a lot of new processes, deploying new tools and templates, and getting people to work together in new ways. Work on those things first.

      For now, implement an informal process for obtaining information from the vendor. Start by identifying information that you will find useful – information that will allow you to improve overall, to reduce waste or time, to improve processes, to identify gaps in skills. Incorporate these items into your business alignment meetings (see Steps 2.4 and 3.5). Create three to five good questions to ask the vendor and include these in the business alignment meeting agenda. The goal is to get meaningful feedback, and that starts with asking good questions.

      Keep it simple at first. When the time is right, you can build a more formal feedback form or scorecard. Don't be in a rush; as long as the informal method works, keep using it.

      2.3.1 – Scorecards and feedback

      30 – 60 Minutes

      1. Meet with the participants and brainstorm ideas for your scorecard measurement categories:
        1. What makes a vendor valuable to your organization?
        2. What differentiates a "good" vendor from a "bad" vendor?
        3. What items would you like to measure and provide feedback on to the vendor to improve performance, the relationship, risk, and other areas?
      2. Select three, but no more than five, of the following measure categories: timeliness, cost, quality, personnel, and risk.
      3. Within each measurement category, list two or three criteria that you want to measure and track for your vendors. Choose items that are as universal as possible rather than being applicable to one vendor or one vendor type.
      4. Assign a weight to each measurement category, ensuring that the total weight is 100% for all measurement categories.
      5. Document your results as you go in Phase 2 Tools and Templates Compendium – Tab 2.3 Scorecard.

      Input

      • Brainstorming

      Output

      • Configured Scorecard template

      Materials

      • Phase 2 Tools and Templates Compendium – Tab 2.3 Scorecard

      Participants

      • VMI team
      • Applicable stakeholders and executives (as needed)

      Download the Info-Tech Phase 2 Tools and Templates Compendium

      2.3.2 – Scorecards and feedback

      15 to 30 Minutes

      1. Meet with the participants and brainstorm ideas for feedback to seek from your vendors during your business alignment meetings. During the brainstorming, identify questions to ask the vendor about your organization that will:
        1. Help you improve the relationship.
        2. Help you improve your processes or performance.
        3. Help you improve ongoing communication.
        4. Help you evaluate your personnel.
      2. Identify the top five questions you want to include in your business alignment meeting agenda. (Note: you may need to refine the actual questions from the brainstorming activity before they are ready to include in your business alignment meeting agenda.)
      3. Document both your brainstorming activity and your final results in Phase 2 Tools and Templates Compendium – Tab 2.3 Feedback. The brainstorming questions can be used in the future as your VMI matures and your feedback transforms from informal to formal. The results will be used in Steps 2.4 and 3.5.

      Input

      • Brainstorming

      Output

      • Feedback questions to include with the business alignment meeting agenda

      Materials

      • Phase 2 Tools and Templates Compendium – Tab 2.3 Feedback

      Participants

      • VMI team
      • Applicable stakeholders and executives (as needed)

      Download the Info-Tech Phase 2 Tools and Templates Compendium

      Step 2.4 – Business alignment meeting agenda

      Craft an agenda that meets the needs of the VMI

      A business alignment meeting (BAM) is a multi-faceted tool to ensure the customer and the vendor stay focused on what is important to the customer at a high level. BAMs are not traditional operational meetings where the parties get into the details of the contracts, deal with installation problems, address project management issues, or discuss specific cost overruns. The focus of the BAM is the scorecard (see Step 2.3), but other topics are discussed, and other purposes are served. For example:

      • You can use the BAM to develop the relationship with the vendor's leadership team so that if escalation is ever needed, your organization is more than just a name on a spreadsheet or customer list.
      • You can learn about innovations the vendor is working on (without the meeting turning into a sales call).
      • You can address high-level performance trends and request corrective action as needed.
      • You can clarify your expectations.
      • You can educate the vendor about your industry, culture, and organization.
      • You can learn more about the vendor.

      As you build your BAM Agenda, someone in your organization may say, "Oh, that's just a quarterly business review (QBR) or top-to-top meeting." In most instances, an existing QBRs or top-to-top meeting is not the same as a BAM. Using the term QBR or top-to-top meeting instead of BAM can lead to confusion internally. The VMI may say to the business unit, procurement, or another department, "We're going to start running some QBRs for our strategic vendors." The typical response is, "There's no need; we already run QBRs/top-to-top meetings with our important vendors." This may be accompanied by an invitation to join their meeting, where you may be an afterthought, have no influence, and get five minutes at the end to talk about your agenda items. Keep your BAM separate so that it meets your needs.

      Step 2.4 – Business alignment meeting agenda (cont'd)

      Craft an agenda that meets the needs of the VMI

      As previously noted, using the term BAM more accurately depicts the nature of the VMI meeting and prevents confusion internally with other meetings already occurring. In addition, hosting the BAM yourself rather than piggybacking onto another meeting ensures that the VMI's needs are met. The VMI will set and control the BAM agenda and determine the invite list for internal personnel and vendor personnel. As you may have figured out by now, having the right customer and vendor personnel attend will be essential.

      BAMs are conducted at the vendor level, not the contract level. As a result, the frequency of the BAMs will depend on the vendor's classification category (see Steps 2.1 and 3.1). General frequency guidelines are provided below, but they can be modified to meet your goals:

      • Commodity vendors – Not applicable
      • Operational vendors – Biannually or annually
      • Strategic vendors – Quarterly
      • Tactical vendors – Quarterly or biannually

      BAMs can help you achieve some additional benefits not previously mentioned:

      • Foster a collaborative relationship with the vendor.
      • Avoid erroneous assumptions by the parties.
      • Capture and provide a record of the relationship (and other items) over time.

      Step 2.4 – Business alignment meeting agenda (cont'd)

      Craft an agenda that meets the needs of the VMI

      As with any meeting, building the proper agenda will be one of the keys to an effective and efficient meeting. A high-level BAM agenda with sample topics is set out below:

      BAM Agenda

      • Opening remarks
        • Welcome and introductions
        • Review of previous minutes
      • Active discussion
        • Review of open issues
        • Scorecard and feedback
        • Current status of projects to ensure situational awareness by the vendor
        • Roadmap/strategy/future projects
        • Accomplishments
      • Closing remarks
        • Reinforce positives (good behavior, results, and performance, value added, and expectations exceeded)
        • Recap
      • Adjourn

      2.4.1 – Business alignment meeting agenda

      20 – 45 Minutes

      1. Meet with the participants and review the sample agenda in Phase 2 Tools and Templates Compendium – Tab 2.4 BAM Agenda.
      2. Using the sample agenda as inspiration and brainstorming activities as needed, create a BAM agenda tailored to your needs.
        1. Select the items from the sample agenda applicable to your situation.
        2. Add any items required based on your brainstorming.
        3. Add the feedback questions identified during Activity 2.3.2 and documented in Phase 2 Tools and Templates Compendium – Tab 2.3 Feedback.
      3. Gain input and approval from sponsors, stakeholders, and executives as required or appropriate.
      4. Document the final BAM agenda in Phase 2 Tools and Templates Compendium –Tab 2.4 BAM Agenda.

      Input

      • Brainstorming
      • Phase 2 Tools and Templates Compendium – Tab 2.3 Feedback

      Output

      • Configured BAM agenda

      Materials

      • Phase 2 Tools and Templates Compendium – Tab2 .4 BAM Agenda

      Participants

      • VMI team
      • Applicable stakeholders and executives (as needed)

      Download the Info-Tech Phase 2 Tools and Templates Compendium

      Step 2.5 – Relationship alignment document

      Draft a document to convey important VMI information to your vendors

      Throughout this blueprint, alignment is mentioned directly (e.g. business alignment meetings [Steps 2.4 and 3.3]) or indirectly implied. Ensuring you and your vendors are on the same page, have clear and transparent communication, and understand each other's expectations is critical to fostering strong relationships. One component of gaining and maintaining alignment with your vendors is the Relationship Alignment Document (RAD). Depending upon the Scope of your VMI and what your organization already has in place, your RAD will fill in the gaps on various topics.

      Early in the VMI's maturation, the easiest approach is to develop a short document (1 one page) or a pamphlet (i.e. the classic trifold) describing the rules of engagement when doing business with your organization. The RAD can convey expectations, policies, guidelines, and other items. The scope of the document will depend on:

      1. What you believe is important for the vendors to understand.
      2. Any other similar information already provided to the vendors.

      The first step to drafting a RAD is to identify what information vendors need to know to stay on your good side. You may want vendors to know about your gift policy (e.g. employees may not accept vendor gifts above a nominal value, such as a pen or mousepad). Next, compare your list of what vendors need to know and determine if the content is covered in other vendor-facing documents such as a vendor code of conduct or your website's vendor portal. Lastly, create your RAD to bridge the gap between what you want and what is already in place. In some instances, you may want to include items from other documents to reemphasize them with the vendor community.

      Info-Tech Insight

      The RAD can be used with all vendors regardless of classification category. It can be sent directly to the vendors or given to them during vendor orientation (see Step 3.3)

      2.5.1 – Relationship alignment document

      1 to 4 Hours

      1. Meet with the participants and review the RAD sample and checklist in Phase 2 Tools and Templates Compendium – Tab 2.5 Relationship Alignment Doc.
      2. Determine:
        1. Whether you will create one RAD for all vendors or one RAD for strategic vendors and another RAD for tactical and operational vendors; whether you will create a RAD for commodity vendors.
        2. The concepts you want to include in your RAD(s).
        3. The format for your RAD(s) – traditional, pamphlet, or other.
        4. Whether signoff or acknowledgement will be required by the vendors.
      3. Draft your RAD(s) and work with other internal areas, such as Marketing to create a consistent brand for the RADS, and Legal to ensure consistent use and preservation of trademarks or other intellectual property rights and other legal issues.
      4. Review other vendor-facing documents (e.g. supplier code of conduct, onsite safety and security protocols) for consistencies between them and the RAD(s).
      5. Obtain signoff on the RAD(s) from stakeholders, sponsors, executives, Legal, Marketing, and others as needed.

      Input

      • Brainstorming
      • Vendor-facing documents, policies, and procedures

      Output

      • Completed Relationship Alignment Document(s)

      Materials

      • Phase 2 Tools and Templates Compendium – Tab 2.5 Relationship Alignment Doc

      Participants

      • VMI team
      • Marketing, as needed
      • Legal, as needed

      Download the Info-Tech Phase 2 Tools and Templates Compendium

      Step 2.6 – Vendor orientation

      Create a VMI awareness process to build bridges with your vendors

      Your organization is unique. It may have many similarities with other organizations, but your culture, risk tolerance, mission, vision, and goals, finances, employees, and "customers" (those that depend on you) make it different. The same is true of your VMI. It may have similar principles, objectives, and processes to other organizations' VMIs, but yours is still unique. As a result, your vendors may not fully understand your organization and what vendor management means to you.

      Vendor orientation is another means to helping you gain and maintain alignment with your important vendors, educate them on what is important to you, and provide closure when/if the relationship with the vendor ends. Vendor orientation is comprised of three components, each with a different function:

      • Orientation
      • Reorientation
      • Debrief

      Vendor orientation focuses on the vendor management pieces of the puzzle (e.g. the scorecard process) rather than the operational pieces (e.g. setting up a new vendor in the system to ensure invoices are processed smoothly).

      Step 2.6 – Vendor orientation (cont'd)

      Create a VMI awareness process to build bridges with your vendors

      Reorientation

      • Reorientation is either identical or similar to orientation, depending upon the circumstances. Reorientation occurs for several reasons, and each reason will impact the nature and detail of the reorientation content. Reorientation occurs whenever:
      • There is a significant change in the vendor's products or services.
      • The vendor has been through a merger, acquisition, or divestiture.
      • A significant contract renewal/renegotiation has recently occurred.
      • Sufficient time has passed from orientation; commonly 2 to 3 years.
      • The vendor has been placed in a "performance improvement plan" or "relationship improvement plan" protocol.
      • Significant turnover has occurred within your organization (executives, key stakeholders, and/or VMI personnel).
      • Substantial turnover has occurred at the vendor at the executive or account management level.
      • The vendor has changed vendor classification categories after the most current classification.
      • As the name implies, the goal is to refamiliarize the vendor with your current VMI situation, governances, protocols, and expectations. The drivers for reorientation will help you determine the reorientation's scope, scale, and frequency.

      Step 2.6 – Vendor orientation (cont'd)

      Create a VMI awareness process to build bridges with your vendors

      Debrief

      To continue the analogy from orientation, debrief is like an exit interview for an employee when their employment is terminated. In this case, debrief occurs when the vendor is no longer an active vendor with your organization - all contracts have terminated or expired, and no new business with the vendor is anticipated within the next three months.

      Similar to orientation and reorientation, debrief activities will be based on the vendor's classification category within the COST model. Strategic vendors don't go away very often; usually, they transition to operational or tactical vendors first. However, if a strategic vendor is no longer providing products or services to you, dig a little deeper into their experiences and allocate extra time for the debrief meeting.

      The debrief should provide you with feedback on the vendor's experience with your organization and their participation in your VMI. Additionally, it can provide closure for both parties since the relationship is ending. Be careful that the debrief does not turn into a finger-pointing meeting or therapy session for the vendor. It should be professional and productive; if it is going off the rails, terminate the meeting before more damage can occur.

      End the debrief on a high note if possible. Thank the vendor, highlight its key contributions, and single out any personnel who went above and beyond. You never know when you will be doing business with this vendor again – don't burn bridges!

      Step 2.6 – Vendor orientation (cont'd)

      Create a VMI awareness process to build bridges with your vendors

      As you create your vendor orientation materials, focus on the message you want to convey.

      • For orientation and reorientation:
        • What is important to you that vendors need to know?
        • What will help the vendors understand more about your organization and your VMI?
        • What and how are you different from other organizations overall, and in your "industry"?
        • What will help them understand your expectations?
        • What will help them be more successful?
        • What will help you build the relationship?
      • For debrief:
        • What information or feedback do you want to obtain?
        • What information or feedback to you want to give?

      The level of detail you provide strategic vendors during orientation and reorientation may be different from the information you provide tactical and operational vendors. Commodity vendors are not typically involved in the vendor orientation process. The orientation meetings can be conducted on a one-to-one basis for strategic vendors and a one-to-many basis for operational and tactical vendors; reorientation and debrief are best conducted on a one-to-one basis. Lastly, face-to-face or video meetings work best for vendor orientation; voice-only meetings, recorded videos, or distributing only written materials seldom hit their mark or achieve the desired results.

      Step 2.7 – Three-year roadmap

      Plot your path at a high level

      1. The VMI exists in many planes concurrently:
      2. It operates both tactically and strategically.

      It focuses on different timelines or horizons (e.g., the past, the present, and the future). Creating a three-year roadmap facilitates the VMI's ability to function effectively across these multiple landscapes.

      The VMI roadmap will be influenced by many factors. The work product from Phase 1 – Plan, input from executives, stakeholders, and internal clients, and the direction of the organization are great sources of information as you begin to build your roadmap.

      To start, identify what you would like to accomplish in year 1. This is arguably the easiest year to complete: budgets are set (or you have a good idea what the budget will look like), personnel decisions have been made, resources have been allocated, and other issues impacting the VMI are known with a higher degree of certainty than any other year. This does not mean things won't change during the first year of the VMI, but expectations are usually lower, and the short event horizon makes things more predictable during the year-1 ramp-up period.

      Years 2 and 3 are more tenuous, but the process is the same: identify what you would like to accomplish or roll out in each year. Typically, the VMI maintains the year-1 plan into subsequent years and adds to the scope or maturity. For example, you may start year 1 with BAMs and scorecards for three of your strategic vendors; during year 2, you may increase that to five vendors; and during year 3, you may increase that to nine vendors. Or, you may not conduct any market research during year 1, waiting to add it to your roadmap in year 2 or 3 as you mature.

      Breaking things down by year helps you identify what is important and the timing associated with your priorities. A conservative approach is recommended. It is easy to overcommit, but the results can be disastrous and painful.

      2.7.1 – Three-year roadmap

      45 – 90 Minutes

      1. Meet with the participants and decide how to coordinate year 1 of your three-year roadmap with your existing fiscal year or reporting year. Year 1 may be shorter or longer than a calendar year.
      2. Review the VMI activities listed in Phase 2 Tools and Templates Compendium – Tab 2.7 Three-year roadmap. Use brainstorming and your prior work product from Phase 1 and Phase 2 to identify additional items for the roadmap and add them at the bottom of the spreadsheet.
      3. Starting with the first activity, determine when that activity will begin and put an X in the corresponding column; if the activity is not applicable, leave it blank or insert N/A.
      4. Go back to the top of the list and add information as needed.
        1. For any year-1 or year-2 activities, add an X in the corresponding columns if the activity will be expanded/continued in subsequent periods (e.g., if a Year 2 activity will continue in year 3, put an X in year 3 as well).
        2. Use the comments column to provide clarifying remarks or additional insights related to your plans or "X's". For example, "Scorecards begin in year 1 with three vendors and will roll out to five vendors in year 2 and nine vendors in year 3."
      5. Obtain signoff from stakeholders, sponsors, and executives as needed.

      Input

      • Phase 1 work product
      • Steps 2.1 – 2.6 work product
      • Brainstorming

      Output

      • High level three-year roadmap for the VMI

      Materials

      • Phase 2 Tools and Templates Compendium – Tab 2.7 Three-Year Roadmap

      Participants

      • VMI team
      • Applicable stakeholders and executives (as needed)

      Download the Info-Tech Phase 2 Tools and Templates Compendium

      Step 2.8 – 90-day plan

      Pave your short-term path with a series of detailed quarterly plans

      Now that you have prepared a three-year roadmap, it's time to take the most significant elements from the first year and create action plans for each three-month period. Your first 90-day plan may be longer or shorter if you want to sync to your fiscal or calendar quarters. Aligning with your fiscal year can make it easier for tracking and reporting purposes; however, the more critical item is to make sure you have a rolling series of four 90-day plans to keep you focused on the important activities and tasks throughout the year.

      The 90-day plan is a simple project plan that will help you measure, monitor, and report your progress. Use the Info-Tech tool to help you track:

      Activities.

      • Tasks comprising each activity.
      • Who will be performing the tasks.
      • An estimate of the time required per person per task.
      • An estimate of the total time to achieve the activity.
      • A due date for the activity.
      • A priority of the activity.

      The first 90-day plan will have the greatest level of detail and should be as thorough as possible; the remaining three 90-day plans will each have less detail for now. As you approach the middle of the first 90-day plan, start adding details to the next 90-day plan; toward the end of the first quarter add a high-level 90-day plan to the end of the chain. Continue repeating this cycle each quarter and consult the three-year roadmap and the leadership team, as necessary.

      2.8.1 – 90-day plan

      45 – 90 Minutes

      1. Meet with the participants and decide how to coordinate the first "90-day" plan with your existing fiscal year or reporting cycles. Your first plan may be shorter or longer than 90 days.
      2. Looking at the year-1 section of the three-year roadmap, identify the activities that will be started during the next 90 days.
      3. Using the Phase 2 Tools and Templates Compendium – Tab 2.8 90-Day Plan, enter the following information into the spreadsheet for each activity to be accomplished during the next 90 days:
        1. Activity description.
        2. Tasks required to complete the activity (be specific and descriptive).
        3. The people who will be performing each task.
        4. The estimated number of hours required to complete each task.
        5. The start date and due date for each task or the activity.
      4. Validate the tasks are a complete list for each activity and the people performing the tasks have adequate time to complete the tasks by the due date(s).
      5. Assign a priority to each Activity.

      Input

      • Three-Year Roadmap
      • Phase 1 work product
      • Steps 2.1 – 2.7 work product
      • Brainstorming

      Output

      • Detailed plan for the VMI for the next quarter or "90" days

      Materials

      • Phase 2 Tools and Templates Compendium – Tab 2.8 90-Day Plan

      Participants

      • VMI team
      • Applicable stakeholders and executives (as needed)

      Download the Info-Tech Phase 2 Tools and Templates Compendium

      Step 2.9 – Quick wins

      Identify potential short-term successes to gain momentum and show value immediately

      As the final step in the timeline trilogy, you are ready to identify some quick wins for the VMI. Using the first 90-day plan and a brainstorming activity, create a list of things you can do in 15 to 30 days that add value to your initiative and build momentum.

      As you evaluate your list of potential candidates, look for things that:

      • Are achievable within the stated timeline.
      • Don't require a lot of effort.
      • Involve stopping a certain process, activity, or task; this is sometimes known as a "stop doing stupid stuff" approach.
      • Will reduce or eliminate inefficiencies; this is sometimes known as the war on waste.
      • Have a moderate to high impact or bolster the VMI's reputation.

      As you look for quick wins, you may find that everything you identify does not meet the criteria. That's okay; don't force the issue. Return your focus to the 90-day plan and three-year roadmap and update those documents if the brainstorming activity associated with Step 2.9 identified anything new.

      2.9.1 – Quick wins

      15 - 30 Minutes

      1. Meet with the participants and review the three-year roadmap and 90-day plan. Determine if any item on either document can be completed:
        1. Quickly (30 days or less).
        2. With minimal effort.
        3. To provide or show moderate to high levels of value or provide the VMI with momentum.
      2. Brainstorm to identify any other items that meet the criteria in step 1 above.
      3. Compile a comprehensive list of these items and select up to five to pursue.
      4. Document the list in the Phase 2 Tools and Templates Compendium – Tab 2.9 Quick Wins.
      5. Manage the quick wins list and share the results with the VMI team and applicable stakeholders and executives.

      Input

      • Three-Year Roadmap
      • 90-Day Plan
      • Brainstorming

      Output

      • A list of activities that require low levels of effort to achieve moderate to high levels of value in a short period

      Materials

      • Phase 2 Tools and Templates Compendium – Tab 2.9 Quick Wins

      Participants

      • VMI team

      Download the Info-Tech Phase 2 Tools and Templates Compendium

      Step 2.10 – Reports

      Construct your reports to resonate with your audience

      Issuing reports is a critical piece of the VMI since the VMI is a conduit of information for the organization. It may be aggregating risk data from internal areas, conducting vendor research, compiling performance data, reviewing market intelligence, or obtaining relevant statistics, feedback, comments, facts, and figures from other sources. Holding onto this information minimizes the impact a VMI can have on the organization; however, the VMI's internal clients, stakeholders, and executives can drown in raw data and ignore it completely if it is not transformed into meaningful, easily-digested information.

      Before building a report, think about your intended audience:

      • What information are they looking for? What will help them understand the big picture?
      • What level of detail is appropriate, keeping in mind the audience may not be like-minded?
      • What items are universal to all the readers and what items are of interest to one or two readers?
      • How easy or hard will it be to collect the data? Who will be providing it, and how time consuming will it be?
      • How accurate, valid, and timely will the data be?
      • How frequently will each report need to be issued?

      Step 2.10 – Reports (cont'd)

      Construct your reports to resonate with your audience

      Use the following guidelines to create reports that will resonate with your audience:

      • Value information over data, but sometimes data does have a place in your report.
      • Use pictures, graphics, and other representations more than words, but words are often necessary in small, concise doses.
      • Segregate your report by user; for example, general information up top, CIO information below that on the right, CFO information to the left of CIO information, etc.
      • Send a draft report to the internal audience and seek feedback, keeping in mind you won't be able to cater to or please everyone.

      2.10.1 – Reports

      15 – 45 Minutes

      1. Meet with the participants and review the applicable work product from Phase 1 and Phase 2; identify qualitative and quantitative items the VMI measures, monitors, tracks, or aggregates.
      2. Determine which items will be reported and to whom (by category):
        1. Internally to personnel within the VMI.
        2. Internally to personnel outside the VMI.
        3. Externally to vendors.
      3. Within each category above, determine your intended audiences/recipients. For example, you may have a different list of recipients for a risk report than you do a scorecard summary report. This will help you identify the number of reports required.
      4. Create a draft structure for each report based on the audience and the information being conveyed. Determine the frequency of each report and person responsible for creating for each report.
      5. Document your final choices in Phase 2 Tools and Templates Compendium – Tab 2.10 Reports.

      Input

      • Brainstorming
      • Phase 1 work product
      • Steps 2.1 – 2.11 work product

      Output

      • A list of reports used by the VMI
      • For each report
        • The conceptual content
        • A list of who will receive or have access
        • A creation/distribution frequency

      Materials

      • Phase 2 Tools and Templates Compendium – Tab 2.10 Reports

      Participants

      • VMI team
      • Applicable stakeholders and executives (as needed)

      Download the Info-Tech Phase 2 Tools and Templates Compendium

      Phase 3 - Run

      Implement your processes and leverage your tools and templates

      Phase 1

      		Phase 2Phase 3Phase 4

      1.1 Mission Statement and Goals

      1.2 Scope

      1.3 Strengths and Obstacles

      1.4 Roles and Responsibilities

      2.1 Classification Model

      2.2 Risk Assessment Tool

      2.3 Scorecards and Feedback

      2.4 Business Alignment Meeting Agenda

      2.5 Relationship Alignment Document

      2.6 Vendor Orientation

      2.7 3-Year Roadmap

      2.8 90-Day Plan

      2.9 Quick Wins

      2.10 Reports

      3.1 Classify Vendors

      3.2 Compile Scorecards

      3.3 Conduct Business Alignment Meetings

      3.4 Work the 90-Day Plan

      3.5 Manage the 3-Year Roadmap

      3.6 Develop/Improve Vendor Relationships

      4.1 Incorporate Leading Practices

      4.2 Leverage Lessons Learned

      4.3 Maintain Internal Alignment

      This phase will walk you through the following activity:

      • Beginning to operate the VMI. The main outcomes from this phase are guidance and the steps required to initiate your VMI.

      This phase involves the following participants:

      • VMI team
      • Applicable stakeholders and executives
      • Others as needed

      Vendor Management Initiative Basics for the Small/Medium Businesses

      Phase 3 – Run

      Implement your processes and leverage your tools and templates

      All the hard work invested in Phase 1 – Plan and Phase 2 – Build begins to pay off in Phase 3 – Run. It's time to stand up your VMI and ensure that the proper level of resources is devoted to your vendors and the VMI itself. There's more hard work ahead, but the foundational elements are in place. This doesn't mean there won't be adjustments and modifications along the way, but you are ready to use the tools and templates in the real world; you are ready to begin reaping the fruits of your labor.

      Phase 3 – Run guides you through the process of collecting data, monitoring trends, issuing reports, and conducting effective meetings to:

      • Manage risk better.
      • Improve vendor performance.
      • Improve vendor relationships.
      • Identify areas where the parties can improve.
      • Improve communication between the parties.
      • Increase the value proposition with your vendors.

      Step 3.1 – Classify vendors

      Begin classifying your top 25 vendors by spend

      Step 3.1 sets the table for many of the subsequent steps in Phase 3 – Run. The results of your classification process will determine which vendors go through the scorecarding process (Step 3.2); which vendors participate in BAMs (Step 3.3), and which vendors you will devote relationship-building resources to (Step 3.6).

      As you begin classifying your vendors, Info-Tech recommends using an iterative approach initially to validate the results from the classification model you configured in Step 2.1.

      1. Identify your top 25 vendors by spend.
      2. Run your top 10 vendors by spend through the classification model and review the results.
        1. If the results are what you expected and do not contain any significant surprises, go to 3. on the next page.
        2. If the results are not what you expected or do contain significant surprises, look at the configuration page of the tool (Tab 1) and adjust the weights or the spend categories slightly. Be cautious in your evaluation of the results before modifying the configuration page - some legitimate results are unexpected, or are surprises based on bias. If you modify the weighting, review the new results and repeat your evaluation. If you modify the spend categories, review the answers on the vendor tabs to ensure that the answers are still accurate; review the new results and repeat your evaluation.

      Step 3.1 – Classify vendors (cont'd)

      Review your results and adjust the classification tool as needed

      1. Run your top 11-through-25 vendors by spend through the classification model and review the results. Identify any unexpected results. Determine if further configuration makes sense and repeat the process outlined in 2.b., previous page, as necessary. If no further modifications are required, continue to 4., below.
      2. Share the preliminary results with the leadership team, executives, and stakeholders to obtain their approval or adjustments to the results.
        1. They may have questions and want to understand the process before approving the results.
        2. They may request that you move a vendor from one quadrant to another based on your organization's roadmap, the vendor's roadmap, or other information not available to you.
      3. Identify the vendors that will be part of the VMI at this stage – how many and which ones. Based on this number and the VMI's scope (Step 1.2), make sure you have the resources necessary to accommodate the number of vendors participating in the VMI. Proceed cautiously and gradually increase the number of vendors participating in the VMI.

      Step 3.1 – Classify vendors (cont'd)

      Finalize the results and update VMI tools and templates

      1. Update the vendor inventory tool (Step 1.7) to indicate the current classification status for the top 25 vendors by spend. Once your vendors have been classified, you can sort the vendor inventory tool by classification status to see all the vendors in that category at once.
      2. Review your three-year roadmap (Step 2.9) and 90-day plans (Step 2.6) to determine if any modifications are needed to the activities and timelines.

      Additional classification considerations:

      • You should only have a few vendors that fit in the strategic category. As a rough guideline, no more than 5% to 10% of your IT vendors should end up in the strategic category. If you have many vendors, even 5% may be too many. the classification model is an objective start to the classification process, but common sense must prevail over the "math" at the end of the day.
      • At this point, there is no need to go beyond the top 25 by spend. Most VMIs starting out can't handle more than three to five strategic vendors initially. Allow the VMI to run a pilot program with a small sample size, work out any bugs, make adjustments, and then ramp up the VMI's rollout in waves. Vendors can be added quarterly, biannually, or annually, depending upon the desired goals and available resources.

      Step 3.1 – Classify vendors (cont'd)

      Align your vendor strategy to your classification results

      As your VMI matures, additional vendors will be part of the VMI. Review the table below and incorporate the applicable strategies into your deployment of vendor management principles over time. Stay true to your mission, goals, and scope, and remember that not all your vendors are of equal importance.

      Operational

      		Strategic
      • Focus on spend containment
      • Concentrate on lowering total cost of ownership
      • Invest moderately in cultivating the relationship
      • Conduct BAMs biannually or annually
      • Compile scorecards quarterly or biannually
      • Identify areas for performance and cost improvement
      • Focus on value, collaboration, and alignment
      • Review market intelligence for the vendor's industry
      • Invest significantly in cultivating the relationship
      • Initiate executive-to-executive relationships
      • Conduct BAMs quarterly
      • Compile scorecards quarterly
      • Understand how the vendors view your organization

      Commodity

      		Tactical
      • Investigate vendor rationalization and consolidation
      • Negotiate for the best-possible price
      • Leverage competition during negotiations
      • Streamline the purchasing and payment process
      • Allocate minimal VMI resources
      • Assign the lowest priority for vendor management metrics
      • Conduct risk assessments biannually or annually
      • Cultivate a collaborative relationship based on future growth plans or potential with the vendor
      • Conduct BAMs quarterly or biannually
      • Compile scorecards quarterly
      • Identify areas of performance improvement
      • Leverage innovation and creative problem solving

      Step 3.1 – Classify vendors (cont'd)

      Be careful when using the word "partner" with your strategic and other vendors

      For decades, vendors have used the term "partner" to refer to the relationship they have with their clients and customers. This is often an emotional ploy used by the vendors to get the upper hand. To fully understand the terms "partner" and "partnership", let's evaluate them through two more objective, less cynical lenses.

      If you were to talk to your in-house or outside legal counsel, you may be told that partners share in profits and losses, and they have a fiduciary obligation to each other. Unless there is a joint venture between the parties, you are unlikely to have a partnership with a vendor from this perspective.

      What about a "business" partnership — one that doesn't involve sharing profits and losses? What would that look like? Here are some indicators of a business partnership (or preferably a strategic alliance):

      • Trust and transparent communication exist.
      • You have input into the vendor's roadmap for products and services.
      • The vendor is aligned with your desired outcomes and helps you achieve success.
      • You and the vendor are accountable for actions and inactions, with both parties being at risk.
      • There is parity in the peer-to-peer relationships between the organizations (e.g. C-Level to C-Level).
      • The vendor provides transparency in pricing models and proactively suggests ways for you to reduce costs.
      • You and the vendor work together to make each party better, providing constructive feedback on a regular basis.
      • The vendor provides innovative suggestions for you to improve your processes, performance, the bottom line, etc.
      • Negotiations are not one-sided; they are meaningful and productive, resulting in an equitable distribution of money and risk.

      Step 3.1 – Classify vendors (cont'd)

      Understand the implications and how to leverage the words "partner" and "partnership"

      By now you might be thinking, "What's all the fuss? Why does it matter?" At Info-Tech, we've seen firsthand how referring to the vendor as a partner can have the following impact:

      • Confidences are disclosed unnecessarily.
      • Negotiation opportunities and leverage are lost.
      • Vendors no longer have to earn the customer's business.
      • Vendor accountability is missing due to shared responsibilities.
      • Competent skilled vendor resources are assigned to other accounts.
      • Value erodes over time since contracts are renewed without being competitively sourced.
      • One-sided relationships are established, and false assurances are provided at the highest levels within the customer organization.

      Proceed with caution when using partner or partnership with your vendors. Understand how your organization benefits from using these terms and mitigate the negatives outlined above by raising awareness internally to ensure people understand the psychology behind the terms. Finally, use the term to your advantage when warranted by referring to the vendor as a partner when you want or need something that the vendor is reluctant to provide. Bottom line: be strategic in how you refer to vendors and know the risks.

      Step 3.2 – Compile scorecards

      Begin scoring your top vendors

      The scorecard process typically is owned and operated by the VMI, but the actual rating of the criteria within the measurement categories is conducted by those with day-to-day interactions with the vendors, those using or impacted by the services and products provided by the vendors, and those with the skills to research other information on the scorecard (e.g. risk). Chances are one person will not be able to complete an entire scorecard by themselves. As a result, the scorecard process is a team sport comprised of sub-teams where necessary.

      The VMI will compile the scores, calculate the final results, and aggregate all the comments into one scorecard. There are two common ways to approach this task:

      1. Send out the scorecard template to those who will be scoring the vendor and ask them to return it when completed, providing them with a due date a few days before you need it; you'll need time to compile, calculate, and aggregate.
      2. Invite those who will be scoring the vendor to a meeting and let the contributors use that time to score the vendors; make VMI team members available to answer questions and facilitate the process.

      Step 3.2 – Compile scorecards (cont'd)

      Gather input from stakeholders and others impacted by the vendors

      Since multiple people will be involved in the scorecarding process or have information to contribute, the VMI will have to work with the reviewers to ensure he right mix of data is provided. For example:

      • If you are tracking lawsuits filed by or against the vendor, one person from Legal may be able to provide that, but they may not be able to evaluate any other criteria on the scorecard.
      • If you are tracking salesperson competencies, multiple people from multiple areas may have valuable insights.
      • If you are tracking deliverable timeliness, several project managers may want to contribute across several projects.

      Where one person is contributing exclusively to limited criteria, make it easy for them to identify the criteria they are to evaluate. When multiple people from the same functional area will provide insights, they can contribute individually (and the VMI will average their responses) or they can respond collectively after reaching consensus as a group.

      After the VMI has compiled, calculated, and aggregated, share the results with executives, impacted stakeholders, and others who will be attending the BAM for that vendor. Depending upon the comments provided by internal personnel, you may need to create a sanitized version of the scorecard for the vendor.

      Make sure your process timeline has a buffer built in. You'll be sending the final scorecard to the vendor three to five days before the BAM, and you'll need some time to assemble the results. The scorecarding process can be perceived as a low-priority activity for people outside of the VMI, and other "priorities" will arise for them. Without a timeline buffer, the VMI may find itself behind schedule and unprepared, due to things beyond its control.

      Step 3.3 – Conduct business alignment meetings

      Determine which vendors will participate and how long the meetings will last

      At their core, BAMs aren't that different from any other meeting. The basics of running a meeting still apply, but there are a few nuances that apply to BAMs. Set out below are leading practices for conducing your BAMs; adapt them to meet your needs and suit your environment.

      Who

      Initially, BAMs are conducted with the strategic vendors in your pilot program. Over time you'll add vendors until all your strategic vendors are meeting with you quarterly. After that, roll out the BAMs to those tactical and operational vendors located close to the strategic quadrant in the classification model (Steps 2.1 and 3.1) and as VMI resources allow. It may take several years before you are holding regular BAMs with all your strategic, tactical, and operational vendors.

      Duration

      Keep the length of your meetings reasonable. The first few with a vendor may need to be 60 to 90 minutes long. After that, you should be able to trim them to 45 minutes to 60 minutes. The BAM does not have to fill the entire time. When you are done, you are done.

      Step 3.3 – Conduct business alignment meetings (cont'd)

      Identify who will be invited and send out invitations

      Invitations

      Set up a recurring meeting whenever possible. Changes will be inevitable but keeping the timeline regular works to your advantage. Also, the vendors included in your initial BAMs won't change for twelve months. For the first BAM with a vendor, provide adequate notice; four weeks is usually sufficient, but calendars will fill up quickly for the main attendees from the vendor. Treat the meeting as significant and make sure your invitation reflects this. A simple meeting request will often be rejected, treated as optional, or ignored completely by the vendor's leadership team (and maybe yours as well!).

      Invitees

      Internal invitees should include those with a vested interest in the vendor's performance and the relationship. Other functional areas may be invited based on need or interest. Be careful the attendee list doesn't get too big. Based on this, internal BAM attendees often include representatives from IT, Sourcing/Procurement, and the applicable business units. At times, Finance and Legal are included.

      From the vendor's side, strive to have decision makers and key leaders attend. The salesperson/account manager is often included for continuity, but a director or vice president of sales will have more insights and influence. The project manager is not needed at this meeting due to the nature of the meeting and its agenda; however, a director or vice president from the product or service delivery area is a good choice. Bottom line: get as high into the vendor's organization as possible whenever possible; look at the types of contracts you have with that vendor to provide guidance on the type of people to invite.

      Step 3.3 – Conduct business alignment meetings (cont'd)

      Prepare for the Meetings and Maintain Control

      Preparation

      Send the scorecard and agenda to the vendor five days prior to the BAM. The vendor should provide you with any information you require for the meeting five days prior, as well.

      Decide who will run the meeting. Some customers like to lead, and others let the vendor present. How you craft the agenda and your preferences will dictate who runs the show.

      Make sure the vendor knows what materials they should bring to the meeting or have access to. This will relate to the agenda and any specific requests listed under the discussion points. You don't want the vendor to be caught off guard and unable to discuss a matter of importance to you.

      Running the BAM

      Regardless of which party leads, make sure you manage the agenda to stay on topic. This is your meeting – not the vendor's, not IT's, not Procurement's or Sourcing's. Don't let anyone hijack it.

      Make sure someone is taking notes. If you are running this virtually, consider recording the meeting. Check with your legal department first for any concerns, notices, or prohibitions that may impact your recording the session.

      Remember, this is not a sales call, and it is not a social activity. Innovation discussions are allowed and encouraged, but that can quickly devolve into a sales presentation. People can be friendly toward one another, but the relationship building should not overwhelm the other purposes.

      Step 3.3 – Conduct business alignment meetings (cont'd)

      Follow these additional guidelines to maximize your meetings

      More leading practices

      • Remind everyone that the conversation may include items covered by various confidentiality provisions or agreements.
      • Publish the meeting minutes on a timely basis (within 48 hours).
      • Focus on the bigger picture by looking at trends over time; get into the details only when warranted.
      • Meet internally immediately beforehand to prepare – don't go in cold. Review the agenda and the roles and responsibilities for the attendees.
      • Physical meetings are better than virtual meetings, but travel constraints, budgets, and pandemics may not allow for physical meetings.

      Final thoughts

      • When performance or the relationship is suffering, be constructive in your feedback and conversations rather than trying to assign blame; lead with the carrot rather than the stick.
      • Look for collaborative solutions whenever possible and avoid referencing the contract if possible. Communicate your willingness to help resolve outstanding issues.
      • Use inclusive language and avoid language that puts the vendor on the defensive.
      • Make sure that your meetings are not focused exclusively on the negative, but don't paint a rosy picture where one doesn't exist.
      • A vendor that is doing well should be commended. This is an important part of relationship building.

      Step 3.4 – Work the 90-day plan

      Monitor your progress and share your results

      Having a 90-day plan is a good start, but assuming the tasks on the plan will be accomplished magically or without any oversight can lead to failure. While it won't take a lot of time to work the plan, following a few basic guidelines will help ensure the 90-day plan gets results and wasn't created in vain.

      1. Measure and track your progress against the initial/current 90-day plan at least weekly; with a short timeline, any delay can have a huge impact.
      2. If adjustments are needed to any elements of the plan, understand the cause and the impact of those adjustments before making them.
      3. Make adjustments ONLY when warranted. The temptation will be to push activities and tasks further out on the timeline (or to the next 90-day plan!) when there is any sort of hiccup along the way, especially when personnel outside the VMI are involved. Hold true to the timeline whenever possible; once you start slipping, it often becomes a habit.
      4. Report on progress every week and hold people accountable for their assignments and contributions.
      5. Take the 90-day plan seriously and treat it as you would any significant project. This is part of the VMI's branding and image.

      Step 3.5 – Manage the three-year roadmap

      Keep an eye on the future since it will feed the present

      The three-year roadmap is a great planning tool, but it is not 100% reliable. There are inherent flaws and challenges. Essentially, the roadmap is a set of three "crystal balls" attempting to tell you what the future holds. The vision for year 1 may be clear, but for each subsequent year, the crystal ball becomes foggier. In addition, the timeline is constantly changing; before you know it, tomorrow becomes today and year 2 becomes year 1.

      To help navigate through the roadmap and maximize its potential, follow these principles:

      • Manage each year of the roadmap differently.
        • Review the year-1 map each quarter to update your 90-day plans (See steps 2.10 and 3.4).
        • Review the year-2 map every six months to determine if any changes are necessary. As you cycle through this, your vantage point of year 2 will be 6 months or 12 months away from the beginning of year 2, and time moves quickly.
        • Review the year-3 map annually, and determine what needs to be added, changed, or deleted. Each time you review year 3, it will be a "new" year 3 that needs to be built.
      • Analyze the impact on the proposed modifications from two perspectives: 1) What is the impact if a requested modification is made? 2) What is the impact if a requested modification is not made?
      • Validate all modifications with leadership and stakeholders before updating the three-year roadmap to ensure internal alignment.

      Step 3.6 – Develop/improve vendor relationships

      Drive better performance through better relationships

      One of the key components of a VMI is relationship management. Good relationships with your vendors provide many benefits for both parties, but they don't happen by accident. Do not assume the relationship will be good or is good merely because your organization is buying products and services from a vendor.

      In many respects, the VMI should mirror a vendor's sales organization by establishing relationships at multiple levels within the vendor organizations, not just with the salesperson or account manager. Building and maintaining relationships is hard work, but the return on investment makes it worthwhile.

      Business relationships are comprised of many components, not all of which must be present to have a great relationship. However, there are some essential components. Whether you are trying to develop, improve, or maintain a relationship with a vendor, make sure you are conscious of the following:

      • Focusing your energies on strategic vendors first and then tactical and operational vendors.
      • Being transparent and honest in your communications.
      • Continuously building trust by being responsive and honoring commitments (timely).
      • Creating a collaborative environment and build upon common ground.
      • Thanking the vendor when appropriate.
      • Resolving disputes early, avoiding the "blame game", and being objective when there are disagreements.

      Phase 4 - Review

      Keep your VMI up to date and running smoothly

      Phase 1

      		Phase 2Phase 3Phase 4

      1.1 Mission Statement and Goals

      1.2 Scope

      1.3 Strengths and Obstacles

      1.4 Roles and Responsibilities

      2.1 Classification Model

      2.2 Risk Assessment Tool

      2.3 Scorecards and Feedback

      2.4 Business Alignment Meeting Agenda

      2.5 Relationship Alignment Document

      2.6 Vendor Orientation

      2.7 3-Year Roadmap

      2.8 90-Day Plan

      2.9 Quick Wins

      2.10 Reports

      3.1 Classify Vendors

      3.2 Compile Scorecards

      3.3 Conduct Business Alignment Meetings

      3.4 Work the 90-Day Plan

      3.5 Manage the 3-Year Roadmap

      3.6 Develop/Improve Vendor Relationships

      4.1 Incorporate Leading Practices

      4.2 Leverage Lessons Learned

      4.3 Maintain Internal Alignment

      This phase will walk you through the following activity:

      • Helping the VMI identify what it should stop doing, start doing, and continue doing as it improves and matures. The main outcomes from this phase are ways to advance the VMI and maintain internal alignment.

      This phase involves the following participants:

      • VMI team
      • Applicable stakeholders and executives
      • Others as needed

      Vendor Management Initiative Basics for the Small/Medium Businesses

      Phase 4 – Review

      Keep your VMI up to date and running smoothly

      As the adage says, "The only thing constant in life is change." This is particularly true for your VMI. It will continue to mature, people inside and outside of the VMI will change, resources will expand or contract from year to year, your vendor base will change. As a result, your VMI needs the equivalent of a physical every year. In place of bloodwork, x-rays, and the other paces your physician may put you through, you'll assess compliance with your policies and procedures, incorporate leading practices, leverage lessons learned, maintain internal alignment, and update governances.

      Be thorough in your actions during this Phase to get the most out of it. It requires more than the equivalent of gauging a person's health by taking their temperature, measuring their blood pressure, and determining their body mass index. Keeping your VMI up-to-date and running smoothly takes hard work.

      Some of the items presented in this Phase require an annual review; others may require quarterly review or timely review (i.e. when things are top of mind and current). For example, collecting lessons learned should happen on a timely basis rather than annually, and classifying your vendors should occur annually rather than every time a new vendor enters the fold.

      Ultimately, the goal is to improve over time and stay aligned with other areas internally. This won't happen by accident. Being proactive in the review of your VMI further reinforces the nature of the VMI itself – proactive vendor management, not reactive!

      Step 4.1 – Incorporate leading practices

      Identify and evaluate what external VMIs are doing

      The VMI's world is constantly shifting and evolving. Some changes will take place slowly, while others will occur quickly. Think about how quickly the cloud environment has changed over the past five years versus the 15 years before that; or think about issues that have popped up and instantly altered the landscape (we're looking at you COVID and ransomware). As a result, the VMI needs to keep pace, and one of the best ways to do that is to incorporate leading practices.

      At a high level, a leading practice is a way of doing something that is better at producing a particular outcome or result or performing a task or activity than other ways of proceeding. The leading practice can be based on methodologies, tools, processes, procedures, and other items. Leading practices change periodically due to innovation, new ways of thinking, research, and other factors. Consequently, a leading practice is to identify and evaluate leading practices each year.

      Step 4.1 – Incorporate leading practices (cont'd)

      Update your VMI based on your research

      • A simple approach for incorporating leading practices into your regular review process is set out below:
      • Research:
        • What other VMIs in your industry are doing.
        • What other VMIs outside your industry are doing.
        • Vendor management in general.
      • Based on your results, list specific leading practices others are doing that would improve your VMI (be specific – e.g. other VMIs are incorporating risk into their classification process).
      • Evaluate your list to determine which of these potential changes fit or could be modified to fit your culture and environment.
      • Recommend the proposed changes to leadership (with a short business case or explanation/justification, as needed) and gain approval.

      Remember: Leading practices or best practices may not be what is best for you. In some instances, you will have to modify them to fit in your culture and environment; in other instances, you will elect not to implement them at all (in any form).

      Step 4.2 – Leverage lessons learned

      Tap into the collective wisdom and experience of your team members

      There are many ways to keep your VMI running smoothly, and creating a lessons learned library is a great complement to the other ways covered in this Phase 4 - Review. By tapping into the collective wisdom of the team and creating a safe feedback loop, the VMI gains the following benefits:

      • Documented institutional wisdom and knowledge normally found only in the team members' brains.
      • The ability for one team member to gain insights and avoid mistakes without having to duplicate the events leading to the insights or mistakes.
      • Improved methodologies, tools, processes, procedures, skills, and relationships.

      Many of the processes raised in this Phase can be performed annually, but a lessons learned library works best when the information is deposited in a timely manner. How you choose to set up your lessons learned process will depend on the tools you select and your culture. You may want to have regular input meetings to share the lessons as they are being deposited, or you may require team members to deposit lessons learned on a regular basis (within a week after they happen, monthly, or quarterly). Waiting too long can lead to vague or lost memories and specifics; timeliness of the deposits is a crucial element.

      Step 4.2 – Leverage lessons learned (cont'd)

      Create a library to share valuable information across the team

      Lessons learned are not confined to identifying mistakes or dissecting bad outcomes. You want to reinforce good outcomes, as well. When an opportunity for a lessons-learned deposit arises, identify the following basic elements:

      • A brief description of the situation and outcome.
      • What went well (if anything) and why did it go well?
      • What didn't go well (if anything) and why didn't it go well?
      • What would/could you do differently next time?
      • A synopsis of the lesson(s) learned.

      Info-Tech Insights

      The lessons learned library needs to be maintained. Irrelevant material needs to be culled periodically, and older or duplicate material may need to be archived.

      the lessons learned process should be blameless. The goal is to share insightful information, not to reward or punish people based on outcomes or results.

      Step 4.3 – Maintain internal alignment

      Review the plans of other internal areas to stay in sync

      Maintaining internal alignment is essential for the ongoing success of the VMI. Over time, it is easy to lose sight of the fact that the VMI does not operate in a vacuum; it is an integral component of a larger organization whose parts must work well together to function optimally. Focusing annually on the VMI's alignment within the enterprise helps reduce any breakdowns that could derail the organization.

      To ensure internal alignment:

      • Review the key components of the applicable materials from Phase 1 - Plan and Phase 2 - Build with the appropriate members of the leadership team (e.g. executives, sponsors, and stakeholders). Not every item from those Phases and Steps needs to be reviewed but err on the side of caution for the first set of alignment discussions, and be prepared to review each item. You can gauge the audience's interest on each topic and move quickly when necessary or dive deeper when needed. Identify potential changes required to maintain alignment.
      • Review the strategic plans (e.g. 1-, 3-, and 5- year plans) for various portions of the organization if you have access to them or gather insights if you don't have access.
        • If the VMI is under the IT umbrella, review the strategic plans for IT and its departments.
        • Review the strategic plans for the areas the VMI works with (e.g. Procurement, Business Units).
        • The organization itself.
      • Create and vet a list of modifications to the VMI and obtain approval.
      • Develop a plan for making the necessary changes.

      Summary of Accomplishment

      Problem solved

      Vendor management is a broad, often overwhelming, comprehensive spectrum that encompasses many disciplines. By now, you should have a great idea of what vendor management can or will look like in your organization. Focus on the basics first: Why does the VMI exist and what does it hope to achieve? What is it's scope? What are the strengths you can leverage, and what obstacles must you manage? How will the VMI work with others? From there, the spectrum of vendor management will begin to clarify and narrow.

      Leverage the tools and templates from this blueprint and adapt them to your needs. They will help you concentrate your energies in the right areas and on the right vendors to maximize the return on your organization's investment in the VMI of time, money, personnel, and other resources. You may have to lead by example internally and with your vendors at first, but they will eventually join you on your path if you stay true to your course.

      At the heart of a good VMI is the relationship component. Don't overlook its value in helping you achieve your vendor management goals. The VMI does not operate in a vacuum, and relationships (internal and external) will be critical.

      Lastly, seek continual improvement from the VMI and from your vendors. Both parties should be held accountable, and both parties should work together to get better. Be proactive in your efforts, and you, the VMI, and the organization will be rewarded.

      If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop

      Contact your account representative for more information

      workshops@infotech.com
      1-888-670-8889

      Related Info-Tech Research

      Prepare for Negotiations More Effectively
      Don't leave negotiation preparations and outcomes to chance. Learn how to prepare for negotiations more effectively and improve your results.

      Understand Common IT Contract Provisions to Negotiate More Effectively
      Info-Tech's guidance and insights will help you navigate the complex process of contract review and identify the key details necessary to maximize the protections for your organization.

      Capture and Market the ROI of Your VMO
      Calculating the impact or value of a vendor management office (VMO) can be difficult without the right framework and tools. Let Info-Tech's tools and templates help you account for the contributions made by your VMO.

      Bibliography

      Slide 5 – ISG Index 4Q 2021, Information Services Group, Inc., 2022.

      Slide 6 – ISG Index 4Q 2021, Information Services Group, Inc., 2022.

      Slide 7 – Geller & Company. "World-Class Procurement — Increasing Profitability and Quality." Spend Matters. 2003. Web. Accessed 4 Mar. 2019.

      Slide 26 – Guth, Stephen. The Vendor Management Office: Unleashing the Power of Strategic Sourcing. Lulu.com, 2007. Print. Protiviti. Enterprise Risk Management. Web. 16 Feb. 2017.

      Slide 34 – "Why Do We Perform Better When Someone Has High Expectations of Us?" The Decision Lab. Accessed January 31, 2022.

      Slide 56 - Top 10 Tips for Creating Compelling Reports," October 11, 2019, Design Eclectic. Accessed March 29, 2022.

      Slide 56 – "Six Tips for Making a Quality Report Appealing and Easy To Skim," Agency for Health Research and Quality. Accessed March 29, 2022.

      Slide 56 –Tucker, Davis. Marketing Reporting: Tips to Create Compelling Reports, March 28, 2020, 60 Second Marketer. Accessed March 29, 2022.

      Implement Lean Management Practices That Work

      • Buy Link or Shortcode: {j2store}116|cart{/j2store}
      • member rating overall impact: N/A
      • member rating average dollars saved: N/A
      • member rating average days saved: N/A
      • Parent Category Name: Performance Measurement
      • Parent Category Link: /performance-measurement
      • Service delivery teams do not measure, or have difficulty demonstrating, the value they provide.
      • There is a lack of continuous improvement.
      • There is low morale within the IT teams leading to low productivity.

      Our Advice

      Critical Insight

      • Create a problem-solving culture. Frequent problem solving is the differentiator between sustaining Lean or falling back to old management methods.
      • Commit to employee growth. Empower teams to problem solve and multiply your organizational effectiveness.

      Impact and Result

      • Apply Lean management principles to IT to create alignment and transparency and drive continuous improvement and customer value.
      • Implement huddles and visual management.
      • Build team capabilities.
      • Focus on customer value.
      • Use metrics and data to make better decisions.
      • Systematically solve problems and improve performance.
      • Develop an operating rhythm to promote adherence to Lean.

      Implement Lean Management Practices That Work Research & Tools

      Start here – read the Executive Brief

      Read our concise Executive Brief to find out how a Lean management system can help you increase transparency, demonstrate value, engage your teams and customers, continuously improve, and create alignment.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Understand Lean concepts

      Understand what a Lean management system is, review Lean philosophies, and examine simple Lean tools and activities.

      • Implement Lean Management Practices That Work – Phase 1: Understand Lean Concepts
      • Lean Management Education Deck

      2. Determine the scope of your implementation

      Understand the implications of the scope of your Lean management program.

      • Implement Lean Management Practices That Work – Phase 2: Determine the Scope of Your Implementation
      • Lean Management Scoping Tool

      3. Design huddle board

      Examine the sections and content to include in your huddle board design.

      • Implement Lean Management Practices That Work – Phase 3: Design Huddle Board
      • Lean Management Huddle Board Template

      4. Design Leader Standard Work and operating rhythm

      Determine the actions required by leaders and the operating rhythm.

      • Implement Lean Management Practices That Work – Phase 4: Design Leader Standard Work and Operating Rhythm
      • Leader Standard Work Tracking Template
      [infographic]

      Workshop: Implement Lean Management Practices That Work

      Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

      1 Understand Lean Concepts

      The Purpose

      Understand Lean management.

      Key Benefits Achieved

      Gain a common understanding of Lean management, the Lean management thought model, Lean philosophies, huddles, visual management, team growth, and voice of customer.

      Activities

      1.1 Define Lean management in your organization.

      1.2 Create training materials.

      Outputs

      Lean management definition

      Customized training materials

      2 Understand Lean Concepts (Continued) and Determine Scope

      The Purpose

      Understand Lean management.

      Determine the scope of your program.

      Key Benefits Achieved

      Understand metrics and performance review.

      Understand problem identification and continuous improvement.

      Understand Kanban.

      Understand Leader Standard Work.

      Define the scope of the Lean management program.

      Activities

      2.1 Develop example operational metrics

      2.2 Simulate problem section.

      2.3 Simulate Kanban.

      2.4 Build scoping tool.

      Outputs

      Understand how to use operational metrics

      Understand problem identification

      Understand Kanban/daily tasks section

      Defined scope for your program

      3 Huddle Board Design and Huddle Facilitation Coaching

      The Purpose

      Design the sections and content for your huddle board.

      Key Benefits Achieved

      Initial huddle board design.

      Activities

      3.1 Design and build each section in your huddle board.

      3.2 Simulate coaching conversations.

      Outputs

      Initial huddle board design

      Understanding of how to conduct a huddle

      4 Design and Build Leader Standard Work

      The Purpose

      Design your Leader Standard Work activities.

      Develop a schedule for executing Leader Standard Work.

      Key Benefits Achieved

      Standard activities identified and documented.

      Sample schedule developed.

      Activities

      4.1 Identify standard activities for leaders.

      4.2 Develop a schedule for executing Leader Standard Work.

      Outputs

      Leader Standard Work activities documented

      Initial schedule for Leader Standard Work activities

      The challenge of corporate security management

      • Buy Link or Shortcode: {j2store}41|cart{/j2store}
      • Related Products: {j2store}41|crosssells{/j2store}
      • member rating overall impact: N/A
      • member rating average dollars saved: N/A
      • member rating average days saved: N/A
      • Parent Category Name: Security and Risk
      • Parent Category Link: /security-and-risk
      • byline: Align security and business objectives to obtain the greatest benefit from both.

      Corporate security management is a vital aspect in every modern business, regardless of business area or size. At Tymans Group we offer expert security management consulting to help your business set up proper protocols and security programs. More elaborate information about our security management consulting services and solutions can be found below.

      Corporate security management components

      You may be experiencing one or more of the following:

      • The risk goals should support business goals. Your business cannot operate without security, and security is there to conduct business safely. 
      • Security governance supports security strategy and security management. These three components form a protective arch around your business. 
      • Governance and management are like the legislative branch and the executive branch. Governance tells people what to do, and management's job is to verify that they do it.

      Our advice with regards to corporate security management

      Insight

      To have a successful information security strategy, take these three factors into account:

      • Holistic: your view must include people, processes, and technology.
      • Risk awareness: Base your strategy on the actual risk profile of your company and then add the appropriate best practices.
      • Business-aligned: When your strategic security plan demonstrates alignment with the business goals and supports it, embedding will be much more straightforward.

      Impact and results of our corporate security management approach

      • The approach of our security management consulting company helps to provide a starting point for realistic governance and realistic corporate security management.
      • We help you by implementing security governance and managing it, taking into account your company's priorities, and keeping costs to a minimum.

      The roadmap

      Besides the small introduction, subscribers and consulting clients within the corporate security management domain have access to:

      Get up to speed

      Read up on why you should build your customized corporate information security governance and management system. Review our methodology and understand the four ways we can support you.

      Align your security objectives with your business goals

      Determine the company's risk tolerance.

      • Implement a Security Governance and Management Program – Phase 1: Align Business Goals With Security Objectives (ppt)
      • Information Security Governance and Management Business Case (ppt)
      • Information Security Steering Committee Charter (doc)
      • Information Security Steering Committee RACI Chart (doc)
      • Security Risk Register Tool (xls)

      Build a practical governance framework for your company

      Our best-of-breed security framework makes you perform a gap analysis between where you are and where you want to be (your target state). Once you know that, you can define your goals and duties.

      • Implement a Security Governance and Management Program – Phase 2: Develop an Effective Governance Framework (ppt)
      • Information Security Charter (doc)
      • Security Governance Organizational Structure Template (doc)
      • Security Policy Hierarchy Diagram (ppt)
      • Security Governance Model Facilitation Questions (ppt)
      • Information Security Policy Charter Template (doc)
      • Information Security Governance Model Tool (Visio)
      • Pdf icon 20x20
      • Information Security Governance Model Tool (PDF)

      Now that you have built it, manage your governance framework.

      There are several essential management activities that we as a security management consulting company suggest you employ.

      • Implement a Security Governance and Management Program – Phase 3: Manage Your Governance Framework (ppt)
      • Security Metrics Assessment Tool (xls)
      • Information Security Service Catalog (xls)
      • Policy Exception Tracker (xls)
      • Information Security Policy Exception Request Form (doc)
      • Security Policy Exception Approval Workflow (Visio)
      • Security Policy Exception Approval Workflow (PDF)
      • Business Goal Metrics Tracking Tool (xls)

      Book an online appointment for more advice

      We are happy to tell you more about our corporate security management solutions and help you set up fitting security objectives. As a security management consulting firm we offer solutions and advice, based on our own extensive experience, which are practical and people-orientated. Discover our services, which include data security management and incident management and book an online appointment with CEO Gert Taeymans to discuss any issues you may be facing regarding risk management or IT governance.

      cybersecurity

      Customer Value Contribution

      I'm proud to announce our new Customer Value Contribution Calculator©, or CVCC© in short.

      It enhances and possibly replaces the BIA (Business Impact Analysis) process with a much simpler way.

      More info to follow shortly.

      Select the Optimal Disaster Recovery Deployment Model

      • Buy Link or Shortcode: {j2store}413|cart{/j2store}
      • member rating overall impact: 8.8/10 Overall Impact
      • member rating average dollars saved: $10,247 Average $ Saved
      • member rating average days saved: 11 Average Days Saved
      • Parent Category Name: DR and Business Continuity
      • Parent Category Link: /business-continuity
      • DR deployment has many possibilities. It becomes overwhelming and difficult to sift through all of the options and understand what makes sense for your organization.
      • The combination of high switching costs and the pressure to move applications to cloud leaves managers overwhelmed and complacent with their current DR model.

      Our Advice

      Critical Insight

      1. Cut to the chase and evaluate the feasibility of cloud first. Gauge your organization’s current capabilities for DR in the cloud before becoming infatuated with the idea.
      2. A mixed model gives you the best of both worlds. Diversify your strategy by identifying fit for purpose and balancing the work required to maintain various models.
      3. Begin with the end in mind. Commit to mastering the selected model and leverage your vendor relationship for effective DR.

      Impact and Result

      • By efficiently eliminating models that are not suited for your organization and narrowing the scope of DR deployment possibilities, you spend more time focusing on what works rather than what doesn’t.
      • Taking a funneled approach ensures that you are not wasting time evaluating application-level considerations when organizational constraints prevent you from moving forward.
      • Comparing the total cost of ownership among candidate models helps demonstrate to the business the reason behind choosing one method over another.

      Select the Optimal Disaster Recovery Deployment Model Research & Tools

      Start here – read the Executive Brief

      Read our concise Executive Brief to find out why you should build the optimal DR deployment model, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Target the relevant DR options for your organization

      Complete Phase 1 to outline your DR site requirements, review any industry or organizational constraints on your DR strategy, and zero in on relevant DR models.

      • Select the Optimal Disaster Recovery Deployment Model – Phase 1: Target Relevant DR Options for Your Organization
      • DR Decision Tree (Visio)
      • DR Decision Tree (PDF)
      • Application Assessment Tool for Cloud DR

      2. Conduct a comprehensive analysis and vet the DR vendors

      Complete Phase 2 to explore possibilities of deployment models, conduct a TCO comparison analysis, and select the best-fit model.

      • Select the Optimal Disaster Recovery Deployment Model – Phase 2: Conduct a Comprehensive Analysis and Vet the DR Vendors
      • DR Solution TCO Comparison Tool

      3. Make the case and plan your transition

      Complete Phase 3 to assess outsourcing best practices, address implementation considerations, and build an executive presentation for business stakeholders.

      • Select the Optimal Disaster Recovery Deployment Model – Phase 3: Make the Case and Plan Your Transition
      • DR Solution Executive Presentation Template
      [infographic]

      Workshop: Select the Optimal Disaster Recovery Deployment Model

      Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

      1 Target Relevant DR Options for Your Organization

      The Purpose

      Identify potential DR models

      Key Benefits Achieved

      Take a funneled approach and avoid getting lost among all of the DR models available

      Activities

      1.1 Define DR site requirements

      1.2 Document industry and organizational constraints

      1.3 Identify potential DR models

      Outputs

      Determine the type of site, replication, and risk mitigation initiatives required

      Rule out unfit models

      DR Decision Tree

      Application Assessment Tool for Cloud DR

      2 Conduct a Comprehensive Analysis of Appropriate Models

      The Purpose

      Explore relevant DR models

      Key Benefits Achieved

      Develop supporting evidence for the various options

      Activities

      2.1 Explore pros and cons of potential solutions

      2.2 Understand the use case for DRaaS

      2.3 Review DR model diagrams

      Outputs

      Qualitative analysis on candidate models

      Evaluate the need for DRaaS

      DR diagrams for candidate models

      3 Build the DR Solution TCO Comparison Tool

      The Purpose

      Determine best cost models

      Key Benefits Achieved

      Save money by selecting the most cost effective option to meet your DR requirements

      Activities

      3.1 Gather hardware requirements for production site

      3.2 Define capacity requirements for DR

      3.3 Compare cost across various models

      Outputs

      Populate the production summary tab in TCO tool

      Understand how much hardware will need to be on standby and how much will be procured at the time of disaster

      Find the most cost effective method

      4 Make the Case and Plan Your Transition

      The Purpose

      Build support from business stakeholders by having a clear and defendable proposal for DR

      Key Benefits Achieved

      Effective and ready DR deployment model

      Activities

      4.1 Address implementation considerations for network, capacity, and day-to-day operations

      4.2 Build presentation for business stakeholders

      Outputs

      Define implementation projects necessary for deployment and appoint staff to execute them

      PowerPoint presentation to summarize findings from the course of the project

      Manage End-User Devices

      • Buy Link or Shortcode: {j2store}307|cart{/j2store}
      • member rating overall impact: 10.0/10 Overall Impact
      • member rating average dollars saved: $45,499 Average $ Saved
      • member rating average days saved: 10 Average Days Saved
      • Parent Category Name: End-User Computing Devices
      • Parent Category Link: /end-user-computing-devices
      • Desktop and mobile device management teams use separate tools and different processes.
      • People at all levels of IT are involved in device management.
      • Vendors are pushing unified endpoint management (UEM) products, and teams struggling with device management are hoping that UEM is their savior.
      • The number and variety of devices will only increase with the continued advance of mobility and emergence of the Internet of Things (IoT).

      Our Advice

      Critical Insight

      • Many problems can be solved by fixing roles, responsibilities, and process. Standardize so you can optimize.
      • UEM is not a silver bullet. Your current solution can image computers in less than 4 hours if you use lean images.
      • Done with, not done to. Getting input from the business will improve adoption, avoid frustration, and save everyone time.

      Impact and Result

      • Define the benefits that you want to achieve and optimize based on those benefits.
      • Take an evolutionary, rather than revolutionary, approach to merging end-user support teams. Process and tool unity comes first.
      • Define the roles and responsibilities involved in end-user device management, and create a training plan to ensure everyone can execute their responsibilities.
      • Stop using device management practices from the era of Windows XP. Create a plan for lean images and app packages.

      Manage End-User Devices Research & Tools

      Start here – read the Executive Brief

      Read our concise Executive Brief to find out why you should optimize end-user device management, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Identify the business and IT benefits of optimizing endpoint management

      Get your desktop and mobile device support teams out of firefighting mode by identifying the real problem.

      • Manage End-User Devices – Phase 1: Identify the Business and IT Benefits
      • End-User Device Management Standard Operating Procedure
      • End-User Device Management Executive Presentation

      2. Improve supporting teams and processes

      Improve the day-to-day operations of your desktop and mobile device support teams through role definition, training, and process standardization.

      • Manage End-User Devices – Phase 2: Improve Supporting Teams and Processes
      • End-User Device Management Workflow Library (Visio)
      • End-User Device Management Workflow Library (PDF)

      3. Improve supporting technologies

      Stop using management tools and techniques from the Windows XP era. Save yourself, and your technicians, from needless pain.

      • Manage End-User Devices – Phase 3: Improve Supporting Technologies
      [infographic]

      Workshop: Manage End-User Devices

      Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

      1 Identify the Business and IT Benefits of Optimizing End-User Device Management

      The Purpose

      Identify how unified endpoint management (UEM) can improve the lives of the end user and of IT.

      Key Benefits Achieved

      Cutting through the vendor hype and aligning with business needs.

      Activities

      1.1 Identify benefits you can provide to stakeholders.

      1.2 Identify business and IT goals in order to prioritize benefits.

      1.3 Identify how to achieve benefits.

      1.4 Define goals based on desired benefits.

      Outputs

      Executive presentation

      2 Improve the Teams and Processes That Support End-User Device Management

      The Purpose

      Ensure that your teams have a consistent approach to end-user device management.

      Key Benefits Achieved

      Developed a standard approach to roles and responsibilities, to training, and to device management processes.

      Activities

      2.1 Align roles to your environment.

      2.2 Assign architect-, engineer-, and administrator-level responsibilities.

      2.3 Rationalize your responsibility matrix.

      2.4 Ensure you have the necessary skills.

      2.5 Define Tier 2 processes, including patch deployment, emergency patch deployment, device deployment, app deployment, and app packaging.

      Outputs

      List of roles involved in end-user device management

      Responsibility matrix for end-user device management

      End-user device management training plan

      End-user device management standard operating procedure

      Workflows and checklists of end-user device management processes

      3 Improve the Technologies That Support End-User Device Management

      The Purpose

      Modernize the toolset used by IT to manage end-user devices.

      Key Benefits Achieved

      Saving time and resources for many standard device management processes.

      Activities

      3.1 Define the core image for each device/OS.

      3.2 Define app packages.

      3.3 Gather action items for improving the support technologies.

      3.4 Create a roadmap for improving end-user device management.

      3.5 Create a communication plan for improving end-user device management.

      Outputs

      Core image outline

      Application package outline

      End-user device management roadmap

      End-user device management communication plan

      Project Management

      • Buy Link or Shortcode: {j2store}48|cart{/j2store}
      • Related Products: {j2store}48|crosssells{/j2store}
      • member rating overall impact: 9.7/10
      • member rating average dollars saved: $303,499
      • member rating average days saved: 42
      • Parent Category Name: Project Portfolio Management and Projects
      • Parent Category Link: /ppm-and-projects
      • byline: Right-size the project management body of knowledge for all your IT projects.

      The challenge

      • Ill-defined or even lack of upfront project planning will increase the perception that your IT department cannot deliver value because most projects will go over time and budget.
      • The perception is those traditional ways of delivering projects via the PMBOK only increase overhead and do not have value. This is less due to the methodology and more to do with organizations trying to implement best-practices that far exceed their current capabilities.
      • Typical best-practices are too clinical in their approach and place unrealistic burdens on IT departments. They fail to address the daily difficulties faces by staff and are not sized to fit your organization.
      • Take a flexible approach and ensure that your management process is a cultural and capacity fit for your organization. Take what fits from these frameworks and embed them tailored into your company.

      Our advice

      Insight

      • The feather-touch is often the right touch. Ensure that you have a lightweight approach for most of your projects while applying more rigor to the more complex and high-risk developments.
      • Pick the right tools. Your new project management processes need the right tooling to be successful. Pick a tool that is flexible enough o accommodate projects of all sizes without imposing undue governance onto smaller projects.
      • Yes, take what fits within your company from frameworks, but there is no cherry-picking. Ensure your processes stay in context: If you do not inform for effective decision-making, all will be in vain. Develop your methods such that guide the way to big-picture decision taking and support effective portfolio management.

      Impact and results 

      • The right amount of upfront planning is a function of the type of projects you have and your company. The proper levels enable better scope statements, better requirements gathering, and increased business satisfaction.
      • An investment in a formal methodology is critical to projects of all sizes. An effective process results in more successful projects with excellent business value delivery.
      • When you have a repeatable and consistent approach to project planning and execution, you can better communicate between the IT project managers and decision-makers.
      • Better communication improves the visibility of the overall project activity within your company.

      The roadmap

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      Get started.

      Read our executive brief to understand why you should tailor project management practices to the type of projects you do and your company and review our methodology. We show you how we can support you.

      Lay the groundwork for project management success

      Assess your current capabilities to set the right level of governance.

      • Tailor Project Management Processes to Fit Your Projects – Phase 1: Lay the Groundwork for PM Success (ppt)
      • Project Management Triage Tool (xls)
      • COBIT BAI01 (Manage Programs and Projects) Alignment Workbook (xls)
      • Project Level Definition Matrix (xls)
      • Project Level Selection Tool (xls)
      • Project Level Assessment Tool (xls)
      • Project Management SOP Template (doc)

      Small project require a lightweight framework

      Increase small project's throughput.

      • Tailor Project Management Processes to Fit Your Projects – Phase 2: Build a Lightweight PM Process for Small Initiatives (ppt)
      • Level 1 Project Charter Template (doc)
      • Level 1 Project Status Report Template (doc)
      • Level 1 Project Closure Checklist Template (doc)

      Build the standard process medium and large-scale projects

      The standard process contains fully featured initiation and planning.

      • Tailor Project Management Processes to Fit Your Projects – Phase 3: Establish Initiation and Planning Protocols for Medium-to-Large Projects (ppt)
      • Project Stakeholder and Impact Assessment Tool (xls)
      • Level 2 Project Charter Template (doc)
      • Level 3 Project Charter Template (doc)
      • Kick-Off Meeting Agenda Template (doc)
      • Scope Statement Template (doc)
      • Project Staffing Plan(xls)
      • Communications Management Plan Template (doc)
      • Customer/Sponsor Project Status Meeting Template (doc)
      • Level 2 Project Status Report Template (doc)
      • Level 3 Project Status Report Template (doc)
      • Quality Management Workbook (xls)
      • Benefits Management Plan Template (xls)
      • Risk Management Workbook (xls)

      Build a standard process for the execution and closure of medium to large scale projects

      • Tailor Project Management Processes to Fit Your Projects – Phase 4: Develop Execution and Closing Procedures for Medium-to-Large Projects (ppt)
      • Project Team Meeting Agenda Template (doc)
      • Light Project Change Request Form Template (doc)
      • Detailed Project Change Request Form Template (doc)
      • Light Recommendation and Decision Tracking Log Template (xls)
      • Detailed Recommendation and Decision Tracking Log Template (xls)
      • Deliverable Acceptance Form Template (doc)
      • Handover to Operations Template (doc)
      • Post-Mortem Review Template (doc)
      • Final Sign-Off and Acceptance Form Template (doc)

      Implement your project management standard operating procedures (SOP)

      Develop roll-out and training plans, implement your new process and track metrics.

      • Tailor Project Management Processes to Fit Your Projects – Phase 5: Implement Your PM SOP (ppt)
      • Level 2 Project Management Plan Template (doc)
      • Project Management Process Costing Tool (xls)
      • Project Management Process Training Plan Template (doc)
      • Project Management Training Monitoring Tool (xls)
      • Project Management Process Implementation Timeline Tool (MS Project)
      • Project Management Process Implementation Timeline Tool (xls)

       

       

      Mitigate Machine Bias

      • Buy Link or Shortcode: {j2store}343|cart{/j2store}
      • member rating overall impact: 8.8/10 Overall Impact
      • member rating average dollars saved: $9,549 Average $ Saved
      • member rating average days saved: 5 Average Days Saved
      • Parent Category Name: Business Intelligence Strategy
      • Parent Category Link: /business-intelligence-strategy
      • AI is the new electricity. It is fundamentally and radically changing the fabric of our world, from the way we conduct business, to how we work and live, make decisions, and engage with each other, to how we organize our society, and ultimately, to who we are. Organizations are starting to adopt AI to increase efficiency, better engage customers, and make faster, more accurate decisions.
      • Like with any new technology, there is a flip side, a dark side, to AI – machine biases. If unchecked, machine biases replicate, amplify, and systematize societal biases. Biased AI systems may treat some of your customers (or employees) differently, based on their race, gender, identity, age, etc. This is discrimination, and it is against the law. It is also bad for business, including missed opportunities, lost consumer confidence, reputational risk, regulatory sanctions, and lawsuits.

      Our Advice

      Critical Insight

      • Machine biases are not intentional. They reflect the cognitive biases, preconceptions, and judgement of the creators of AI systems and the societal structures encoded in the data sets used for machine learning.
      • Machine biases cannot be prevented or fully eliminated. Early identification and diversity in and by design are key. Like with privacy and security breaches, early identification and intervention – ideally at the ideation phase – is the best strategy. Forewarned is forearmed. Prevention starts with a culture of diversity, inclusivity, openness, and collaboration.
      • Machine bias is enterprise risk. Machine bias is not a technical issue. It is a social, political, and business problem. Integrate it into your enterprise risk management (ERM).

      Impact and Result

      • Just because machine biases are induced by human behavior, which is also captured in data silos, they are not inevitable. By asking the right questions upfront during application design, you can prevent many of them.
      • Biases can be introduced into an AI system at any stage of the development process, from the data you collect, to the way you collect it, to which algorithms are used, to which assumptions are made, etc. Ask your data science team a lot of questions; leave no stone unturned.
      • Don’t wait until “Datasheets for Datasets” and “Model Cards for Model Reporting” (or similar frameworks) become standards. Start creating these documents now to identify and analyze biases in your apps. If using open-source data sets or libraries, you may need to create them yourself for now. If working with partners or using AI/ ML services, demand that they provide such information as part of the engagement. You, not your partners, are ultimately responsible for the AI-powered product or service you deliver to your customers or employees.
      • Build a culture of diversity, transparency, inclusivity, and collaboration – the best mechanism to prevent and address machine biases.
      • Treat machine bias as enterprise risk. Use your ERM to guide all decisions around machine biases and their mitigation.

      Mitigate Machine Bias Research & Tools

      Start here – read the Executive Brief

      Read our concise Executive Brief to understand the dark side of AI: algorithmic (machine) biases, how they emerge, why they are dangerous, and how to mitigate them. Review Info-Tech’s methodology and understand the four ways we can support you in completing this project.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Understand AI biases

      Learn about machine biases, how and where they arise in AI systems, and how they relate to human cognitive and societal biases.

      • Mitigate Machine Bias – Phase 1: Understand AI Biases

      2. Identify data biases

      Learn about data biases and how to mitigate them.

      • Mitigate Machine Bias – Phase 2: Identify Data Biases
      • Datasheets for Data Sets Template
      • Datasheets for Datasets

      3. Identify model biases

      Learn about model biases and how to mitigate them.

      • Mitigate Machine Bias – Phase 3: Identify Model Biases
      • Model Cards for Model Reporting Template
      • Model Cards For Model Reporting

      4. Mitigate machine biases and risk

      Learn about approaches for proactive and effective bias prevention and mitigation.

      • Mitigate Machine Bias – Phase 4: Mitigate Machine Biases and Risk
      [infographic]

      Workshop: Mitigate Machine Bias

      Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

      1 Prepare

      The Purpose

      Understand your organization’s maturity with respect to data and analytics in order to maximize workshop value.

      Key Benefits Achieved

      Workshop content aligned to your organization’s level of maturity and business objectives.

      Activities

      1.1 Execute Data Culture Diagnostic.

      1.2 Review current analytics strategy.

      1.3 Review organization's business and IT strategy.

      1.4 Review other supporting documentation.

      1.5 Confirm participant list for workshop.

      Outputs

      Data Culture Diagnostic report.

      2 Understand Machine Biases

      The Purpose

      Develop a good understanding of machine biases and how they emerge from human cognitive and societal biases. Learn about the machine learning process and how it relates to machine bias.

      Select an ML/AI project and complete a bias risk assessment.

      Key Benefits Achieved

      A solid understanding of algorithmic biases and the need to mitigate them.

      Increased insight into how new technologies such as ML and AI impact organizational risk.

      Customized bias risk assessment template.

      Completed bias risk assessment for selected project.

      Activities

      2.1 Review primer on AI and machine learning (ML).

      2.2 Review primer on human and machine biases.

      2.3 Understand business context and objective for AI in your organization.

      2.4 Discuss selected AI/ML/data science project or use case.

      2.5 Review and modify bias risk assessment.

      2.6 Complete bias risk assessment for selected project.

      Outputs

      Bias risk assessment template customized for your organization.

      Completed bias risk assessment for selected project.

      3 Identify Data Biases

      The Purpose

      Learn about data biases: what they are and where they originate.

      Learn how to address or mitigate data biases.

      Identify data biases in selected project.

      Key Benefits Achieved

      A solid understanding of data biases and how to mitigate them.

      Customized Datasheets for Data Sets Template.

      Completed datasheet for data sets for selected project.

      Activities

      3.1 Review machine learning process.

      3.2 Review examples of data biases and why and how they happen.

      3.3 Identify possible data biases in selected project.

      3.4 Discuss “Datasheets for Datasets” framework.

      3.5 Modify Datasheets for Data Sets Template for your organization.

      3.6 Complete datasheet for data sets for selected project.

      Outputs

      Datasheets for Data Sets Template customized for your organization.

      Completed datasheet for data sets for selected project.

      4 Identify Model Biases

      The Purpose

      Learn about model biases: what they are and where they originate.

      Learn how to address or mitigate model biases.

      Identify model biases in selected project.

      Key Benefits Achieved

      A solid understanding of model biases and how to mitigate them.

      Customized Model Cards for Model Reporting Template.

      Completed model card for selected project.

      Activities

      4.1 Review machine learning process.

      4.2 Review examples of model biases and why and how they happen.

      4.3 Identify potential model biases in selected project.

      4.4 Discuss Model Cards For Model Reporting framework.

      4.5 Modify Model Cards for Model Reporting Template for your organization.

      4.6 Complete model card for selected project.

      Outputs

      Model Cards for Model Reporting Template customized for your organization.

      Completed model card for selected project.

      5 Create Mitigation Plan

      The Purpose

      Review mitigation approach and best practices to control machine bias.

      Create mitigation plan to address machine biases in selected project. Align with enterprise risk management (ERM).

      Key Benefits Achieved

      A solid understanding of the cultural dimension of algorithmic bias prevention and mitigation and best practices.

      Drafted plan to mitigate machine biases in selected project.

      Activities

      5.1 Review and discuss lessons learned.

      5.2 Create mitigation plan to address machine biases in selected project.

      5.3 Review mitigation approach and best practices to control machine bias.

      5.4 Identify gaps and discuss remediation.

      Outputs

      Summary of challenges and recommendations to systematically identify and mitigate machine biases.

      Plan to mitigate machine biases in selected project.

      External Compliance

      • Buy Link or Shortcode: {j2store}39|cart{/j2store}
      • Related Products: {j2store}39|crosssells{/j2store}
      • member rating overall impact: N/A
      • member rating average dollars saved: N/A
      • member rating average days saved: N/A
      • Parent Category Name: Security and Risk
      • Parent Category Link: /security-and-risk
      • byline: External audits are about measuring you; Do not play games, but be in control.
      Take Control of Compliance Improvement to Conquer Every Audit

      Get Started With FinOps

      • Buy Link or Shortcode: {j2store}473|cart{/j2store}
      • member rating overall impact: N/A
      • member rating average dollars saved: N/A
      • member rating average days saved: N/A
      • Parent Category Name: Cloud Strategy
      • Parent Category Link: /cloud-strategy
      • Runaway cloud costs are wrecking the CIO’s budget, but cloud costs are hard to reign in because vendors are not always up front about the true costs, it’s easy to oversubscribe to services and quickly run up costs with pay-as-you-go service, and cloud bills are complex.
      • While IT isn’t the business owner for cloud services, they often carry the cost of overruns on their budget, and don’t have the skills or influence to more effectively manage cloud costs.
      • Truly optimizing cloud spend and maximizing business value from cloud requires insight and collaboration from IT/engineering, finance, and business owners, but those teams are often siloed and manage their cloud usage or spend differently.

      Our Advice

      Critical Insight

      • The business units that need to collaborate to make FinOps work are often siloed, with different processes, data, metrics and cloud expertise. Coordinating their efforts to encourage shared responsibility can be a big obstacle to overcome.
      • FinOps requires a cultural shift to empower every cloud user to take accountability for cloud cost optimization.
      • To get started with FinOps, it’s essential to first break down those silos and get the multiple teams involved on the same page. Everyone must understand how FinOps is part of their responsibilities.

      Impact and Result

      • Implementing FinOps will lead to improved visibility and control over cloud spend, optimized resource allocation and reduced cloud waste, enhanced transparency, improved forecasting and budgeting, and increased accountability over cloud costs across business units.
      • This blueprint will help you get started with FinOps by identifying the roles involved in FinOps, defining the key activities that must be conducted, and assigning ownership to each task. This will help foster a shared responsibility for FinOps and encourage everyone to work toward common goals.

      Get Started With FinOps Research & Tools

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Get Started With FinOps Deck – A guide to defining and assigning the roles and activities involved in FinOps.

      This storyboard will help you define FinOps roles and structure of the FinOps and other teams, identify key activities, and assign ownership to each. It will also provide guidance on analyzing the results of the RACI chart.

      • Get Started With FinOps Storyboard

      2. FinOps RACI Chart – A tool to help you assess the current state of FinOps activities and assign ownership to each.

      This tool will help you assess the current state of FinOps activities and assign ownership to each activity. Use the outputs of the exercise to define how roles across the organization will be involved in FinOps and where to focus efforts in maturing in FinOps.

      • FinOps RACI Chart
      [infographic]

      Further reading

      Get Started With FinOps

      FinOps goes beyond identifying cloud savings. It empowers every cloud user to maximize the value of their spend.

      Executive Brief

      Analyst Perspective

      The first step of FinOps is collectively realizing that maximizing value is every cloud user's responsibility.

      Natalie Sansone

      Natalie Sansone, PhD
      Research Director, Infrastructure & Operations
      Info-Tech Research Group

      As cloud adoption increases, and with it the complexity of cloud environments, managing and optimizing cloud spend has become both a top challenge and priority for IT organizations. In response, the practice of FinOps has emerged to help organizations maximize the value they get from the cloud. As its popularity surges, organizations are told they must do FinOps, but many feel their practice is not yet mature. One of their biggest obstacles is empowering engineers and other cloud users to work toward this shared goal with other teams.

      To grow and mature your FinOps practice, your first challenge is breaking down silos, encouraging collaboration across varying business units, and getting all cloud users to be accountable for their cloud usage and spend and to understand the shared goals of FinOps. Beyond finding ways to reduce cloud costs, FinOps is a cultural shift that enables better collaboration between distributed teams. It allows them to leverage data to identify opportunities to maximize business value from cloud investments.

      Whether you’re starting the FinOps journey or looking to mature your practice, this blueprint will help you organize by defining the required role and tasks. Then you can work through a collective exercise to ensure everyone understands who is involved and responsible for each activity. You’ll gain the information you need and be better positioned to continuously improve and mature your processes, but success begins with everyone understanding that FinOps is a shared responsibility.

      Executive Summary

      Your Challenge

      Common Obstacles

      Info-Tech’s Approach
      • Runaway cloud costs are wrecking the CIO’s budget, but these are hard to rein in because cloud vendors are not always upfront about the true costs. It’s easy to oversubscribe to services and quickly run up costs with pay-as-you-go service and complex bills.
      • While IT isn’t the business owner for cloud services, they often carry the cost of overruns on their budget, and don’t have the skills or influence to more effectively manage cloud costs.
      • Truly optimizing cloud spend and maximizing its business value requires insight and collaboration from IT/engineering, finance, and business owners, but those teams are often siloed and manage their cloud usage/spend differently.
      • IT leaders are instructed to implement a FinOps practice, but don’t truly understand what that is, who needs to be involved, or where to start.
      • Business units that must collaborate to make FinOps work are often siloed and have different processes, data, metrics, and cloud expertise. Coordinating efforts to encourage shared responsibility can be a challenge. FinOps requires a cultural shift to empower every cloud user to take accountability for cost optimization.
      • Lack of visibility into cloud usage, spending patterns, and cost drivers along with inadequate tools to get the required data to drive decision making. This leads to hindered progress.
      • Implementing FinOps will improve visibility and control over cloud spend, optimize resource allocation and reduce waste, enhance transparency, improve forecasting and budgeting, and improve cost accountability across business units.
      • To get started with FinOps, first it’s essential to break down those silos and coordinate the multiple teams involved. Everyone must understand how FinOps is part of their responsibilities.
      • This blueprint will help you identify the roles involved in FinOps, define the key activities that must be conducted, and assign ownership to each task. This will help foster a shared responsibility for FinOps and encourage everyone to work toward common goals.

      Info-Tech Insight

      FinOps is not just about driving cloud savings. It’s a cultural shift empowering every cloud user to maximize the value of their spend. The first step of FinOps is therefore to help everyone understand their share of responsibility.

      What is FinOps?

      Definition

      “FinOps is an evolving cloud financial management discipline and cultural practice that enables organizations to get maximum business value by helping engineering, finance, technology, and business teams to collaborate on data-driven spending decisions.”

      Definition Updated: November 2021 by the FinOps Foundation Technical Advisory Council

      The ultimate purpose of FinOps is to bring business value to your organization by reducing cloud waste.

      • FinOps is the people, processes, and tools you use to eliminate waste and ensure you get the most value from your cloud spend.
      • FinOps is the framework within which teams can operate to ensure they are optimizing their use of cloud resources.
      • FinOps brings financial accountability to cloud spend.
      • FinOps is a culture practice where everyone collaborates and takes ownership for their cloud usage while being supported and governed by a central group. It breaks down silos so teams that haven’t worked closely together in the past collaborate toward shared goals.
      • It brings financial accountability and cultural change to cloud spend by enabling distributed teams to better collaborate and leverage data to decide where/when to invest in cloud for maximum business value.
      • FinOps is not done by an individual or just one team. It’s a change in the way that many disparate teams work together, from engineering to finance to business teams.

      Common misconceptions about FinOps

      FinOps is not

      FinOps is
      • Only about saving money
      • Only focused on activities related to cost optimization
      • IT financial management, which involves tracking and analyzing all costs associated with IT services
      • An activity (or set of activities) done by one person or team
      • Short for financial operations
      • About maximizing value. FinOps is optimizing cloud costs to provide maximum business value and support scalability (sometimes this means investing more money in cloud)
      • FinOps also involves building a culture of accountability, visibility, and collaboration around cloud usage and cost
      • Focused specifically on managing/optimizing cloud costs
      • A cultural shift around how disparate teams work together, people from all areas of the organization can play a role
      • The term is a portmanteau (combination) of Finance and (Dev)Ops, emphasizing the collaboration between business and engineering teams1
      1 “What is FinOps?” FinOps Foundation, 2023

      FinOps’ popularity has exploded in recent years

      2012 - The practice of FinOps begins to emerge through early scalers in public cloud like Adobe and Intuit

      2017 - Many IT departments begin to use the cloud for limited use cases, but very few enterprises are all in the cloud

      2019 - Many companies begin moving to a cloud-first strategy, shifting IT spend from capital to operational expenditure (CapEx to OpEx), complicating cloud bills

      February 2019 - The FinOps Foundation is born out of Cloudability’s Customer Advisory Board meeting where many cloud practitioners discuss the need for a community of practitioners

      June 2020 - The FinOps Foundation merges with Linux Foundation and sets the standard for cloud financial management

      Sources: Carr, 2022; Linux Foundation, 2023, Storment & Fuller, 2023.

      The image contains a graph that demonstrates the increasing number of people listing FinOps as a skill.

      Where did the term come from?

      The term FinOps has risen in popularity over the last few years. Originally, organizations used the term cloud cost management, then cloud cost optimization, then more broadly, cloud financial management. The latter has now been largely replaced by FinOps.

      Why is FinOps so essential? (1/2)

      The shift from fixed to variable spend has changed the way organizations must manage and report on costs.

      In the traditional data center era:

      • The enterprise procured infrastructure through large capital refreshes of data center hardware.
      • Infrastructure teams tried their best to avoid running out of storage before the next hardware refresh. Equipment was intentionally oversized to accommodate unexpected growth.
      • IT teams would not worry about how much infrastructure resources they consumed, provided they stayed within planned capacity limits. If capacity ran low, resource usage would be adjusted.
      • The business might not like laying out large capital expenditures, but it had full visibility into the cost and got to approve spending in advance using financial controls.
      • Monthly costs were well-understood and monthly or infrequent reporting was acceptable because day-to-day costs did not vary.
      • Mature organizations might chargeback or showback costs to application teams based on number of virtual machines or other measures, but traditional on-premises chargeback wouldn't save money overall.

      Why is FinOps so essential? (2/2)

      The shift from fixed to variable spend has changed the way organizations must manage and report on costs.

      In the cloud era:

      • Infrastructure resources must no longer be provisioned in advance through spending capital budgets.
      • Capacity management isn’t a major concern. Spare capacity is always available, and savings can result from not paying for unnecessary capacity.
      • Cloud services often offer pay-as-you-go pricing models, allowing more control and flexibility to pay only for the resources you consume.
      • When services use more resources than they need, running costs increase. Cost reductions are realized through reducing the size of allocated resources.
      • The variable consumption model can reduce operating costs but can make budgeting and forecasting difficult. IT and the business can no longer predict what they will pay for infrastructure resources.
      • Billing is no longer straightforward and monthly. Resources are individually charged in micro amounts. Costs must be regularly reviewed as unexpected or forgotten resource usage can add up significantly.

      Managing cloud spend remains a challenge for many organizations

      Given the variable nature of cloud costs and complex pricing structures, it can be easy to overspend without mature FinOps processes in place. Indeed, 82% of organizations cite managing cloud spend as one of their top challenges.

      Respondents reported that public cloud spend was over budget by an average of 18%, up from 13% the previous year.

      Source: Flexera 2023 State of the Cloud Report, n=750

      Organization's top cloud challenges.

      While FinOps adoption has rapidly increased, maturity has not

      Most organizations understand the value of FinOps but are not mature in their practice.

      NetApp’s 2023 State of CloudOps Report found that:

      96% say FinOps is important to their cloud strategy

      9% have a mature FinOps practice

      92% report that they struggle with FinOps

      Source: NetApp, 2023 State of CloudOps Report, n=310 IT decision makers in the United States responsible for public cloud infrastructure investments.

      Flexera’s 2023 State of the Cloud report found that 72% of organizations have a dedicated FinOps team.

      Flexera’s annual report also found that year over year, cloud cost responsibilities are increasingly shifting away from Finance/Accounting and Vendor Management teams and over to FinOps teams as they emerge and mature.

      Source: Flexera, 2023 State of the Cloud Report, n=750 decision-makers and users around the world

      Data Architecture

      • Buy Link or Shortcode: {j2store}17|cart{/j2store}
      • Related Products: {j2store}17|crosssells{/j2store}
      • member rating overall impact: 9.5/10
      • member rating average dollars saved: $30,159
      • member rating average days saved: 5
      • Parent Category Name: Data and Business Intelligence
      • Parent Category Link: /data-and-business-intelligence
      • byline: Modernize your data architecture for measurable business value.
      Enable the business to achieve operational excellence, client intimacy, and product leadership with an innovative, agile, and fit-for-purpose data architecture practice

      Close the InfoSec Skills Gap: Develop a Technical Skills Sourcing Plan

      • Buy Link or Shortcode: {j2store}378|cart{/j2store}
      • member rating overall impact: 7.3/10 Overall Impact
      • member rating average dollars saved: $10,756 Average $ Saved
      • member rating average days saved: 9 Average Days Saved
      • Parent Category Name: Governance, Risk & Compliance
      • Parent Category Link: /governance-risk-compliance
      • The demand for qualified cybersecurity professionals far exceeds supply. As a result, organizations are struggling to protect their data against the evolving threat landscape.
      • It is a constant challenge to know what skills will be needed in the future, and when and how to acquire them.

      Our Advice

      Critical Insight

      • Plan for the inevitable. All industries are expected to be affected by the talent gap in the coming years. Plan ahead to address your organization’s future needs.
      • Base skills acquisition decisions on the five key factors to define skill needs. Create an impact scale for the five key factors (data criticality, durability, availability, urgency, and frequency) that reflects your organizational strategy, initiatives, and pressures.
      • A skills gap will always exist to some degree. The threat landscape is constantly changing, and your workforce’s skill sets must evolve as well.

      Impact and Result

      • Organizations must align their security initiatives to talent requirements such that business objectives are achieved and the business is cyber ready.
      • Identify if there are skill gaps in your current workforce.
      • Decide how you’ll acquire needed skills based on characteristics of need for each skill.

      Close the InfoSec Skills Gap: Develop a Technical Skills Sourcing Plan Research & Tools

      Start here – read the Executive Brief

      Read our concise Executive Brief to find out why you should develop a technical skills acquisition strategy, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Identify skill needs for target state

      Identify what skills will be needed in your future state.

      • Close the InfoSec Skills Gap: Develop a Technical Skills Sourcing Plan – Phase 1: Identity Skill Needs for Target State
      • Security Initiative Skills Guide
      • Skills Gap Prioritization Tool

      2. Identify technical skill gaps

      Align role requirements with future initiative skill needs.

      • Close the InfoSec Skills Gap: Develop a Technical Skills Sourcing Plan – Phase 2: Identify Technical Skill Gaps
      • Current Workforce Skills Assessment
      • Technical Skills Workbook
      • Information Security Compliance Manager
      • IT Security Analyst
      • Chief Information Security Officer
      • Security Administrator
      • Security Architect

      3. Develop a sourcing plan for future work roles

      Acquire skills based on the impact of the five key factors.

      • Close the InfoSec Skills Gap: Develop a Skills Sourcing Plan for Future Work Roles – Phase 3: Develop a Sourcing Plan for Future Work Roles
      [infographic]

      Workshop: Close the InfoSec Skills Gap: Develop a Technical Skills Sourcing Plan

      Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

      1 Identify Skill Needs for Target State

      The Purpose

      Determine the skills needed in your workforce and align them to your organization’s security roadmap.

      Key Benefits Achieved

      Insight on what skills your organization will need in the future.

      Activities

      1.1 Understand the importance of aligning security initiatives skill needs with workforce requirements.

      1.2 Identify needed skills for future initiatives.

      1.3 Prioritize the initiative skill gaps.

      Outputs

      Security Initiative Skills Guide

      Skills Gap Prioritization Tool

      2 Define Technical Skill Requirements

      The Purpose

      Identify and create technical skill requirements for key work roles that are needed to successfully execute future initiatives.

      Key Benefits Achieved

      Increased understanding of the NICE Cybersecurity Workforce Framework.

      Standardization of technical skill requirements of current and future work roles.

      Activities

      2.1 Assign work roles to the needs of your future environment.

      2.2 Discuss the NICE Cybersecurity Workforce Framework.

      2.3 Develop technical skill requirements for current and future work roles.

      Outputs

      Skills Gap Prioritization Tool

      Technical Skills Workbook

      Current Workforce Skills Assessment

      3 Acquire Technical Skills

      The Purpose

      Assess your current workforce against their role’s skill requirements.

      Discuss five key factors that aid acquiring skills.

      Key Benefits Achieved

      A method to acquire skills in future roles.

      Activities

      3.1 Continue developing technical skill requirements for current and future work roles.

      3.2 Conduct Current Workforce Skills Assessment.

      3.3 Discuss methods of acquiring skills.

      3.4 Develop a plan to acquire skills.

      Outputs

      Technical Skills Workbook

      Current Workforce Skills Assessment

      Current Workforce Skills Assessment

      Technical Skills Workbook

      Current Workforce Skills Assessment

      Technical Skills Workbook

      Current Workforce Skills Assessment

      4 Plan to Execute Action Plan

      The Purpose

      Assist with communicating the state of the skill gap in your organization.

      Key Benefits Achieved

      Strategy on how to acquire skills needs of the organization.

      Activities

      4.1 Review skills acquisition plan.

      4.2 Discuss training and certification opportunities for staff.

      4.3 Discuss next steps for closing the skills gap.

      4.4 Debrief.

      Outputs

      Technical Skills Workbook

      Accelerate Business Growth and Valuation by Building Brand Awareness

      • Buy Link or Shortcode: {j2store}569|cart{/j2store}
      • member rating overall impact: N/A
      • member rating average dollars saved: N/A
      • member rating average days saved: N/A
      • Parent Category Name: Marketing Solutions
      • Parent Category Link: /marketing-solutions

      Brands that fail to invest in brand awareness are likely to face some, if not all these problems:

      • Lack of brand visibility and recognition
      • Inability to reach and engage with the buyers
      • Difficulties generating and converting leads
      • Low customer retention rate
      • Inability to justify higher pricing
      • Limited brand equity, business valuation, and sustainability

      Our Advice

      Critical Insight

      Awareness brings visibility and traction to brands, which is essential in taking the market leadership position and becoming the trusted brand that buyers think of first.

      Brand awareness also significantly contributes to increasing brand equity, market valuation, and business sustainability.

      Impact and Result

      Building brand awareness allows for the increase of:

      • Brand visibility, perception, recognition, and reputation
      • Interactions and engagement with the target audience
      • Digital advertising performance and ROI
      • Conversion rates and sales wins
      • Revenue and profitability
      • Market share & share of voice (SOV)
      • Talents, partners, and investors attraction and retention
      • Brand equity, business growth, and market valuation

      Accelerate Business Growth and Valuation by Building Brand Awareness Research & Tools

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Accelerate Business Growth and Valuation by Building Brand Awareness Storyboard - Learn how to establish the brand foundation, create assets and workflows, and deploy effective brand awareness strategies and tactics.

      A two-step approach to building brand awareness, starting with defining the brand foundations and then implementing effective brand awareness strategies and tactics.

      • Accelerate Business Growth and Valuation by Building Brand Awareness Storyboard

      2. Define Brand's Personality and Message - Analyze your target market and develop key elements of your brand guidelines.

      With this set of tools, you will be able to capture and analyze your target market, your buyers and their journeys, define your brand's values, personality, and voice, and develop all the key elements of your brand guidelines to enable people within your organization and external resources to build a consistent and recognizable image across all assets and platforms.

      • Market Analysis Template
      • Brand Recognition Survey and Interview Questionnaire and List Template
      • External and Internal Factors Analysis Template
      • Buyer Personas and Journey Presentation Template
      • Brand Purpose, Mission, Vision, and Values Template
      • Brand Value Proposition and Positioning Statement
      • Brand Voice Guidelines Template
      • Writing Style Guide Template
      • Brand Messaging Template
      • Writer Checklist

      3. Start Building Brand Awareness - Achieve strategic alignment.

      These tools will allow you to achieve strategic alignment and readiness, create assets and workflows, deploy tactics, establish Key Performance Indicators (KPIs), and monitor and optimize your strategy on an ongoing basis.

      • Brand Awareness Strategy and Tactics Template
      • Asset Creation and Management List
      • Campaign Workflows Template
      • Brand Awareness Strategy Rollout Plan Template
      • Survey Emails Best Practices Guidelines

      Infographic

      Further reading

      Accelerate Business Growth and Valuation By Building Brand Awareness

      Develop and deploy comprehensive, multi-touchpoint brand awareness strategies to become the trusted brand that buyers think of first.

      EXECUTIVE BRIEF

      Analyst perspective

      Building brand awareness

      Achieving high brand awareness in a given market and becoming the benchmark for buyers

      is what every brand wants to achieve, as it is a guarantee of success. Building brand awareness,

      even though its immediate benefits are often difficult to see and measure, is essential for companies that want to stand out from their competitors and continue to grow in a sustainable way. The return on investment (ROI) may take longer, but the benefits are also greater than those achieved through short-term initiatives with the expectation of immediate, albeit often limited, results.

      Brands that are familiar to their target market have greater credibility, generate more sales,

      and have a more loyal customer base. CMOs that successfully execute brand awareness programs

      build brand equity and grow company valuation.

      This is a picture of Nathalie Vezina

      Nathalie Vezina
      Marketing Research Director
      SoftwareReviews Advisory

      Executive summary

      Brand leaders know that brand awareness is essential to the success of all marketing and sales activities. Brands that fail to invest in brand awareness are likely to face some, if not all these problems:

      • Lack of brand visibility and compelling storytelling.
      • Inability to reach the target audience.
      • Low engagement on digital platforms and with ads.
      • Difficulties generating and converting leads, or closing/winning sales/deals, and facing a high cost per acquisition.
      • Low/no interest or brand recognition, trust level, and customer retention rate.
      • Inability to justify higher pricing.

      Convincing stakeholders of the benefits of strong brand awareness can be difficult when the positive outcomes are hard to quantify, and the return on investment (ROI) is often long-term. Among the many obstacles brand leaders must overcome are:

      • Lack of longer-term corporate vision, focusing all efforts and resources on short-term growth strategies for a quick ROI.
      • Insufficient market and target buyers' information and understanding of the brand's key differentiator.
      • Misalignment of brand message, and difficulties creating compelling content that resonates with the target audience, generates interest, and keeps them engaged.
      • Limited or no resources dedicated to the development of the brand.

      Inspired by top-performing businesses and best practices, this blueprint provides the guidance and tools needed to successfully build awareness and help businesses grow. By following these guidelines, brand leaders can expect to:

      • Gain market intelligence and a clear understanding of the buyer's needs, your competitive advantage, and key differentiator.
      • Develop a clear and compelling value proposition and a human-centric brand messaging driven by the brand's values.
      • Increase online presence and brand awareness to attract and engage with buyers.
      • Develop a long-term brand strategy and execution plan.

      "A brand is the set of expectations, memories, stories, and relationships that, taken together, account for a consumer's decision to choose one product or service over another."

      – Seth Godin

      What is brand awareness?

      The act of making a brand visible and memorable.

      Brand awareness is the degree to which buyers are familiar with and recognize the attributes and image of a particular brand, product, or service. The higher the level of awareness, the more likely the brand is to come into play when a target audience enters the " buying consideration" phase of the buyer's journey.

      Brand awareness also plays an important role in building equity and increasing business valuation. Brands that are familiar to their target market have greater credibility, drive more sales and have a more loyal customer base.
      Building brand awareness allows increasing:

      • Brand visibility, perception, recognition, and reputation
      • Interactions and engagement with the target audience
      • Digital advertising performance and ROI
      • Conversion rates and sales wins
      • Revenue and profitability
      • Market share and share of voice (SOV)
      • Talents, partners, and investors attraction and retention
      • Brand equity, business growth, and market valuation

      "Products are made in a factory, but brands are created in the mind."
      Source: Walter Landor

      Capitalizing on a powerful brand

      A longer-term approach for an increased and more sustainable ROI.

      Market leader position

      Developing brand awareness is essential to increase the visibility and traction of a brand.

      Several factors may cause a brand to be not well-known. One reason might be that the brand recently launched, such as a startup. Another reason could be that the brand has rebranded or entered a new market.

      To become the trusted brand that buyers think of first in their target markets, it is critical for these brands to develop and deploy comprehensive, multi-touchpoint brand awareness strategies.

      A relationship leading to loyalty

      A longer-term brand awareness strategy helps build a strong relationship between the brand and the buyer, fostering a lasting and rewarding alliance.

      It also enables brands to reach and engage with their target audience effectively by using compelling storytelling and meaningful content.

      Adopting a more human-centric approach and emphasizing shared values makes the brand more attractive to buyers and can drive sales and gain loyalty.

      Sustainable business growth

      For brands that are not well established in their target market, short-term tactics that focus on immediate benefits can be ineffective. In contrast, long-term brand awareness strategies provide a more sustainable ROI (return on investment).

      Investing in building brand awareness can impact a business's ability to interact with its target audience, generate leads, and increase sales. Moreover, it can significantly contribute to boosting the business's brand equity and market valuation.

      "Quick wins may work in the short term, but they're not an ideal substitute for long-term tactics and continued success."
      Source: Forbes

      Impacts of low brand awareness on businesses

      Unfamiliar brands, despite their strong potential, won't thrive unless they invest in their notoriety.

      Brands that choose not to invest in longer-term awareness strategies and rely solely on short-term growth tactics in hopes of an immediate gain will see their ability to grow diminished and their longevity reduced due to a lack of market presence and recognition.

      Symptoms of a weakening brand include:

      • High marketing spending and limited result
      • Low market share or penetration
      • Low sales, revenue, and gross margin
      • Weak renewal rate, customer retention, and loyalty
      • Difficulties delivering on the brand promise, low/no trust in the brand
      • Limited brand equity, business valuation, and sustainability
      • Unattractive brand to partners and investors

      "Your brand is the single most important investment you can make in your business."
      Source: Steve Forbes

      Most common obstacles to increasing brand awareness

      Successfully building brand awareness requires careful preparation and planning.

      • Limited market intelligence
      • Unclear competitive advantage/key differentiator
      • Misaligned and inconsistent messaging and storytelling
      • Lack of long-term vision
      • and low prioritization
      • Limited resources to develop and execute brand awareness building tactics
      • Unattractive content that does not resonate, generates little or no interest and engagement

      Investing in the notoriety of the brand

      Become the top-of-mind brand in your target market.

      To stand out, be recognized by their target audience, and become major players in their industry, brands must adopt a winning strategy that includes the following elements:

      • In-depth knowledge and understanding of the market and audience
      • Strengthening digital presence and activities
      • Creating and publishing content relevant to the target audience
      • Reaching out through multiple touchpoints
      • Using a more human-centric approach
      • Ensure consistency in all aspects of the brand, across all media and channels

      How far are you from being the brand buyers think of first in your target market?

      This is an image of the Brand Awareness Pyramid.

      Brand awareness pyramid

      Based on David Aaker's brand loyalty pyramid

      Tactics for building brand awareness

      Focus on effective ways to gain brand recognition in the minds of buyers.

      This is an image of the Brand Awareness Journey Roadmap.

      Brand recognition requires in-depth knowledge of the target market, the creation of strong brand attributes, and increased presence and visibility.

      Understand the market and audience you're targeting

      Be prepared. Act smart.

      To implement a winning brand awareness-building strategy, you must:

      • Be aware of your competitor's strengths and weaknesses, as well as yours.
      • Find out who is behind the keyboard, and the user experience they expect to have.
      • Plan and continuously adapt your tactics accordingly.
      • Make your buyer the hero.

      Identify the brands' uniqueness

      Find your "winning zone" and how your brand uniquely addresses buyers' pain points.

      Focus on your key differentiator

      A brand has found its "winning zone" or key differentiator when its value proposition clearly shows that it uniquely solves its buyers' specific pain points.

      Align with your target audience's real expectations and successfully interact with them by understanding their persona and buyer's journey. Know:

      • How you uniquely address their pain points.
      • Their values and what motivates them.
      • Who they see as authorities in your field.
      • Their buying habits and trends.
      • How they like brands to engage with them.

      An image of a Venn diagram between the following three terms: Buyer pain point; Competitors' value proposition; your unique value proposition. The overlapping zone is labeled the Winning zone. This is your key differentiator.

      Give your brand a voice

      Define and present a consistent voice across all channels and assets.

      The voice reflects the personality of the brand and the emotion to be transmitted. That's why it's crucial to establish strict rules that define the language to use when communicating through the brand's voice, the type of words, and do's and don'ts.

      To be recognizable it is imperative to avoid inconsistencies. No matter how many people are behind the brand voice, the brand must show a unique, distinctive personality. As for the tone, it may vary according to circumstances, from lighter to more serious.

      Up to 80% Increased customer recognition when the brand uses a signature color scheme across multiple platforms
      Source: startup Bonsai
      23% of revenue increase is what consistent branding across channels leads to.
      Source: Harvard Business Review

      When we close our eyes and listen, we all recognize Ella Fitzgerald's rich and unique singing voice.

      We expect to recognize the writing of Stephen King when we read his books. For the brand's voice, it's the same. People want to be able to recognize it.

      Adopt a more human-centric approach

      If your brand was a person, who would it be?

      Human attributes

      Physically attractive

      • Brand identity
      • Logo and tagline
      • Product design

      Intellectually stimulating

      • Knowledge and ideas
      • Continuous innovation
      • Thought leadership

      Sociable

      • Friendly, likeable and fun
      • Confidently engage with audience through multiple touchpoints
      • Posts and shares meaningful content
      • Responsive

      Emotionally connected

      • Inspiring
      • Powerful influencer
      • Triggers emotional reactions

      Morally sound

      • Ethical and responsible
      • Value driven
      • Deliver on its promise

      Personable

      • Honest
      • Self-confident and motivated
      • Accountable

      0.05 Seconds is what it takes for someone to form an opinion about a website, and a brand.
      Source: 8ways

      90% of the time, our initial gut reaction to products is based on color alone.
      Source: startup Bonsai

      56% of the final b2b purchasing decision is based on emotional factors.
      Source: B@B International

      Put values at the heart of the brand-buyers relationship

      Highlight values that will resonate with your audience.

      Brands that focus on the values they share with their buyers, rather than simply on a product or service, succeed in making meaningful emotional connections with them and keep them actively engaged.

      Shared values such as transparency, sustainability, diversity, environmental protection, and social responsibility become the foundation of a solid relationship between a brand and its audience.

      The key is to know what motivates the target audience.

      86% of consumers claim that authenticity is one of the key factors they consider when deciding which brands they like and support.
      Source: Business Wire

      56% of the final decision is based on having a strong emotional connection with the supplier.
      Source: B2B International

      64% of today's customers are belief-driven buyers; they want to support brands that "can be a powerful force for change."
      Source: Edelman

      "If people believe they share values with a company, they will stay loyal to the brand."
      – Howard Schultz
      Source: Lokus Design

      Double-down on digital

      Develop your digital presence and reach out to your target audiences through multiple touchpoints.

      Beyond engaging content, reaching the target audience requires brands to connect and interact with their audience in multiple ways so that potential buyers can form an opinion.

      With the right message consistently delivered across multiple channels, brands increase their reach, create a buzz around their brand and raise awareness.

      73% of today's consumers confirm they use more than one channel during a shopping journey
      Source: Harvard Business Review

      Platforms

      • Website and apps
      • Social media
      • Group discussions

      Multimedia

      • Webinars
      • Podcasts
      • Publication

      Campaign

      • Ads and advertising
      • Landing pages
      • Emails, surveys drip campaigns

      Network

      • Tradeshows, events, sponsorships
      • Conferences, speaking opportunities
      • Partners and influencers

      Use social media to connect

      Reach out to the masses with a social media presence.

      Social media platforms represent a cost-effective opportunity for businesses to connect and influence their audience and tell their story by posting relevant and search-engine-optimized content regularly on their account and groups. It's also a nice gateway to their website.

      Building a relationship with their target buyer through social media is also an easy way for businesses to:

      • Understand the buyers.
      • Receive feedback on how the buyers perceive the brand and how to improve it.
      • Show great user experience and responsiveness.
      • Build trust.
      • Create awareness.

      75% of B2B buyers and 84% of C-Suite executives use social media when considering a purchase
      Source: LinkedIn Business

      92% of B2B buyers use social media to connect with leaders in the sales industry.
      Source: Techjury

      With over 4.5 billion social media users worldwide, and 13 new users signing up to their first social media account every second, social media is fast becoming a primary channel of communication and social interaction for many.
      Source: McKinsey

      Become the expert subject matter

      Raise awareness with thought leadership content.

      Thought leadership is about building credibility
      by creating and publishing meaningful, relevant content that resonates with a target audience.
      Thought leaders write and publish all kinds of relevant content such as white papers, ebooks, case studies, infographics, video and audio content, webinars, and research reports.
      They also participate in speaking opportunities, live presentations, and other high-visibility forums.
      Well-executed thought leadership strategies contribute to:

      • Raise awareness.
      • Build credibility.
      • Be recognized as a subject expert matter.
      • Become an industry leader.

      60% of buyers say thought leadership builds credibility when entering a new category where the brand is not already known.
      Source: Edelman | LinkedIn

      70% of people would rather learn about a company through articles rather than advertising.
      Source: Brew Interactive

      57% of buyers say that thought leadership builds awareness for a new or little-known brand.
      Source: Edelman | LinkedIn

      To achieve best results

      • Know the buyers' persona and journey.
      • Create original content that matches the persona of the target audience and that is close to their values.
      • Be Truthful and insightful.
      • Find the right tone and balance between being human-centric, authoritative, and bold.
      • Be mindful of people's attention span and value their time.
      • Create content for each phase of the buyer's journey.
      • Ensure content is SEO, keyword-loaded, and add calls-to-action (CTAs).
      • Add reason to believe, data to support, and proof points.
      • Address the buyers' pain points in a unique way.

      Avoid

      • Focusing on product features and on selling.
      • Publishing generic content.
      • Using an overly corporate tone.

      Promote personal branding

      Rely on your most powerful brand ambassadors and influencers: your employees.

      The strength of personal branding is amplified when individuals and companies collaborate to pursue personal branding initiatives that offer mutual benefits. By training and positioning key employees as brand ambassadors and industry influencers, brands can boost their brand awareness through influencer marketing strategies.

      Personal branding, when well aligned with business goals, helps brands leverage their key employee's brands to:

      • Increase the organization's brand awareness.
      • Broaden their reach and circle of influence.
      • Show value, gain credibility, and build trust.
      • Stand out from the competition.
      • Build employee loyalty and pride.
      • Become a reference to other businesses.
      • Increase speaking opportunities.
      • Boost qualified leads and sales.

      About 90% of organizations' employee network tends to be completely new to the brand.
      Source: Everyone Social

      8X more engagement comes from social media content shared by employees rather than brand accounts.
      Source: Entrepreneur

      561% more reach when brand messages are shared by employees on social media, than the same message shared by the Brand's social media.
      Source: Entrepreneur

      "Personal branding is the art of becoming knowable, likable and trustable."
      Source: Founder Jar, John Jantsch

      Invest in B2B influencer marketing

      Broaden your reach and audiences by leveraging the voice of influencers.

      Influencers are trusted industry experts and analysts who buyers can count on to provide reliable information when looking to make a purchase.

      Influencer marketing can be very effective to reach new audiences, increase awareness, and build trust. But finding the right influencers with the level of credibility and visibility brands are expecting can sometimes be challenging.

      Search for influencers that have:

      • Relevance of audience and size.
      • Industry expertise and credibility.
      • Ability to create meaningful content (written, video, audio).
      • Charismatic personality with values consistent with the brand.
      • Frequent publications on at least one leading media platform.

      76% of people say that they trust content shared by people over a brand.
      Source: Adweek


      44% increased media mention of the brand using B2B influencer marketers.
      Source: TopRank Marketing

      Turn your customers into brand advocates

      Establish customer advocacy programs and deliver a great customer experience.

      Retain your customers and turn them into brand advocates by building trust, providing an exceptional experience, and most importantly, continuously delivering on the brand promise.

      Implement a strong customer advocacy program, based on personalized experiences, the value provided, and mutual exchange, and reap the benefits of developing and growing long-term relationships.

      92% of individuals trust word-of-mouth recommendations, making it one of the most trust-rich forms of advertising.
      Source: SocialToaster

      Word-of-mouth (advocacy) marketing increases marketing effectiveness by 54%
      Source: SocialToaster

      Make your brand known and make it stick in people's minds

      Building and maintaining high brand awareness requires that each individual within the organization carry and deliver the brand message clearly and consistently across all media whether in person, in written communications, or otherwise.

      To achieve this, brand leaders must first develop a powerful, researched narrative that people will embrace and convey, which requires careful preparation.

      Target market and audience intel

      • Target market Intel
      • Buyer persona and journey/pain points
      • Uniqueness and positioning

      Brand attributes

      • Values at the heart of the relationship
      • Brand's human attributes

      Brand visibly and recall

      • Digital and social media presence
      • Thought leadership
      • Personal branding
      • Influencer marketing

      Brand awareness building plan

      • Long-term awareness and multi-touchpoint approach
      • Monitoring and optimization

      Short and long-term benefits of increasing brand awareness

      Brands are built over the long term but the rewards are high.

      • Stronger brand perception
      • Improved engagement and brand associations
      • Enhanced credibility, reputation, and trust
      • Better connection with customers
      • Increased repeat business
      • High-quality leads
      • Higher and faster conversion rate
      • More sales closed/ deals won
      • Greater brand equity
      • Accelerated growth

      "Strong brands outperform their less recognizable competitors by as much as 73%."
      Source: McKinsey

      Brand awareness building

      Building brand awareness, even though immediate benefits are often difficult to see and measure, is essential for companies to stand out from their competitors and continue to grow in a sustainable way.

      To successfully raise awareness, brands need to have:

      • A longer-term vision and strategy.
      • Market Intelligence, a clear value proposition, and key differentiator.
      • Consistent, well-aligned messaging and storytelling.
      • Digital presence and content.
      • The ability to reach out through multiple touchpoints.
      • Necessary resources.

      Without brand awareness, brands become less attractive to buyers, talent, and investors, and their ability to grow, increase their market value, and be sustainable is reduced.

      Brand awareness building methodology

      Define brands' personality and message

      • Gather market intel and analyze the market.
      • Determine the value proposition and positioning.
      • Define the brand archetype and voice.
      • Craft a compelling brand message and story.
      • Get all the key elements of your brand guidelines.

      Start building brand awareness

      • Achieve strategy alignment and readiness.
      • Create and manage assets.
      • Deploy your tactics, assets, and workflows.
      • Establish key performance indicators (KPIs).
      • Monitor and optimize on an ongoing basis.

      Toolkit

      • Market and Influencing Factors Analysis
      • Recognition Survey and Best Practices
      • Buyer Personas and Journeys
      • Purpose, Mission, Vision, Values
      • Value Proposition and Positioning
      • Brand Message, Voice, and Writing Style
      • Brand Strategy and Tactics
      • Asset Creation and Management
      • Strategy Rollout Plan

      Short and long-term benefits of increasing brand awareness

      Increase:

      • Brand perception
      • Brand associations and engagement
      • Credibility, reputation, and trust
      • Connection with customers
      • Repeat business
      • Quality leads
      • Conversion rate
      • Sales closed / deals won
      • Brand equity and growth

      It typically takes 5-7 brand interactions before a buyer remembers the brand.
      Source: Startup Bonsai

      Who benefits from this brand awareness research?

      This research is being designed for:
      Brand and marketing leaders who:

      • Know that brand awareness is essential to the success of all marketing and sales activities.
      • Want to make their brand unique, recognizable, meaningful, and highly visible.
      • Seek to increase their digital presence, connect and engage with their target audience.
      • Are looking at reaching a new segment of the market.

      This research will also assist:

      • Sales with qualified lead generation and customer retention and loyalty.
      • Human Resources in their efforts to attract and retain talent.
      • The overall business with growth and increased market value.

      This research will help you:

      • Gain market intelligence and a clear understanding of the target audience's needs and trends, competitive advantage, and key differentiator.
      • The ability to develop clear and compelling, human-centric messaging and compelling story driven by brand values.
      • Increase online presence and brand awareness activities to attract and engage with buyers.
      • Develop a long-term brand awareness strategy and deployment plan.

      This research will help them:

      • Increase campaign ROI.
      • Develop a longer-term vision and benefits of investing in longer-term initiatives.
      • Build brand equity and increase business valuation.
      • Grow your business in a more sustainable way.

      SoftwareReviews' brand awareness building methodology

      Phase 1 Define brands' personality and message

      Phase 2 Start building brand awareness

      Phase steps

      1.1 Gather market intelligence and analyze the market.

      1.2 Develop and document the buyer's persona and journey.

      1.3 Uncover the brand mission, vision statement, core values, value proposition and positioning.

      1.4 Define the brand's archetype and tone of voice, then craft a compelling brand messaging.

      2.1 Achieve strategy alignment and readiness.

      2.2 Create assets and workflows and deploy tactics.

      2.3 Establish key performance indicators (KPIs), monitor, and optimize on an ongoing basis.

      Phase outcomes
      • Target market and audience are identified and documented.
      • A clear value proposition and positioning are determined.
      • The brand personality, voice, and messaging are developed.
      • All the key elements of the brand guidelines are in place and ready to use, along with the existing logo, typography, color palette, and imagery.
      • A comprehensive and actionable brand awareness strategy, with tactics, KPIs, and metrics, is set and ready to execute.
      • A progressive and effective deployment plan with deliverables, timelines, workflows, and checklists is in place.
      • Resources are assigned.

      Insight summary

      Brands to adapt their strategies to achieve longer-term growth
      Brands must adapt and adjust their strategies to attract informed buyers who have access to a wealth of products, services, and brands from all over. Building brand awareness, even though immediate benefits are often difficult to see and measure, has become essential for companies that want to stand out from their competitors and continue to grow in a sustainable way.

      A more human-centric approach
      Brand personalities matter. Brands placing human values at the heart of the customer-brand relationship will drive interest in their brand and build trust with their target audience.

      Stand out from the crowd
      Brands that develop and promote a clear and consistent message across all platforms and channels, along with a unique value proposition, stand out from their competitors and get noticed.

      A multi-touchpoints strategy
      Engage buyers with relevant content across multiple media to address their pain points. Analyze touchpoints to determine where to invest your efforts.

      Going social
      Buyers expect brands to be active and responsive in their interactions with their audience. To build awareness, brands are expected to develop a strong presence on social media by regularly posting relevant content, engaging with their followers and influencers, and using paid advertising. They also need to establish thought leadership through content such as white papers, case studies, and webinars.

      Thought leaders wanted
      To enhance their overall brand awareness strategy, organizations should consider developing the personal brand of key executives. Thought leadership can be a valuable method to gain credibility, build trust, and drive conversion. By establishing thought leadership, businesses can increase brand mentions, social engagement, website traffic, lead generation, return on investment (ROI), and Net Promoter Score (NPS).

      Save time and money with SoftwareReviews' branding advice

      Collaborating with SoftwareReviews analysts for inquiries not only provides valuable advice but also leads to substantial cost savings during branding activities, particularly when partnering with an agency.

      Guided Implementation Purpose Measured Value
      Build brands' personality and message Get the key elements of the brand guidelines in place and ready to use, along with your existing logo, typography, color palette, and imagery, to ensure consistency and clarity across all brand touchpoints from internal communication to customer-facing materials. Working with SoftwareReviews analysts to develop brand guidelines saves costs compared to hiring an agency.

      Example: Building the guidelines with an agency will take more or less the same amount of time and cost approximately $80K.
      Start building brand awareness Achieve strategy alignment and readiness, then deploy tactics, assets, and other deliverables. Start building brand awareness and reap the immediate and long-term benefits.

      Working with SoftwareReviews analysts and your team to develop a long-term brand strategy and deployment will cost you less than a fraction of the cost of using an agency.

      Example: Developing and executing long-term brand awareness strategies with an agency will cost between $50-$75K/month over a 24-month period minimum.

      Guided Implementation

      What does a typical GI on this topic look like?

      Phase 1

      Build brands' personality and message

      Phase 2

      Start building brand awareness
      • Call #1: Discuss concept and benefits of building brand awareness. Identify key stakeholders. Anticipate concerns and objections.
      • Call #2: Discuss target market intelligence, information gathering, and analysis.
      • Call #3: Review market intelligence information. Address questions or concerns.
      • Call #4: Discuss value proposition and guide to find positioning and key differentiator.
      • Call #5: Review value proposition. Address questions or concerns.
      • Call #6: Discuss how to build a comprehensive brand awareness strategy using SR guidelines and template.
      • Call #7: Review strategy. Address questions or concerns.
      • Call #8: Second review of the strategy. Address questions or concerns.
      • Call #9 (optional): Third review of the strategy. Address questions or concerns.
      • Call #10: Discuss how to build the Execution Plan using SR template.
      • Call #11: Review Execution Plan. Address questions or concerns.
      • Call #12: Second review of the Execution Plan. Address questions or concerns.
      • Call #13 (optional): Third review of the Execution Plan. Address questions or concerns.
      • Call #14: Discuss how to build a compelling storytelling and content creation.
      • Call #15: Discuss website and social media platforms and other initiatives.
      • Call #16: Discuss marketing automation and continuous monitoring.
      • Call #17 (optional): Discuss optimization and reporting
      • Call #18: Debrief and determine how we can help with next steps.

      A Guided Implementation (GI) is a series of calls with a SoftwareReviews Marketing Analyst to help implement our best practices in your organization.

      Your engagement managers will work with you to schedule analyst calls.

      Brand awareness building tools

      Each step of this blueprint comes with tools to help you build brand awareness.

      Brand Awareness Tool Kit

      This kit includes a comprehensive set of tools to help you better understand your target market and buyers, define your brand's personality and message, and develop an actionable brand awareness strategy, workflows, and rollout plan.

      The set includes these templates:
      • Market and Influencing Factors Analysis
      • Recognition Survey and Best Practices
      • Buyer Personas and Journeys
      • Purpose, Mission, Vision, and Values
      • Value Proposition and Positioning
      • Brand Message, Voice, and Writing Style
      • Brand Strategy and Tactics
      • Asset Creation and Management
      • Strategy Rollout Plan
      		An image of a series of screenshots from the templates listed in the column to the left of this image.

      Get started!

      Know your target market and audience, deploy well-designed strategies based on shared values, and make meaningful connections with people.

      Phase 1

      Define brands' personality and message

      Phase 2

      Start building brand awareness

      Phase 1

      Define brands' personality and message

      Steps

      1.1 Gather market intelligence and analyze the market.
      1.2 Develop and document the buyer's persona and journey.
      1.3 Uncover the brand mission, vision statement, core values, positioning, and value proposition.
      1.4 Define the brand's archetype and tone of voice, then craft a compelling brand messaging.

      Phase outcome

      • Target market and audience are identified and documented.
      • A clear value proposition and positioning are determined.
      • The brand personality, voice, and messaging are developed.
      • All the key elements of the brand guidelines are in place. and ready to use, along with the existing logo, typography, color palette, and imagery..

      Build brands' personality and message

      Step 1.1 Gather market intelligence and analyze the market.

      Total duration: 2.5-8 hours

      Objective

      Analyze and document your competitive landscape, assess your strengths, weaknesses, opportunities,
      and threats, gauge the buyers' familiarity with your brand, and identify the forces of influence.

      Output

      This exercise will allow you to understand your market and is essential to developing your value proposition.

      Participants

      • Head of branding and key stakeholders

      MarTech
      May require you to:

      • Register to a Survey Platform.
      • Use, setup, or install platforms like CRM and/or Marketing Automation Platform.

      Tools

      1.1.1 SWOT and competitive landscape

      (60-120 min.)

      Analyze & Document

      Follow the instructions in the Market Analysis Template to complete the SWOT and Competitive Analysis, slides 4 to 7.

      1.1.3 Internal and External Factors

      (30-60 min.)

      Analyze

      Follow the instructions in the External and Internal Factors Analysis Template to perform the PESTLE, Porter's 5 Forces, and Internal Factors and VRIO Analysis.

      Transfer

      Transfer key information into slides 10 and 11 of the Market Analysis Template.

      Consult SoftwareReviews website to find the best survey and MarTech platforms or contact one of our analysts for more personalized assistance and guidance

      1.1.2 Brand recognition

      (60-300 min.)

      Prep

      Adapt the survey and interview questions in the Brand Recognition Survey Questionnaire and List Template.

      Determine how you will proceed to conduct the survey and interviews (internal or external resources, and tools).

      Refer to the Survey Emails Best Practices Guidelines for more information on how to conduct email surveys.

      Collect & Analyze

      Use the Brand Recognition Survey Questionnaire and List Template to build your list, conduct the survey /interviews, and collect and analyze the feedback received.

      Transfer

      Transfer key information into slides 8 and 9 of the Market Analysis Template.

      Brand performance diagnostic

      Have you considered diagnosing your brand's current performance before you begin building brand awareness?

      Audit your brand using the Diagnose Brand Health to Improve Business Growth blueprint.Collect and interpret qualitative and quantitative brand performance measures.

      The toolkit includes the following templates:

      • Surveys and interviews questions and lists
      • External and internal factor analysis
      • Digital and financial metrics analysis

      Also included is an executive presentation template to communicate the results to key stakeholders and recommendations to fix the uncovered issues.

      Build brands' personality and message

      Step 1.2 Develop and document the buyer's persona and journey.

      Total duration: 4-8 hours

      Objective

      Gather existing and desired customer insights and conduct market research to define and personify your buyers' personas and their buying behaviors.

      Output

      Provide people in your organization with clear direction on who your target buyers are and guidance on how to effectively reach and engage with them throughout their journey.
      Participants

      • Head of branding
      • Key stakeholders from sales and product marketing

      MarTech
      May require you to:

      • Register to an Online Survey Platform (free version or subscription).
      • Use, setup, or installation of platforms like CRM and/or Marketing Automation Platform.

      Tools

      1.2.1 Buyer Personas and Journeys

      (240-280 min.)

      Research

      Identify your tier 1 to 3 customers using the Ideal Client Profile (ICP) Workbook. (Recommended)

      Survey and interview existing and desired customers based using the Buyer Persona and Journey Interview Guide and Data Capture Tool. (Recommended)

      Create

      Define and document your tier 1 to 3 Buyer Personas and Journeys using the Buyer Personas and Journeys Presentation Template.

      Consult SoftwareReviews website to find the best survey platform for your needs or contact one of our analysts for more personalized assistance and guidance

      Buyer Personas and Journeys

      A well-defined buyer persona and journey is a great way for brands to ensure they are effectively reaching and engaging their ideal buyers through a personalized buying experience.

      When properly documented, it provides valuable insights about the ideal customers, their needs, challenges, and buying decision processes allowing the development of initiatives that correspond to the target buyers.

      Build brands' personality and message

      Step 1.3 Uncover the brand mission, vision statement, core values, value proposition, and positioning.

      Total duration: 4-5.5 hours

      Objective
      Define the "raison d'être" and fundamental principles of your brand, your positioning in the marketplace, and your unique competitive advantage.

      Output
      Allows everyone in an organization to understand and align with the brand's raison d'être beyond the financial dimension, its current positioning and objectives, and how it intends to achieve them.
      It also serves to communicate a clear and appealing value proposition to buyers.

      Participants

      • Head of branding
      • Chief Executive Officer (CEO)
      • Key stakeholders

      Tools

      • Brand Purpose, Mission, Vision, and Values Template
      • Value Proposition and Positioning Statement Template

      1.3.1 Brand Purpose, Mission, Vision, and Values

      (90-120 min.)

      Capture or Develop

      Capture or develop, if not already existing, your brand's purpose, mission, vision statement, and core values using slides 4 to 7 of the Brand Purpose, Mission, Vision, and Values Template.

      1.3.2 Brand Value Proposition and Positioning

      (150-210 min.)

      Define

      Map the brand value proposition using the canvas on slide 5 of the Value Proposition and Positioning Statement Template, and clearly articulate your value proposition statement on slide 4.

      Optional: Use canvas on slide 7 to develop product-specific product value propositions.

      On slide 8 of the same template, develop your brand positioning statement.

      Build brands' personality and message

      Steps 1.4 Define the brand's archetype and tone of voice, and craft a compelling brand messaging.

      Total duration: 5-8 hours

      Objective

      Define your unique brand voice and develop a set of guidelines, brand story, and messaging to ensure consistency across your digital and non-digital marketing and communication assets.
      Output

      A documented brand personality and voice, as well as brand story and message, will allow anyone producing content or communicating on behalf of your brand to do it using a unique and recognizable voice, and convey the right message.

      Participants

      • Head of branding
      • Content specialist
      • Chief Executive Officer and other key stakeholders

      Tools

      • Brand Voice Guidelines Template
      • Writing Style Guide Template
      • Brand Messaging Template
      • Writer Checklist Template

      1.4.1 Brand Archetype and Tone of Voice

      (120-240 min.)

      Define and document

      Refer to slides 5 and 6 of the Brand Voice Guidelines Template to define your brand personality (archetype), slide 7.

      Use the Brand Voice Guidelines Template to define your brand tone of voice and characteristics on slides 8 and 9, based on the 4 primary tone of voice dimensions, and develop your brand voice chart, slide 9.

      Set Rules

      In the Writing Style Guide template, outline your brand's writing principles, style, grammar, punctuation, and number rules.

      1.4.2 Brand Messaging

      (180-240 min.)

      Craft

      Use the Brand Messaging template, slides 4 to 7, to craft your brand story and message.

      Audit

      Create a content audit to review and approve content to be created prior to publication, using the Writer's Checklist template.

      Important Tip!

      A consistent brand voice leads to remembering and trusting the brand. It should stand out from the competitors' voices and be meaningful to the target audience. Once the brand voice is set, avoid changing it.

      Phase 2

      Start building brand awareness

      Steps

      2.1 Achieve strategy alignment and readiness.
      2.2 Create assets and workflows, and deploy tactics.
      2.3 Establish key performance indicators (KPIs), monitor, and optimize on an ongoing basis.

      Phase outcome

      • A comprehensive and actionable brand awareness strategy, with tactics, KPIs, and metrics, is set and ready to execute.
      • A progressive and effective deployment plan with deliverables, timelines, workflows, and checklists is in place.
      • Resources are assigned.

      Start building brand awareness

      Step 2.1 Achieve strategy readiness and alignment.

      Total duration: 4-5 hours

      Objective

      Now that you have all the key elements of your brand guidelines in place, in addition to your existing logo, typography, color palette, and imagery, you can begin to build brand awareness.

      Start planning to build brand awareness by developing a comprehensive and actionable brand awareness strategy with tactics that align with the company's purpose and objectives. The strategy should include achievable goals and measurables, budget and staffing considerations, and a good workload assessment.

      Output

      A comprehensive long-term, actionable brand awareness strategy with KPIs and measurables.

      Participants

      • Head of branding
      • Key stakeholders

      Tools

      • Brand Awareness Strategy and Tactics Template

      2.1.1 Brand Awareness Analysis

      (60-120 min.)

      Identify

      In slide 5 of the Brand Awareness Strategy and Tactics Template, identify your top three brand awareness drivers, opportunities, inhibitors, and risks to help you establish your strategic objectives in building brand awareness.

      2.1.2 Brand Awareness Strategy

      (60-120 min.)

      Elaborate

      Use slides 6 to 10 of the Brand Awareness Strategy and Tactics Template to elaborate on your strategy goals, key issues, and tactics to begin or continue building brand awareness.

      2.1.3 Brand Awareness KPIs and Metrics

      (180-240 min.)

      Set

      Set the strategy performance metrics and KPIs on slide 11 of the Brand Awareness Strategy and Tactics Template.

      Monitor

      Once you start executing the strategy, monitor and report each quarter using slides 13 to 15 of the same document.

      Understanding the difference between strategies and tactics

      Strategies and tactics can easily be confused, but although they may seem similar at times, they are in fact quite different.

      Strategies and tactics are complementary.

      A strategy is a plan to achieve specific goals, while a tactic is a concrete action or set of actions used to implement that strategy.

      To be effective, brand awareness strategies should be well thought-out, carefully planned, and supported by a series of tactics to achieve the expected outcomes.

      Start building brand awareness

      Step 2.2 Create assets and workflows and deploy tactics.

      Total duration: 3.5-4.5 hours

      Objective

      Build a long-term rollout with deliverables, milestones, timelines, workflows, and checklists. Assign resources and proceed to the ongoing development of assets. Implement, manage, and continuously communicate the strategy and results to key stakeholders.

      Output

      Progressive and effective development and deployment of the brand awareness-building strategy and tactics.

      Participants

      • Head of branding

      Tools

      • Asset Creation and Management List
      • Campaign Workflows Template
      • Brand Awareness Strategy Rollout Plan Template

      2.2.1 Assets Creation List

      (60-120 min.)

      Inventory

      Inventory existing assets to create the Asset Creation and Management List.

      Assign

      Assign the persons responsible, accountable, consulted, and informed of the development of each asset, using the RACI model in the template. Ensure you identify and collaborate with the right stakeholders.

      Prioritize

      Prioritize and add release dates.

      Communicate

      Update status and communicate regularly. Make the list with links to the assets available to the extended team to consult as needed.

      2.2.2 Rollout Plan

      (60-120 min.)

      Inventory

      Map out your strategy deployment in the Brand Awareness Strategy Rollout Plan Template and workflow in the Campaign Workflow Template.

      Assign

      Assign the persons responsible, accountable, consulted, and informed for each tactic, using the RACI model in the template. Ensure you identify and collaborate with the right stakeholders.

      Prioritize

      Prioritize and adjust the timeline accordingly.

      Communicate

      Update status and communicate regularly. Make the list with links to the assets available to the extended team to consult as needed.

      Band Awareness Strategy Rollout Plan
      A strategy rollout plan typically includes the following:

      • Identifying a cross-functional team and resources to develop the assets and deploy the tactics.
      • Listing the various assets to create and manage.
      • A timeline with key milestones, deadlines, and release dates.
      • A communication plan to keep stakeholders informed and aligned with the strategy and tactics.
      • Ongoing performance monitoring.
      • Constant adjustments and improvements to the strategy based on data collected and feedback received.

      Start building brand awareness

      Step 2.3 Establish key performance indicators (KPIs), monitor, and optimize on an ongoing basis.

      Total duration: 3.5-4.5 hours

      Objective

      Brand awareness is built over a long period of time and must be continuously monitored in several ways. Measuring and monitoring the effectiveness of your brand awareness activities will allow you to constantly adjust your tactics and continue to build awareness.

      Output

      This step will provide you with a snapshot of your current level of brand awareness and interactions with the brand, and allow you to set up the tools for ongoing monitoring and optimization.

      Participants

      • Head of branding
      • Digital marketing manager

      MarTech
      May require you to:

      • Register to an Online Survey Platform(free version or subscription), or
      • Use, setup, or installation of platforms like CRM and/or Marketing Automation Platform.
      • Use Google Analytics or other tracking tools.
      • Use social media and campaign management tools.

      Tools

      • Brand Awareness Strategy and Tactics Template

      2.2.2 Rollout Plan

      (60-120 min.)

      Measure

      Monitor and record the strategy performance metrics in slides 12 to 15 of the Brand Awareness Strategy and Tactics template, and gauge its performance against preset KPIs in slide 11. Make ongoing improvements to the strategy and assets.

      Communicate

      The same slides in which you monitor strategy performance can be used to report on the results of the current strategy to key stakeholders on a monthly or quarterly basis, as appropriate.

      Take this opportunity to inform stakeholders of any adjustments you plan to make to the existing plan to improve its performance. Since brand awareness is built over time, be sure to evaluate the results based on how long the strategy has been in place before making major changes.

      Consult SoftwareReviews website to find the best survey, brand monitoring and feedback, and MarTech platforms, or contact one of our analysts for more personalized assistance and guidance

      Measuring brand strategy performance
      There are two ways to measure and monitor your brand's performance on an ongoing basis.

      • By registering to brand monitoring and feedback platforms and tools like Meltwater, Hootsuite, Insights, Brand24, Qualtrics, and Wooltric.
      • Manually, using native analytics built in the platforms you're already using, such as Google and Social Media Analytics, or by gathering customer feedback through surveys, or calculating CAC, ROI, and more in spreadsheets.

      SoftwareReviews can help you choose the right platform for your need. We also equip you with manual tools, available with the Diagnose Brand Health to Improve Business Growthblueprint to measure:

      • Surveys and interviews questions and lists.
      • External and internal factor analysis.
      • Digital and financial metrics analysis.
      • Executive presentation to report on performance.

      Related SoftwareReviews research

      An image of the title page for SoftwareReviews Create a Buyer Persona and Journey. An image of the title page for SoftwareReviews Diagnose Brand Health to Improve Business Growth.

      Create a Buyer Persona and Journey

      Get deeper buyer understanding and achieve product-market fit, with easier access to market and sales

      • Reduce time and resources wasted chasing the wrong prospects.
      • Increase open and click-through rates.
      • Perform more effective sales discovery.
      • Increase win rate.

      Diagnose Brand Health to Improve Business Growth

      Have a significant and well-targeted impact on business success and growth by knowing how your brand performs, identifying areas of improvement, and making data-driven decisions to fix them.

      • Increase brand awareness and equity.
      • Build trust and improve customer retention and loyalty.
      • Achieve higher and faster growth.

      Bibliography

      Aaker, David. "Managing Brand Equity." Simon & Schuster, 1991.
      "6 Factors for Brands to Consider While Designing Their Communication." Lokus Design, 23 Sept. 2022.
      "20 Advocacy Marketing Statistics You Need to Know." Social Toaster, n.d.
      Bazilian, Emma. "How Millennials and Baby Boomers Consume User-Generated Content And what brands can learn from their preferences." Adweek, January 2, 2017.
      B2B International, a Gyro: company, B2B Blog - Why Human-To-Human Marketing Is the Next Big Trend in a Tech-Obsessed World.
      B2B International, a Gyro: company, The State of B2B Survey 2019 - Winning with Emotions: How to Become Your Customer's First Choice.
      Belyh, Anastasia. "Brand Ambassador 101:Turn Your Personal Brand into Cash." Founder Jar, December 6, 2022.
      Brand Master Academy.com.
      Businesswire, a Berkshire Hathaway Company, "Stackla Survey Reveals Disconnect Between the Content Consumers Want & What Marketers Deliver." February 20, 2019.
      Chamat, Ramzi. "Visual Design: Why First Impressions Matter." 8 Ways, June 5, 2019.
      Cognism. "21 Tips for Building a LinkedIn Personal Brand (in B2B SaaS)."
      Curleigh, James. "How to Enhance and Expand a Global Brand." TED.
      "2019 Edelman Trust Barometer." Edelman.
      Erskine, Ryan. "22 Statistics That Prove the Value of Personal Branding." Entrepreneur, September 13, 2016.
      Forbes, Steve. "Branding for Franchise Success: How To Achieve And Maintain Brand Consistency Across A Franchise Network?" Forbes, 9 Feb. 2020.
      Godin, Seth. "Define: Brand." Seth's Blog, 30 Dec. 2009,
      Houragan, Stephen. "Learn Brand Strategy in 7 Minutes (2023 Crash Course)." YouTube.
      Jallad, Revecka. "To Convert More Customers, Focus on Brand Awareness." Forbes, October 22, 2019.
      Kingsbury, Joe, et al. "2021 B2B Thought Leadership Impact Study." Edelman, 2021.
      Kunsman, Todd. "The Anatomy of an Employee Influencer." EveryoneSocial, September 8, 2022.
      Landor, Walter. A Brand New World: The Fortune Guide to the 21st Century. Time Warner Books, 1999.
      Liedke, Lindsay. "37+ Branding Statistics For 2023: Stats, Facts & Trends." Startup Bonsai, January 2, 2023.
      Millman, Debbie. "How Symbols and Brands Shape our Humanity." TED, 2019.
      Nenova, Velina. "21 Eye-Opening B2B Marketing Statistics to Know in 2023." Techjury, February 9, 2023.
      Perrey, Jesko et al., "The brand is back: Staying relevant in an accelerating age." McKinsey & Company, May 1, 2015.
      Schaub, Kathleen. "Social Buying Meets Social Selling: How Trusted Networks Improve the Purchase Experience." LinkedIn Business, April 2014.
      Sopadjieva, Emma et al. "A Study of 46,000 Shoppers Shows That Omnichannel Retailing Works." Harvard Business Review, January 3, 2017.
      Shaun. "B2B Brand Awareness: The Complete Guide 2023." B2B House. 2023.
      TopRank Marketing, "2020 State of B2B Influencer Marketing Research Report." Influencer Marketing Report.

      z-Series Modernization and Migration

      • Buy Link or Shortcode: {j2store}114|cart{/j2store}
      • member rating overall impact: N/A
      • member rating average dollars saved: N/A
      • member rating average days saved: N/A
      • Parent Category Name: Strategy and Organizational Design
      • Parent Category Link: /strategy-and-organizational-design

      Under the best of circumstances, mainframe systems are complex, expensive, and difficult to scale. In today’s world, applications written for mainframe legacy systems also present significant operational challenges to customers compounded by the dwindling pool of engineers who specialize in these outdated technologies. Many organizations want to migrate their legacy applications to the cloud but to do so they need to go through a lengthy migration process that is made more challenging by the complexity of mainframe applications.

      Our Advice

      Critical Insight

      The most common tactic is for the organization to better realize their z/Series options and adopt a strategy built on complexity and workload understanding. To make the evident, obvious, the options here for the non-commodity are not as broad as with commodity server platforms and the mainframe is arguably the most widely used and complex non-commodity platform on the market.

      Impact and Result

      This research will help you:

      • Evaluate the future viability of this platform.
      • Assess the fit and purpose, and determine TCO
      • Develop strategies for overcoming potential challenges.
      • Determine the future of this platform for your organization.

      z/Series Modernization and Migration Research & Tools

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. z/Series Modernization and Migration Guide – A brief deck that outlines key migration options and considerations for the z/Series platform.

      This blueprint will help you assess the fit, purpose, and price; develop strategies for overcoming potential challenges; and determine the future of z/Series for your organization.

      • z/Series Modernization and Migration Storyboard

      2. Scale Up vs. Scale Out TCO Tool – A tool that provides organizations with a framework for TCO.

      Use this tool to play with the pre-populated values or insert your own amounts to compare possible database decisions, and determine the TCO of each. Note that common assumptions can often be false; for example, open-source Cassandra running on many inexpensive commodity servers can actually have a higher TCO over six years than a Cassandra environment running on a larger single expensive piece of hardware. Therefore, calculating TCO is an essential part of the database decision process.

      • Scale Up vs. Scale Out TCO Tool
      [infographic]

      Further reading

      z/Series Modernization and Migration

      The biggest migration is yet to come.

      Executive Summary

      Info-Tech Insight

      “A number of market conditions have coalesced in a way that is increasingly driving existing mainframe customers to consider running their application workloads on alternative platforms. In 2020, the World Economic Forum noted that 42% of core skills required to perform existing jobs are expected to change by 2022, and that more than 1 billion workers need to be reskilled by 2030.” – Dale Vecchio

      Your Challenge

      It seems like anytime there’s a new CIO who is not from the mainframe world there is immediate pressure to get off this platform. However, just as there is a high financial commitment required to stay on System Z, moving off is risky and potentially more costly. You need to truly understand the scale and complexity ahead of the organization.

      Common Obstacles

      Under the best of circumstances, mainframe systems are complex, expensive, and difficult to scale. In today’s world, applications written for mainframe legacy systems also present significant operational challenges to customers compounded by the dwindling pool of engineers who specialize in these outdated technologies. Many organizations want to migrate their legacy applications to the cloud, but to do so they need to go through a lengthy migration process that is made more challenging by the complexity of mainframe applications.

      Info-Tech Approach

      The most common tactic is for the organization to better realize its z/Series options and adopt a strategy built on complexity and workload understanding. To make the evident, obvious: the options here for the non-commodity are not as broad as with commodity server platforms and the mainframe is arguably the most widely used and complex non-commodity platform on the market.

      Review

      We help IT leaders make the most of their z/Series environment

      Problem statement:

      The z/Series remains a vital platform for many businesses and continues to deliver exceptional reliability and performance and play a key role in the enterprise. With the limited and aging resources at hand, CIOs and the like must continually review and understand their migration path with the same regard as any other distributed system roadmap.

      This research is designed for:

      IT strategic direction decision makers.

      IT managers responsible for an existing z/Series platform.

      Organizations evaluating platforms for mission critical applications.

      This research will help you:

      1. Evaluate the future viability of this platform.
      2. Assess the fit and purpose, and determine TCO.
      3. Develop strategies for overcoming potential challenges.
      4. Determine the future of this platform for your organization.

      Analyst Perspective

      Good Luck.

      Darin Stahl.

      Modernize the mainframe … here we go again.

      Prior to 2020, most organizations were muddling around in “year eleven of the four-year plan” to exit the mainframe platform where a medium-term commitment to the platform existed. Since 2020, it appears the appetite for the mainframe platform changed. Again. Discussions mostly seem to be about what the options are beyond hardware outsourcing or re-platforming to “cloud” migration of workloads – mostly planning and strategy topics. A word of caution: it would appear unwise to stand in front of the exit door for fear of being trampled.

      Hardware expirations between now and 2025 are motivating hosting deployments. Others are in migration activities, and some have already decommissioned and migrated but now are trying to rehab the operations team now lacking direction and/or structure.

      There is little doubt that modernization and “digital transformation” trends will drive more exit traffic, so IT leaders who are still under pressure to get off the platform need to assess their options and decide. Being in a state of perpetually planning to get off the mainframe handcuffs your ability to invest in the mainframe, address deficiencies, and improve cost-effectiveness.

      Darin Stahl
      Principal Research Advisor, Infrastructure & Operations Research
      Info-Tech Research Group

      The mainframe “fidget spinner”

      Thinking of modernizing your mainframe can cause you angst so grab a fidget spinner and relax because we have you covered!

      External Business Pressures:

      • Digital transformation
      • Modernization programs
      • Compliance and regulations
      • TCO

      Internal Considerations:

      • Reinvest
      • Migrate to a new platform
      • Evaluate public and vendor cloud alternatives
      • Hosting versus infrastructure outsourcing

      Info-Tech Insight

      With multiple control points to be addressed, care must be taken to simplify your options while addressing all concerns to ease operational load.

      The analyst call review

      “Who has Darin talked with?” – Troy Cheeseman

      Dating back to 2011, Darin Stahl has been the primary z/Series subject matter expert within the Infrastructure & Operations Research team. Below represents the percentage of calls, per industry, where z/Series advisory has been provided by Darin*:

      37% - State Government

      19% - Insurance

      11% - Municipality

      8% - Federal Government

      8% - Financial Services

      5% - Higher Education

      3% - Retail

      3% - Hospitality/Resort

      3% - Logistics and Transportation

      3% - Utility

      Based on the Info-Tech call history, there is a consistent cross section of industry members who not only rely upon the mainframe but are also considering migration options.

      Note:

      Of course, this only represents industries who are Info-Tech members and who called for advisory services about the mainframe.

      There may well be more Info-Tech members with mainframes who have no topic to discuss with us about the mainframe specifically. Why do we mention this?

      We caution against suggesting things like, ”somewhat less than 50% of mainframes live in state data centers” or any other extrapolated inference from this data.

      Our viewpoint and discussion is based on the cases and the calls that we have taken over the years.

      *37+ enterprise calls were reviewed and sampled.

      Scale out versus scale up

      For most workloads “scale out" (e.g. virtualized cloud or IaaS ) is going to provide obvious and quantifiable benefits.

      However, with some workloads (extremely large analytics or batch processing ) a "scale up" approach is more optimal. But the scale up is really limited to very specific workloads. Despite some assumptions, the gains made when moving from scale up to scale out are not linear.

      Obviously, when you scale out from a performance perspective you experience a drop in what a single unit of compute can do. Additionally, there will be latency introduced in the form of network overhead, transactions, and replication into operations that were previously done just bypassing object references within a single frame.

      Some applications or use cases will have to be architected or written differently (thinking about the high-demand analytic workloads at large scale). Remember the “grid computing” craze that hit us during the early part of this century? It was advantageous for many to distribute work across a grid of computing devices for applications but the advantage gained was contingent on the workload able to be parsed out as work units and then pulled back together through the application.

      There can be some interesting and negative consequences for analytics or batch operations in a large scale as mentioned above. Bottom line, as experienced previously with Microfocus mainframe ports to x86, the batch operations simply take much longer to complete.

      Big Data Considerations*:

      • Value: Data has no inherent value until it’s used to solve a business problem.
      • Variety: The type of data being produced is increasingly diverse and ranges from email and social media to geo-spatial and photographic data. This data may be difficult to process using a structured data model.
      • Volume: The sheer size of the datasets is growing exponentially, often ranging from terabytes to petabytes. This is complicating traditional data management strategies.
      • Velocity: The increasing speed at which data is being collected and processed is also causing complications. Big data is often time sensitive and needs to be captured in real time as it is streaming into the enterprise.

      *Build a Strategy for Big Data Platforms

      Consider your resourcing

      Below is a summary of concerns regarding core mainframe skills:

      1. System Management (System Programmers): This is the most critical and hard-to-replace skill since it requires in-depth low-level knowledge of the mainframe (e.g. at the MVS level). These are skills that are generally not taught anymore, so there is a limited pool of experienced system programmers.
      2. Information Management System (IMS) Specialists: Requires a combination of mainframe knowledge and data analysis skills, which makes this a rare skill set. This is becoming more critical as business intelligence takes on an ever-increasing focus in most organizations.
      3. Application Development: The primary concern here is a shortage of developers skilled in older languages such as COBOL. It should be noted that this is an application issue; for example, this is not solved by migrating off mainframes.
      4. Mainframe Operators: This is an easier skill set to learn, and there are several courses and training programs available. An IT person new to mainframes could learn this position in about six weeks of on-the-job training.
      5. DB2 Administration: Advances in database technology have simplified administration (not just for DB2 but also other database products). As a result, as with mainframe operators, this is a skill set that can be learned in a short period of time on the job.

      The Challenge

      An aging workforce, specialized skills, and high salary expectations

      • Mainframe specialists, such as system programmers and IMS specialists, are typically over 50, have a unique skill set, and are tasked with running mission-critical systems.

      The In-House Solution:

      Build your mentorship program to create a viable succession plan

      • Get your money’s worth out of your experienced staff by having them train others.
      • Operator skills take about six weeks to learn. However, it takes about two years before a system programmer trainee can become fully independent. This is similar to the learning curve for other platforms; however, this is a more critical issue for mainframes since organizations have far fewer mainframe specialists to fall back on when senior staff retire or move on.

      Understand your options

      Migrate to another platform

      Use a hosting provider

      Outsource

      Re-platform (cloud/vendors)

      Reinvest

      There are several challenges to overcome in a migration project, from finding an appropriate alternative platform to rewriting legacy code. Many organizations have incurred huge costs in the attempt, only to be unsuccessful in the end, so make this decision carefully.

      Organizations often have highly sensitive data on their mainframes (e.g. financial data), so many of these organizations are reluctant to have this data live outside of their four walls. However, the convenience of using a hosting provider makes this an attractive option to consider.

      The most common tactic is for the organization to adopt some level of outsourcing for the non-commodity platform, retaining the application support/development in-house.

      A customer can “re-platform” the non-commodity workload into public cloud offerings or in a few offerings
      “re-host.”

      If you’re staying with the mainframe and keeping it in-house, it’s important to continue to invest in this platform, keep it current, and look for opportunities to optimize its value.

      Migrate

      Having perpetual plans to migrate handcuffs your ability to invest in your mainframe, extend its value, and improve cost effectiveness.

      If this sounds like your organization, it’s time to do the analysis so you can decide and get clarity on the future of the mainframe in your organization.

      1. Identify current performance, availability, and security requirements. Assess alternatives based on this criteria.
      2. Review and use Info-Tech’s Mainframe TCO Comparison Tool to compare mainframe costs to the potential alternative platform.
      3. Assess the business risks and benefits. Can the alternative deliver the same performance, reliability, and security? If not, what are the risks? What do you gain by migrating?
      4. If migration is still a go, evaluate the following:
      • Do you have the expertise or a reliable third party to perform the migration, including code rewrites?
      • How long will the migration take? Can the business function effectively during this transition period?
      • How much will the migration cost? Is the value you expect to gain worth the expense?

      *3 of the top 4 challenges related to shortfalls of alternative platforms

      The image contains a bar graph that demonstrates challenges related to shortfalls of alternative platforms.

      *Source: Maximize the Value of IBM Mainframes in My Business

      Hosting

      Using a hosting provider is typically more cost-effective than running your mainframe in-house.

      Potential for reduced costs

      • Hosting enables you to reduce or eliminate your mainframe staff.
      • Economies of scale enable hosting providers to reduce software licensing costs. They also have more buying power to negotiate better terms.
      • Power and cooling costs are also transferred to the hosting provider.

      Reliable infrastructure and experienced staff

      • A quality hosting provider will have 24/7 monitoring, full redundancy, and proven disaster recovery capabilities.
      • The hosting provider will also have a larger mainframe staff, so they don’t have the same risk of suddenly being without those advanced critical skills.

      So, what are the risks?

      • A transition to a hosting provider usually means eliminating or significantly reducing your in-house mainframe staff. With that loss of in-house expertise, it will be next to impossible to bring the mainframe back in-house, and you become highly dependent on your hosting provider.

      Outsourcing

      The most common tactic is for the organization to adopt some level of outsourcing for the non-commodity platform, retaining the application support/development in-house.

      The options here for the non-commodity (z/Series, IBM Power platforms, for example) are not as broad as with commodity server platforms. More confusingly, the term “outsourcing” for these can include:

      Traditional/Colocation – A customer transitions their hardware environment to a provider’s data center. The provider can then manage the hardware and “system.”

      Onsite Outsourcing – Here a provider will support the hardware/system environment at the client’s site. The provider may acquire the customer’s hardware and provide software licenses. This could also include hiring or “rebadging” staff supporting the platform. This type of arrangement is typically part of a larger services or application transformation. While low risk, it is not as cost-effective as other deployment models.

      Managed Hosting – A customer transitions their legacy application environment to an off-prem hosted multi-tenanted environment. It will provide the most cost savings following the transition, stabilization, and disposal of existing environment. Some providers will provide software licensing, and some will also support “Bring Your Own,” as permitted by IBM terms for example.

      Info-Tech Insight

      Technical debt for non-commodity platforms isn’t only hardware based. Moving an application written for the mainframe onto a “cheaper” hardware platform (or outsourced deployment) leaves the more critical problems and frequently introduces a raft of new ones.

      Re-platform – z/Series COBOL Cloud

      Re-platforming is not trivial.

      While the majority of the coded functionality (JCLs, programs, etc.) migrate easily, there will be a need to re-code or re-write objects – especially if any object, code, or location references are not exactly the same in the new environment.

      Micro Focus has solid experience in this but if consider it within the context of an 80/20 rule (the actual metrics might be much better than that), meaning that some level of rework would have to be accomplished as an overhead to the exercise.

      Build that thought into your thinking and business case.

      AWS Cloud

      • Astadia (an AWS Partner) is re-platforming mainframe workloads to AWS. With its approach you reuse the original application source code and data to AWS services. Consider reviewing Amazon’s “Migrating a Mainframe to AWS in 5 Steps.”

      Azure Cloud

      Micro Focus COBOL (Visual COBOL)

      • Micro Focus' Visual COBOL also supports running COBOL in Docker containers and managing and orchestrating the containers with Kubernetes. I personally cannot imagine what sort of drunken bender decision would lead me to move COBOL into Docker and then use Kubernetes to run in GCP but there you are...if that's your Jam you can do it.

      Re-platform – z/Series (Non-COBOL)

      But what if it's not COBOL?

      Yeah, a complication for this situation is the legacy code.

      While re-platforming/re-hosting non-COBOL code is not new, we have not had many member observations compared to the re-platforming/re-hosting of COBOL functionality initiatives.

      That being said, there are a couple of interesting opportunities to explore.

      NTT Data Services (GLOBAL)

      • Most intriguing is the re-hosting of a mainframe environment into AWS. Not sure if the AWS target supports NATURAL codebase; it does reference Adabas however (Re-Hosting Mainframe Applications to AWS with NTT DATA Services). Nevertheless, NTT has supported re-platforming and NATURAL codebase environments previously.

      ModernSystems (or ModSys) has relevant experience.

      • ModSys is the resulting entity following a merger between BluePhoenix and ATERAS a number of years ago. ATERAS is the entity I find references to within my “wayback machine” for member discussions. There are also a number of published case studies still searchable about ATERAS’ successful re-platforming engagements, including the California Public Employees Retirement System (CalPERS) most famously after the Accenture project to rewrite it failed.

      ATOS, as a hosting vendor mostly referenced by customers with global locations in a short-term transition posture, could be an option.

      Lastly, the other Managed Services vendors with NATURAL and Adabas capabilities:

      Reinvest

      By contrast, reducing the use of your mainframe makes it less cost-effective and more challenging to retain in-house expertise.

      • For organizations that have migrated applications off the mainframe (at least partly to reduce dependency on the platform), inevitably there remains a core set of mission critical applications that cannot be moved off for reasons described on the “Migrate” slide. This is when the mainframe becomes a costly burden:
        • TCO is relatively high due to low utilization.
        • In-house expertise declines as workload declines and current staffing allocations become harder to justify.
      • Organizations that are instead adding capacity and finding new ways to use this platform have lower cost concerns and resourcing challenges. The charts below illustrate this correlation. While some capacity growth is due to normal business growth, some is also due to new workloads, and it reflects an ongoing commitment to the platform.

      *92% of organizations that added capacity said TCO is lower than for commodity servers (compared to 50% of those who did not add capacity)

      *63% of organizations that added capacity said finding resources is not very difficult (compared to 42% of those who did not add capacity)
      The image contains a bar graph as described in the above text. The image contains a bar graph as described in the above text.

      *Maximize the Value of IBM Mainframes in My Business

      An important thought about data migration

      Mainframe data migrations – “VSAM, IMS, etc.”

      • While the application will be replaced and re-platformed, there is the historical VIN data remaining in the VSAM files and access via the application. The challenge is that a bulk conversion can add upfront costs and delay the re-platforming of the application functionality. Some shops will break the historical data migration into a couple of phases.
      • While there are technical solutions to accessing VSAM data stores, what I have observed with other members facing a similar scenario is a need to “shrink” the data store over time. The technical accesses to historical VSAM records would also have a lifespan, and rather than kicking the can down the road indefinitely, many have turned to a process-based solution allowing them to shrink the historical data store over time. I have observed three approaches to the handling or digitization of historical records like this:

      Temporary workaround. This would align with a technical solution allowing the VASM files to be accessed using platforms other than on mainframe hardware (Micro Focus or other file store trickery). This can be accomplished relatively quickly but does run the risk of technology obsolesce for the workaround at some point in the future.

      Bulk conversion. This method would involve the extract/transform/load of the historical records into the new application platform. Often the order of the conversion is completed on work newest to oldest (the idea is that the newest historical records would have the highest likelihood of an access need), but all files would be converted to the new application and the old data store destroyed.

      Forward convert, which would have files undergo the extract/transform/load conversion into the new application as they are accessed or reopened. This method would keep historical records indefinitely or until they are converted – or the legal retention schedule allows for their destruction (hopefully no file must be kept forever). This could be a cost-efficient approach since the historical files remaining on the VSAM platform would be shrunk over time based on demand from the district attorney process. The conversion process could be automated and scripted, with a QR step allowing for the records to be deleted from the old platform.

      Info-Tech Insight

      It is not usual for organizations to leverage options #2 and #3 above to move the functionality forward while containing the scope creep and costs for the data conversions.

      Enterprise class job scheduling

      Job scheduling or data center automation?

      • Enterprise class job scheduling solutions enable complex unattended batched programmatically conditioned task/job scheduling.
      • Data center automation (DCIM) software automates and orchestrates the processes and workflow for infrastructure operations including provisioning, configuring, patching of physical, virtual, and cloud servers, and monitoring of tasks involved in maintaining the operations of a data center or Infrastructure environment.
      • While there maybe some overlap and or confusion between data center automation and enterprise class job scheduling solutions, data center automation (DCIM) software solutions are least likely to have support for non-commodity server platforms and lack robust scheduling functionality.

      Note: Enterprise job scheduling is a topic with low member interest or demand. Since our published research is driven by members’ interest and needs, the lack of activity or member demand would obviously be a significant influence into our ability to aggregate shared member insight, trends, or best practices in our published agenda.

      Data Center Automation (DCIM) Software

      Orchestration/Provisioning Software

      Enterprise class job scheduling features

      The feature set for these tools is long and comprehensive. The feature list below is not exhaustive as specific tools may have additional product capabilities. At a minimum, the solutions offered by the vendors in the list below will have the following capabilities:

      • Automatic restart and recovery
      • File management
      • Integration with security systems such as AD
      • Operator alerts
      • Ability to control spooling devices
      • Cross-platform support
      • Cyclical scheduling
      • Deadline scheduling
      • Event-based scheduling / triggers
      • Inter-dependent jobs
      • External task monitoring (e.g. under other sub-systems)
      • Multiple calendars and time-zones
      • Scheduling of packaged applications (such as SAP, Oracle, JD Edwards)
      • The ability to schedule web applications (e.g. .net, java-based)
      • Workload analysis
      • Conditional dependencies
      • Critical process monitoring
      • Event-based automation (“self-healing” processes in response to common defined error conditions)
      • Graphical job stream/workflow visualization
      • Alerts (job failure notifications, task thresholds (too long, too quickly, missed windows, too short, etc.) via multiple channels
      • API’s supporting programmable scheduler needs
      • Virtualization support
      • Workload forecasting and workload planning
      • Logging and message data supporting auditing capabilities likely to be informed by or compliant with regulatory needs such as Sarbanes, Gramme-Leach
      • Historical reporting
      • Auditing reports and summaries

      Understand your vendors and tools

      List and compare the job scheduling features of each vendor.

      • This is not presented as an exhaustive list.
      • The list relies on observations aggregated from analyst engagements with Info-Tech Research Group members. Those member discussions tend to be heavily tilted toward solutions supporting non-commodity platforms.
      • Nothing is implied about a solution suitability or capability by the order of presentation or inclusion or absence in this list.

      ✓ Advanced Systems Concepts

      ✓ BMC

      ✓ Broadcom

      ✓ HCL

      ✓ Fortra

      ✓ Redwood

      ✓ SMA Technologies

      ✓ StoneBranch

      ✓ Tidal Software

      ✓ Vinzant Software

      Info-Tech Insight

      Creating vendor profiles will help quickly filter the solution providers that directly meet your z/Series needs.

      Advanced Systems Concepts

      ActiveBatch

      Workload Management:

      Summary

      Founded in 1981, ASCs ActiveBatch “provides a central automation hub for scheduling and monitoring so that business-critical systems, like CRM, ERP, Big Data, BI, ETL tools, work order management, project management, and consulting systems, work together seamlessly with minimal human intervention.”*

      URL

      advsyscon.com

      Coverage:

      Global

      Amazon EC2

      Hadoop Ecosystem

      IBM Cognos

      DataStage

      IBM PureData (Netezza)

      Informatica Cloud

      Microsoft Azure

      Microsoft Dynamics AX

      Microsoft SharePoint

      Microsoft Team Foundation Server

      Oracle EBS

      Oracle PeopleSoft

      SAP

      BusinessObjects

      ServiceNow

      Teradata

      VMware

      Windows

      Linux

      Unix

      IBM i

      *Advanced Systems Concepts, Inc.


      BMC

      Control-M

      Workload Management:

      Summary

      Founded in 1980, BMCs Control-M product “simplifies application and data workflow orchestration on premises or as a service. It makes it easy to build, define, schedule, manage, and monitor production workflows, ensuring visibility, reliability, and improving SLAs.”*

      URL

      bmc.com/it-solutions/control-m.html

      Coverage:

      Global

      AWS

      Azure

      Google Cloud Platform

      Cognos

      IBM InfoSphere

      DataStage

      SAP HANA

      Oracle EBS

      Oracle PeopleSoft

      BusinessObjects

      ServiceNow

      Teradata

      VMware

      Windows

      Linux

      Unix

      IBM i

      IBM z/OS

      zLinux

      *BMC

      Broadcom

      Atomic Automation

      Autosys Workload Automation

      Workload Management:

      Summary

      Broadcom offers Atomic Automation and Autosys Workload Automation which ”gives you the agility, speed and reliability required for effective digital business automation. From a single unified platform, Atomic centrally provides the orchestration and automation capabilities needed accelerate your digital transformation and support the growth of your company.”*

      URL

      broadcom.com/products/software/automation/automic-automation

      broadcom.com/products/software/automation/autosys

      Coverage:

      Global


      Windows

      MacOS

      Linux

      UNIX

      AWS

      Azure

      Google Cloud Platform

      VMware

      z/OS

      zLinux

      System i

      OpenVMS

      Banner

      Ecometry

      Hadoop

      Oracle EBS

      Oracle PeopleSoft

      SAP

      BusinessObjects

      ServiceNow

      Teradata

      VMware

      Windows

      Linux

      Unix

      IBM i

      *Broadcom

      HCL

      Workload Automation

      Workload Management:

      Summary

      “HCL Workload Automation streamlined modelling, advanced AI and open integration for observability. Accelerate the digital transformation of modern enterprises, ensuring business agility and resilience with our latest version of one stop automation platform. Orchestrate unattended and event-driven tasks for IT and business processes from legacy to cloud and kubernetes systems.”*

      URL

      hcltechsw.com/workload-automation

      Coverage:

      Global


      Windows

      MacOS

      Linux

      UNIX

      AWS

      Azure

      Google Cloud Platform

      VMware

      z/OS

      zLinux

      System i

      OpenVMS

      IBM SoftLayer

      IBM BigInsights

      IBM Cognos

      Hadoop

      Microsoft Dynamics 365

      Microsoft Dynamics AX

      Microsoft SQL Server

      Oracle E-Business Suite

      PeopleSoft

      SAP

      ServiceNow

      Apache Oozie

      Informatica PowerCenter

      IBM InfoSphere DataStage

      Salesforce

      BusinessObjects BI

      IBM Sterling Connect:Direct

      IBM WebSphere MQ

      IBM Cloudant

      Apache Spark

      *HCL Software

      Fortra

      JAMS Scheduler

      Workload Management:

      Summary

      Fortra’s “JAMS is a centralized workload automation and job scheduling solution that runs, monitors, and manages jobs and workflows that support critical business processes.

      JAMS reliably orchestrates the critical IT processes that run your business. Our comprehensive workload automation and job scheduling solution provides a single pane of glass to manage, execute, and monitor jobs—regardless of platforms or applications.”*

      URL

      jamsscheduler.com

      Coverage:

      Global


      OpenVMS

      OS/400

      Unix

      Windows

      z/OS

      SAP

      Oracle

      Microsoft

      Infor

      Workday

      AWS

      Azure

      Google Cloud Compute

      ServiceNow

      Salesforce

      Micro Focus

      Microsoft Dynamics 365

      Microsoft Dynamics AX

      Microsoft SQL Server

      MySQL

      NeoBatch

      Netezza

      Oracle PL/SQL

      Oracle E-Business Suite

      PeopleSoft

      SAP

      SAS

      Symitar

      *JAMS

      Redwood

      Redwood SaaS

      Workload Management:

      Summary

      Founded in 1993 and delivered as a SaaS solution, ”Redwood lets you orchestrate securely and reliably across any application, service or server, in the cloud or on-premises, all inside a single platform. Automation solutions are at the core of critical business operations such as forecasting, replenishment, reconciliation, financial close, order to cash, billing, reporting, and more. Enterprises in every industry — from manufacturing, utility, retail, and biotech to healthcare, banking, and aerospace.”*

      URL

      redwood.com

      Coverage:

      Global


      OpenVMS

      OS/400

      Unix

      Windows

      z/OS

      SAP

      Oracle

      Microsoft

      Infor

      Workday

      AWS

      Azure

      Google Cloud Compute

      ServiceNow

      Salesforce

      Github

      Office 365

      Slack

      Dropbox

      Tableau

      Informatica

      SAP BusinessObjects

      Cognos

      Microsoft Power BI

      Amazon QuickSight

      VMware

      Xen

      Kubernetes

      *Redwood

      Fortra

      Robot Scheduler

      Workload Management:

      Summary

      “Robot Schedule’s workload automation capabilities allow users to automate everything from simple jobs to complex, event-driven processes on multiple platforms and centralize management from your most reliable system: IBM i. Just create a calendar of when and how jobs should run, and the software will do the rest.”*

      URL

      fortra.com/products/job-scheduling-software-ibm-i

      Coverage:

      Global


      IBM i (System i, iSeries, AS/400)

      AIX/UNIX

      Linux

      Windows

      SQL/Server

      Domino

      JD Edwards EnterpriseOne

      SAP

      Automate Schedule (formerly Skybot Scheduler)

      *Fortra

      SMA Technologies

      OpCon

      Workload Management:

      Summary

      Founded in1980, SMA offers to “save time, reduce error, and free your IT staff to work on more strategic contributions with OpCon from SMA Technologies. OpCon offers powerful, easy-to-use workload automation and orchestration to eliminate manual tasks and manage workloads across business-critical operations. It's the perfect fit for financial institutions, insurance companies, and other transactional businesses.”*

      URL

      smatechnologies.com

      Coverage:

      Global

      Windows

      Linux

      Unix

      z/Series

      IBM i

      Unisys

      Oracle

      SAP

      Microsoft Dynamics AX

      Infor M3

      Sage

      Cegid

      Temenos

      FICS

      Microsoft Azure Data Management

      Microsoft Azure VM

      Amazon EC2/AWS

      Web Services RESTful

      Docker

      Google Cloud

      VMware

      ServiceNow

      Commvault

      Microsoft WSUS

      Microsoft Orchestrator

      Java

      JBoss

      Asysco AMT

      Tuxedo ART

      Nutanix

      Corelation

      Symitar

      Fiserv DNA

      Fiserv XP2

      *SMA Technologies

      StoneBranch

      Universal Automation Center (UAC)

      Workload Management:

      Summary

      Founded in 1999, ”the Stonebranch Universal Automation Center (UAC) is an enterprise-grade business automation solution that goes beyond traditional job scheduling. UAC's event-based workload automation solution is designed to automate and orchestrate system jobs and tasks across all mainframe, on-prem, and hybrid IT environments. IT operations teams gain complete visibility and advanced control with a single web-based controller, while removing the need to run individual job schedulers across platforms.”*

      URL

      stonebranch.com/it-automation-solutions/enterprise-job-scheduling

      Coverage:

      Global

      Windows

      Linux

      Unix

      z/Series

      Apache Kafka

      AWS

      Databricks

      Docker

      GitHub

      Google Cloud

      Informatica

      Jenkins

      Jscape

      Kubernetes

      Microsoft Azure

      Microsoft SQL

      Microsoft Teams

      PagerDuty

      PeopleSoft

      Petnaho

      RedHat Ansible

      Salesforce

      SAP

      ServiceNow

      Slack

      SMTP and IMAP

      Snowflake

      Tableau

      VMware

      *Stonebranch

      Tidal Software

      Workload Automation

      Workload Management:

      Summary

      Founded in 1979, Tidal’s Workload Automation will “simplify management and execution of end-to-end business processes with our unified automation platform. Orchestrate workflows whether they're running on-prem, in the cloud or hybrid environments.”*

      URL

      tidalsoftware.com

      Coverage:

      Global

      CentOS

      Linux

      Microsoft Windows Server

      Open VMS

      Oracle Cloud

      Oracle Enterprise Linux

      Red Hat Enterprise Server

      Suse Enterprise

      Tandem NSK

      Ubuntu

      UNIX

      HPUX (PA-RISC, Itanium)

      Solaris (Sparc, X86)

      AIX, iSeries

      z/Linux

      z/OS

      Amazon AWS

      Microsoft Azure

      Oracle OCI

      Google Cloud

      ServiceNow

      Kubernetes

      VMware

      Cisco UCS

      SAP R/3 & SAP S/4HANA

      Oracle E-Business

      Oracle ERP Cloud

      PeopleSoft

      JD Edwards

      Hadoop

      Oracle DB

      Microsoft SQL

      SAP BusinessObjects

      IBM Cognos

      FTP/FTPS/SFTP

      Informatica

      *Tidal

      Vinzant Software

      Global ECS

      Workload Management:

      Summary

      Founded in 1987, Global ECS can “simplify operations in all areas of production with the GECS automation framework. Use a single solution to schedule, coordinate and monitor file transfers, database operations, scripts, web services, executables and SAP jobs. Maximize efficiency for all operations across multiple business units intelligently and automatically.”*

      URL

      vinzantsoftware.com

      Coverage:

      Global

      Windows

      Linux

      Unix

      iSeries

      SAP R/3 & SAP S/4HANA

      Oracle, SQL/Server

      *Vizant Software

      Activity

      Scale Out or Scale Up

      Activities:

      1. Complete the Scale Up vs. Scale Out TCO Tool.
      2. Compare total lifecycle costs to determine TCO.

      This activity involves the following participants:

      IT strategic direction decision makers

      IT managers responsible for an existing z/Series platform

      Organizations evaluating platforms for mission critical applications

      Outcomes of this step:

      • Completed Scale Up vs. Scale Out TCO Tool

      Info-Tech Insight

      This checkpoint process creates transparency around agreement costs with the business and gives the business an opportunity to re-evaluate its requirements for a potentially leaner agreement.

      Scale out versus scale up activity

      The Scale Up vs. Scale Out TCO Tool provides organizations with a framework for estimating the costs associated with purchasing and licensing for a scale-up and scale-out environment over a multi-year period.

      Use this tool to:

      • Compare the pre-populated values.
      • Insert your own amounts to contrast possible database decisions and determine the TCO of each.
      		The image contains screenshots of the Scale Up vs. Scale Out TCO Tool.

      Info-Tech Insight

      Watch out for inaccurate financial information. Ensure that the financials for cost match your maintenance and contract terms.

      Use the Scale Up vs. Scale Out TCO Tool to determine your TCO options.

      Related Info-Tech Research

      Effectively Acquire Infrastructure Services

      Acquiring a service is like buying an experience. Don’t confuse the simplicity of buying hardware with buying an experience.

      Outsource IT Infrastructure to Improve System Availability, Reliability, and Recovery

      There are very few IT infrastructure components you should be housing internally – outsource everything else.

      Build Your Infrastructure Roadmap

      Move beyond alignment: Put yourself in the driver’s seat for true business value.

      Define Your Cloud Vision

      Make the most of cloud for your organization.

      Document Your Cloud Strategy

      Drive consensus by outlining how your organization will use the cloud.

      Build a Strategy for Big Data Platforms

      Know where to start and where to focus attention in the implementation of a big data strategy.

      Create a Better RFP Process

      Improve your RFPs to gain leverage and get better results.

      Research Authors

      Darin Stahl.

      Darin Stahl, Principal Research Advisor, Info-Tech Research Group

      Darin is a Principal Research Advisor within the Infrastructure Practice, and leveraging 38+ years of experience, his areas of focus include: IT Operations Management, Service Desk, Infrastructure Outsourcing, Managed Services, Cloud Infrastructure, DRP/BCP, Printer Management, Managed Print Services, Application Performance Monitoring/ APM, Managed FTP, non-commodity servers (z/Series, mainframe, IBM i, AIX, Power PC).
      Troy Cheeseman.

      Troy Cheeseman, Practice Lead, Info-Tech Research Group

      Troy has over 25 years of IT management experience and has championed large enterprise-wide technology transformation programs, remote/home office collaboration and remote work strategies, BCP, IT DRP, IT Operations and expense management programs, international right placement initiatives, and large technology transformation initiatives (M&A). Additionally, he has deep experience working with IT solution providers and technology (cloud) start-ups.

      Bibliography

      “AWS Announces AWS Mainframe Modernization.” Business Wire, 30 Nov. 2021.
      de Valence, Phil. “Migrating a Mainframe to AWS in 5 Steps with Astadia?” AWS, 23 Mar. 2018.
      Graham, Nyela. “New study shows mainframes still popular despite the rise of cloud—though times are changing…fast?” WatersTechnology, 12 Sept. 2022.
      “Legacy applications can be revitalized with API.” MuleSoft, 2022.
      Vecchio, Dale. “The Benefits of Running Mainframe Applications on LzLabs Software Defined Mainframe® & Microsoft Azure.” LzLabs Sites, Mar. 2021.

      Tame the Project Backlog

      • Buy Link or Shortcode: {j2store}439|cart{/j2store}
      • member rating overall impact: N/A
      • member rating average dollars saved: N/A
      • member rating average days saved: N/A
      • Parent Category Name: Portfolio Management
      • Parent Category Link: /portfolio-management
      • Unmanaged project backlogs can become the bane of IT departments, tying IT leaders and PMO staff down to an ever-growing receptacle of project ideas that provides little by way of strategic value and that typically represents a lack of project intake and approval discipline.
      • Decision makers frequently use the backlog to keep the peace. Lacking the time to assess the bulk of requests, or simply wanting to avoid difficult conversations with stakeholders, they “approve” everything and leave it to IT to figure it out.
      • As IT has increasing difficulty assessing – let alone starting – any of the projects in the backlog, stakeholder relations suffer. Requestors view inclusion in the backlog as a euphemism for “declined,” and often characterize the backlog as the place where good project ideas go to die.
      • Faced with these challenges, you need to make your project backlog more useful and reliable. The backlog may contain projects worth doing, but in its current untamed state, you have difficulty discerning, let alone capitalizing upon, those instances of value.

      Our Advice

      Critical Insight

      • Project backlogs are an investment and need to be treated as such. Incurring a cost impact that can be measured in terms of time and money, the backlog needs to be actively managed to ensure that you’re investing wisely and getting a good return in terms of strategic value and project throughput.
      • Unmanageable project backlogs are rooted in bad habits and poorly-defined processes. Identifying the sources that fuel backlog growth is key to long-term success. Unless the problem is addressed at the root, any gains made in the near-term will simply fade away as old, unhealthy habits re-emerge and take hold.
      • Backlog management should facilitate executive awareness about the status of backlog items as new work is being approved. In the long run, this ongoing executive engagement will not only help to keep the backlog manageable, but it will also help to bring more even workloads to IT project staff.

      Impact and Result

      • Keep the best, forget the rest. Develop a near-term approach to limit the role of the backlog to include only those items that add value to the business.
      • Shine a light. Improve executive visibility into the health and status of the backlog so that the backlog is taken into account when decision makers approve new work.
      • Evolve the organizational culture. Effectively employ organizational change management practices to evolve the culture that currently exists around the project backlog in order to ensure customer-service needs are more effectively addressed.
      • Ensure long-term sustainability. Institute processes to make sure that your list of pending projects – should you still require one after implementing this blueprint – remains minimal, maintainable, and of high value.

      Tame the Project Backlog Research & Tools

      Start here – read the Executive Brief

      Read our concise Executive Brief to find out how a more disciplined approach to managing your project backlog can help you realize increased value and project throughput.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Create a project backlog battle plan

      Calculate the cost of the project backlog and assess the root causes of its unmanageability.

      • Tame the Project Backlog – Phase 1: Create a Backlog Battle Plan
      • Project Backlog ROI Calculator

      2. Execute a near-term backlog cleanse

      Increase the manageability of the backlog by updating stale requests and removing dead weight.

      • Tame the Project Backlog – Phase 2: Execute a Near-Term Backlog Cleanse
      • Project Backlog Management Tool
      • Project Backlog Stakeholder Communications Template

      3. Ensure long-term backlog manageability

      Develop and maintain a manageable backlog growth rate by establishing disciplined backlog management processes.

      • Tame the Project Backlog – Phase 3: Ensure Long-Term Backlog Manageability
      • Project Backlog Operating Plan Template
      • Project Backlog Manager
      [infographic]

      Workshop: Tame the Project Backlog

      Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

      1 Create a Project Backlog Battle Plan

      The Purpose

      Gauge the manageability of your project backlog in its current state.

      Calculate the total cost of your project backlog investments.

      Determine the root causes that contribute to the unmanageability of your project backlog.

      Key Benefits Achieved

      An understanding of the organizational need for more disciplined backlog management.

      Visibility into the costs incurred by the project backlog.

      An awareness of the sources that feed the growth of the project backlog and make it a challenge to maintain.

      Activities

      1.1 Calculate the sunk and marginal costs that have gone into your project backlog.

      1.2 Estimate the throughput of backlog items.

      1.3 Survey the root causes of your project backlog.

      Outputs

      The total estimated cost of the project backlog.

      A project backlog return-on-investment score.

      A project backlog root cause analysis.

      2 Execute a Near-Term Project Backlog Cleanse

      The Purpose

      Identify the most organizationally appropriate goals for your backlog cleanse.

      Pinpoint those items that warrant immediate removal from the backlog and establish a game plan for putting a bullet in them.

      Communicate backlog decisions with stakeholders in a way that minimizes friction and resistance. 

      Key Benefits Achieved

      An effective, achievable, and organizationally right-sized approach to cleansing the backlog.

      Criteria for cleanse outcomes and a protocol for carrying out the near-term cleanse.

      A project sponsor outreach plan to help ensure that decisions made during your near-term cleanse stick. 

      Activities

      2.1 Establish roles and responsibilities for the near-term cleanse.

      2.2 Determine cleanse scope.

      2.3 Develop backlog prioritization criteria.

      2.4 Prepare a communication strategy.

      Outputs

      Clear accountabilities to ensure the backlog is effectively minimized and outcomes are communicated effectively.

      Clearly defined and achievable goals.

      Effective criteria for cleansing the backlog of zombie projects and maintaining projects that are of strategic and operational value.

      A communication strategy to minimize stakeholder friction and resistance.

      3 Ensure Long-Term Project Backlog Manageability

      The Purpose

      Ensure ongoing backlog manageability.

      Make sure the executive layer is aware of the ongoing status of the backlog when making project decisions.

      Customize a best-practice toolkit to help keep the project backlog useful. 

      Key Benefits Achieved

      A list of pending projects that is minimal, maintainable, and of high value.

      Executive engagement with the backlog to ensure intake and approval decisions are made with a view of the backlog in mind.

      A backlog management tool and processes for ongoing manageability. 

      Activities

      3.1 Develop a project backlog management operating model.

      3.2 Configure a project backlog management solution.

      3.3 Assign roles and responsibilities for your long-term project backlog management processes.

      3.4 Customize a project backlog management operating plan.

      Outputs

      An operating model to structure your long-term strategy around.

      A right-sized management tool to help enable your processes and executive visibility into the backlog.

      Defined accountabilities for executing project backlog management responsibilities.

      Clearly established processes for how items get in and out of the backlog, as well as for ongoing backlog review.

      Applications Priorities 2023

      • Buy Link or Shortcode: {j2store}186|cart{/j2store}
      • member rating overall impact: N/A
      • member rating average dollars saved: N/A
      • member rating average days saved: N/A
      • Parent Category Name: Architecture & Strategy
      • Parent Category Link: /architecture-and-strategy
      • Economic, social, and regulatory conditions have changed livelihoods, businesses, and marketplaces. Modern tools and technologies have acted as lifelines by minimizing operating and delivery costs, and in the process, establishing a strong foundation for growth and maturity.
      • These tools and technologies must meet the top business goals of CXOs: ensure service continuity, improve customer experience, and make data-driven decisions.
      • While today’s business applications are good and well received, there is still room for improvement. The average business application satisfaction score among IT leadership was 72% (n=1582, CIO Business Vision).

      Our Advice

      Critical Insight

      • Applications are critical components in any business strategic plan. They can directly influence an organization’s internal and external brand and reputation, such as their uniqueness, competitiveness and innovativeness in the industry
      • Business leaders are continuously looking for innovative ways to better position their application portfolio to satisfy their goals and objectives, i.e., application priorities. Given the scope and costs often involved, these priorities must be carefully crafted to clearly state achievable business outcomes that satisfies the different needs very different customers, stakeholders, and users.
      • Unfortunately, expectations on your applications team have increased while the gap between how stakeholders and applications teams perceive effectiveness remains wide. This points to a need to clarify the requirements to deliver valuable and quality applications and address the pressures challenging your teams.

      Impact and Result

      Learn and explore the technology and practice initiatives in this report to determine which initiatives should be prioritized in your application strategy and align to your business organizational objectives:

      • Optimize the effectiveness of the IT organization.
      • Boost the productivity of the enterprise.
      • Enable business growth through technology.

      Applications Priorities 2023 Research & Tools

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Applications Priorities Report 2023 – A report that introduces and describes five opportunities to prioritize in your 2023 application strategy.

      In this report, we explore five priorities for emerging and leading-edge technologies and practices that can improve on capabilities needed to meet the ambitions of your organization.

      • Applications Priorities 2023 Report

      Infographic

      Further reading

      Applications Priorities 2023

      Applications are the engine of the business: keep them relevant and modern

      What we are facing today is transforming the ways in which we work, live, and relate to one another. Applications teams and portfolios MUST change to meet this reality.

      Economic, social, and regulatory conditions have changed livelihoods, businesses, and marketplaces. Modern tools and technologies have acted as lifelines by minimizing operating and delivery costs, and in the process, establishing a strong foundation for growth and maturity.

      As organizations continue to strengthen business continuity, disaster recovery, and system resilience, activities to simply "keep the lights on" are not enough. Be pragmatic in the prioritization and planning of your applications initiatives, and use your technologies as a foundation for your growth.

      Your applications must meet the top business goals of your CXOs

      • Ensure service continuity
      • Improve customer experience
      • Make data-driven decisions
      • Maximize stakeholder value
      • Manage risk

      Source: CEO-CIO Alignment Diagnostics, August 2021 to July 2022, n=568.

      Select and align your applications priorities to your business goals and objectives

      Applications are critical components in any business strategic plan. They can directly influence an organization's internal and external brand and reputation, such as their:

      • Uniqueness, competitiveness, and innovativeness in the industry.
      • Ability to be dynamic, flexible, and responsive to changing expectations, business conditions, and technologies.

      Therefore, business leaders are continuously looking for innovative ways to better position their application portfolios to satisfy their goals and objectives, i.e. applications priorities. Given the scope and costs often involved, these priorities must be carefully crafted to clearly state achievable business outcomes that satisfy
      the different needs of very different customers, stakeholders, and users.

      Today's business applications are good but leave room for improvement

      72%
      Average business application satisfaction score among IT leadership in 1582 organizations.

      Source: CIO Business Vision, August 2021 to July 2022, N=190.

      Five Applications Priorities for 2023

      In this report, we explore five priorities for emerging and leading-edge technologies and practices that can improve on capabilities needed to meet the Ambitions of your organization.

      this is an image of the Five Applications Priorities for which will be addressed in this blueprint.

      Strengthen your foundations to better support your applications priorities

      These key capabilities are imperative to the success of your applications strategy.

      KPI and Metrics

      Easily attainable and insightful measurements to gauge the progress of meeting strategic objectives and goals (KPIs), and the performance of individual teams, practices and processes (metrics).

      BUSINESS ALIGNMENT

      Gain an accurate understanding and interpretation of stakeholder, end-user, and customer expectations and priorities. These define the success of business products and services considering the priorities of individual business units and teams.

      EFFICIENT DELIVERY & SUPPORT PRACTICE

      Software delivery and support roles, processes, and tools are collaborative, well equipped and resourced, and optimized to meet changing stakeholder expectations.

      Data Management & Governance

      Ensuring data is continuously reliable and trustworthy. Data structure and integrations are defined, governed, and monitored.

      Product & Service Ownership

      Complete inventory and rationalization of the product and service portfolio, prioritized backlogs, roadmaps, and clear product and service ownership with good governance. This helps ensure this portfolio is optimized to meet its goals and objectives.

      Strengthen your foundations to better support your applications priorities (cont'd)

      These key capabilities are imperative to the success of your applications strategy.

      Organizational Change Management

      Manage the adoption of new and modified processes and technologies considering reputational, human, and operational concerns.

      IT Operational Management

      Continuous monitoring and upkeep of products and services to assure business continuity, and system reliability, robustness and disaster recovery.

      Architectural Framework

      A set of principles and standards that guides the consistent, sustainable and scalable growth of enterprise technologies. Changes to the architecture are made in collaboration with affected parties, such as security and infrastructure.

      Application Security

      The measures, controls, and tactics at the application layer that prevent vulnerabilities against external and internal threats and ensure compliance to industry and regulatory security frameworks and standards.

      There are many factors that can stand in your team's way

      Expectations on your applications team have increased, while the gap between how stakeholders and applications teams perceive effectiveness remains wide. This points to a need to clarify the requirements to deliver valuable and quality applications and address the pressures challenging your teams.

      1. Attracting and retaining talent
      2. Maximizing the return on technology
      3. Confidently shifting to digital
      4. Addressing competing priorities
      5. Fostering a collaborative culture
      6. Creating high-throughput teams

      CIOs agree that at least some improvement is needed across key IT activities

      A bar graph is depicted which shows the proportion of CIOs who believe that some, or significant improvement is necessary for the following categories: Measure IT Project Success; Align IT Budget; Align IT Project Approval Process; Measure Stakeholder Satisfaction With IT; Define and Align IT Strategy; Understand Business Goals

      Source: CEO-CIO Alignment Diagnostics, August 2021 to July 2022, n=568.

      Pressure Point 1:
      Attracting and Retaining Talent

      Recent environmental pressures impacted traditional working arrangements and showed more workplace flexibility is often possible. At the same time, many employees' expectations about how, when, and where they choose to work have also evolved. Recruitment and retention are reflections of different sides of the same employee value proposition coin. Organizations that fail to reinvent their approach to attracting and retaining talent by focusing on candidate and employee experience risk turnover, vacancies, and lost opportunities that can negatively impact the bottom line.

      Address the underlying challenges

      • Lack of employee empowerment and few opportunities for learning and development.
      • Poor coworker and manager relationships.
      • Compensation and benefits are inadequate to maintain desired quality of life.
      • Unproductive work environment and conflicting balance of work and life.
      • Unsatisfactory employee experience, including lack of employee recognition
        and transparency of organizational change.

      While workplace flexibility comes with many benefits, longer work hours jeopardize wellbeing.
      62% of organizations reported increased working hours, while 80% reported an increase in flexibility.
      Source: McLean & Company, 2022; n=394.

      Be strategic in how you fill and train key IT skills and capabilities

      • Cybersecurity
      • Big Data/Analytics
      • Technical Architecture
      • DevOps
      • Development
      • Cloud

      Source: Harvey Nash Group, 2021; n=2120.

      Pressure Point 2:
      Maximizing the Return of Technology

      Recent environmental pressures impacted traditional working arrangements and showed more workplace flexibility is often possible. At the same time, many employees' expectations about how, when, and where they choose to work have also evolved. Recruitment and retention are reflections of different sides of the same employee value proposition coin. Organizations that fail to reinvent their approach to attracting and retaining talent by focusing on candidate and employee experience risk turnover, vacancies, and lost opportunities that can negatively impact the bottom line.

      Address the underlying challenges

      • Inability to analyze, propose, justify, and communicate modernization solutions in language the stakeholders understand and in a way that shows they clearly support business priorities and KPIs and mitigate risks.
      • Little interest in documenting and rationalizing products and services through business-IT collaboration.
      • Lack of internal knowledge of the system and loss of vendor support.
      • Undefined, siloed product and service ownership and governance, preventing solutions from working together to collectively deliver more value.
      • Little stakeholder appetite to invest in activities beyond "keeping the lights on."

      Only 64% of applications were identified as effective by end users.
      Effective applications are identified as at least highly important and have high feature and usability satisfaction.
      Source: Application Portfolio Assessment, August 2021 to July 2022; N=315.

      "Regardless of the many definitions of modernization floating around, the one characteristic that we should be striving for is to ensure our applications do an outstanding job of supporting the users and the business in the most effective and efficient manner possible."
      Source: looksoftware.

      Pressure Point 3:
      Confidently Shifting to Digital

      "Going digital" reshapes how the business operates and drives value by optimizing how digital and traditional technologies and tactics work together. This shift often presents significant business and technical risks to business processes, enterprise data, applications, and systems which stakeholders and teams are not aware of or prepared to accommodate.

      Address the underlying challenges

      • Differing perspectives on digital can lead to disjointed transformation initiatives, oversold benefits, and a lack of synergy among digital technologies and processes.
      • Organizations have difficulty adapting to new technologies or rethinking current business models, processes, and ways of working because of the potential human, ethical, and reputational impacts and restrictions from legacy systems.
      • Management lacks a framework to evaluate how their organization manages and governs business value delivery.
      • IT is not equipped or resourced to address these rapidly changing business, customer, and technology needs.
      • The wrong tools and technologies were chosen to support the shift to digital.

      The shift to digital processes is starting, but slowly.
      62% of respondents indicated that 1-20% of their processes were digitized during the past year.
      Source: Tech Trends and Priorities 2023; N=500

      Resistance to change and time/budget constraints are top barriers preventing companies from modernizing their applications.
      Source: Konveyor, 2022; n=600.

      Pressure Point 4:
      Addressing Competing Priorities

      Enterprise products and services are not used, operated, or branded in isolation. The various parties involved may have competing priorities, which often leads to disagreements on when certain business and technology changes should be made and how resources, budget, and other assets should be allocated. Without a broader product vision, portfolio vision, and roadmap, the various dependent or related products and services will not deliver the same level of value as if they were managed collectively.

      Address the underlying challenges

      • Undefined product and service ownership and governance, including escalation procedures when consensus cannot be reached.
      • Lack of a unified and grounded set of value and quality definitions, guiding principles, prioritization standards, and broad visibility across portfolios, business capabilities, and business functions.
      • Distrust between business units and IT teams, which leads to the scaling of unmanaged applications and fragmented changes and projects.
      • Decisions are based on opinions and experiences without supporting data.

      55% of CXOs stated some improvement is necessary in activities to understand business goals.
      Source: CEO-CIO Alignment Diagnostics, August 2021 to July 2022; n=568.

      CXOs are moderately satisfied with IT's performance as a business partner (average score of 69% among all CXOs). This sentiment is similarly felt among CIOs (64%).
      Source: CEO-CIO Alignment Diagnostics, August 2021 to July 2022; n=568.

      Pressure Point 5:
      Fostering a Collaborative Culture

      Culture impacts business results, including bottom-line revenue and productivity metrics. Leaders appreciate the impact culture can have on applications initiatives and wish to leverage this. How culture translates from an abstract concept to something that is measurable and actionable is not straightforward. Executives need to clarify how the desired culture will help achieve their applications strategy and need to focus on the items that will have the most impact.

      Address the underlying challenges

      • Broad changes do not consider the unique subcultures, personalities, and behaviors of the various teams and individuals in the organization.
      • Leaders mandate cultural changes without alleviating critical barriers and do not embody the principles of the target state.
      • Bureaucracy and politics restrict changes and encourage the status quo.
      • Industry standards, technologies, and frameworks do not support or cannot be tailored to fit the desired culture.
      • Some teams are deliberately excluded from the scoping, planning, and execution of key product and service delivery and management activities.

      Agile does not solve team culture challenges.
      43% of organizations cited organizational culture as a significant barrier to adopting and scaling Agile practices.
      Source: Digital.ai, 2021.

      "Providing a great employee experience" as the second priority (after recruiting) highlights the emphasis organizations are placing on helping employees adjust after having been forced to change the way work gets done.
      Source: McLean & Company, 2022; N=826.

      Use your applications priorities to help address your pressure points

      Success can be dependent on your ability to navigate around or alleviate your pressure points. Design and market your applications priorities to bring attention to your pressure points and position them as key risk factors to their success.

      Applications Priorities
      Digital Experience (DX) Intelligent Automation Proactive Application Management Multisource Systems Digital Organization as a Platform
      Attracting and Retaining Talent Enhance the employee experience Be transparent and support role changes Shift focus from maintenance to innovation Enable business-managed applications Promote and showcase achievements and successes
      Maximizing the Return on Technology Modernize or extend the use of existing investments Automate applications across multiple business functions Improve the reliability of mission-critical applications Enhance the functionality of existing applications Increase visibility of underused applications
      Confidently Shifting to Digital Prioritize DX in your shift to digital Select the capabilities that will benefit most from automation Prepare applications to support digital tools and technologies Use best-of-breed tools to meet specific digital needs Bring all applications up to a common digital standard
      Addressing Competing Priorities Ground your digital vision, goals, and objectives Recognize and evaluate the architectural impact Rationalize the health of the applications Agree on a common philosophy on system composition Map to a holistic platform vision, goals, and objectives
      Fostering a Collaborative Culture Involve all perspectives in defining and delivering DX Involve the end user in the delivery and testing of the automated process Include the technical perspective in the viability of future applications plans Discuss how applications can work together better in an ecosystem Ensure the platform is configured to meet the individual needs of the users
      Creating High-Throughput Teams Establish delivery principles centered on DX Remove manual, error-prone, and mundane tasks Simplify applications to ease delivery and maintenance Alleviate delivery bottlenecks and issues Abstract the enterprise system to expedite delivery

      Digital Experience (DX)

      PRIORITY 1

      • Deliver Valuable User, Customer, Employee, and Brand Experiences

      Delivering valuable digital experiences requires the adoption of good management, governance, and operational practices to accommodate stakeholder, employee, customer, and end-user expectations of digital experiences (e.g. product management, automation, and iterative delivery). Technologies are chosen based on what best enables, delivers, and supports these expectations.

      Introduction

      Digital transformation is not just about new tools and technologies. It is also about delivering a valuable digital experience

      What is digital experience (DX)?

      Digital experience (DX) refers to the interaction between a user and an organization through digital products and services. Digital products and services are tools, systems, devices, and resources that gather, store, and process data; are continuously modernized; and embody eight key attributes that are described on the following slide. DX is broken down into four distinct perspectives*:

      • Customer Experience – The immediate perceptions of transactions and interactions experienced through a customer's journey in the use of the organization's digital
        products and services.
      • End-User Experience – Users' emotions, beliefs, and physical and psychological responses
        that occur before, during, or after interacting with a digital product or service.
      • Brand Experience – The broader perceptions, emotions, thoughts, feelings and actions the public associate with the organization's brand and reputation or its products and services. Brand experience evolves over time as customers continuously engage with the brand.
      • Employee Experience – The satisfaction and experience of an employee through their journey with the organization, from recruitment and hiring to their departure. How an employee embodies and promotes the organization brand and culture can affect their performance, trust, respect, and drive to innovate and optimize.
      Digital Products and Services
      Customer Experience Brand Experience Employee Experience End-User Experience

      Digital products and services have a common set of attributes

      Digital transformation is not just about new tools and technologies. It is also about delivering a valuable digital experience

      • Digital products and services must keep pace with changing business and end-user needs as well as tightly supporting your maturing business model with continuous modernization. Focus your continuous modernization on the key characteristics that drive business value.
      • Fit for purpose: Functionalities are designed and implemented for the purpose of satisfying the end user's needs and solving their problems.
      • User-centric: End users see the product as rewarding, engaging, intuitive, and emotionally satisfying. They want to come back to it.
      • Adaptable: The product can be quickly tailored to meet changing end-user and technology needs with reusable and customizable components.
      • Accessible: The product is available on demand and on the end user's preferred interface.
        End users have a seamless experience across all devices.
      • Private and secured: The end user's activity and data are protected from unauthorized access.
      • Informative and insightful: The product delivers consumable, accurate, and trustworthy real-time data that is important to the end user.
      • Seamless application connection: The product facilitates direct interactions with one or more other products through an uninterrupted user experience.
      • Relationship and network building: The product enables and promotes the connection and interaction of people.

      The Business Value cycle of continuous modernization.

      Signals

      DX is critical for business growth and maturity, but the organization may not be ready

      A good DX has become a key differentiator that gives organizations an advantage over their competition and peers. Shifts in working environments; employee, customer, and stakeholder expectations; and the advancements in modern technologies have raised the importance of adopting and transitioning to digital processes and tools to stay relevant and responsive to changing business and technology conditions.

      Applications teams are critical to ensuring the successful delivery and operation of these digital processes and tools. However, they are often under-resourced and challenged to meet their DX goals.

      • 7% of both business and IT respondents think IT has the resources needed to keep up with digital transformation initiatives and meet deadlines (Cyara, 2021).
      • 43% of respondents said that the core barrier to digital transformation is a lack of skilled resources (Creatio, 2021).
      A circle graph is shown with 91% of the circle coloured in dark blue, with the number 91% in the centre.

      of organizations stated that at least 1% of processes were shifted from being manually completed to digitally completed in the last year. 29% of organizations stated at least 21% were shifted.

      Source: Tech Trends and Priorities 2023; N=500.

      A circle graph is shown with 98% of the circle coloured in dark blue, with the number 98% in the centre.

      of organizations recognized digital transformation is important for competitive advantage. 94% stated it is important to enhance customer experience, and 91% stated it will have a positive impact on revenue.

      Source: Cyara, 2021.

      Drivers

      Brand and reputation

      Customers are swayed by the innovations and advancements in digital technologies and expect your applications team to deliver and support them. Your leaders recognize the importance of these expectations and are integrating them into their business strategy and brand (how the organization presents itself to its customers, employees and the public). They hope that their actions will improve and shape the company's reputation (public perception of the company) as effective, customer-focused, and forward-thinking.

      Worker productivity

      As you evolve and adopt more complex tools and technology, your stakeholders will expect more from business units and IT teams. Unfortunately, teams employing manual processes and legacy systems will struggle to meet these expectations. Digital products and services promote the simplification of complex operations and applications and help the business and your teams better align operational practices with strategic goals and deliver valuable DX.

      Organization modernization

      Legacy processes, systems, and ways of working are no longer suitable for meeting the strategic digital objectives and DX needs stakeholders expect. They drive up operational costs without increased benefits, impede business growth and innovation, and consume scarce budgets that could be used for other priorities. Shifting to digital tools and technologies will bring these challenges to light and demonstrate how modernization is an integral part of DX success.

      Benefits & Risks

      Benefits

      • Flexibility & Satisfaction
      • Adoption
      • Reliability

      Employees and customers can choose how they want to access, modify, and consume digital products and services. They can be tailored to meet the specific functional needs, behaviors, and habits of the end user.

      The customer, end user, brand, and employee drive selection, design, and delivery of digital products and services. Even the most advanced technologies will fail if key roles do not see the value in their use.

      Digital products and services are delivered with technical quality built into them, ensuring they meet the industry, regulatory, and company standards throughout their lifespan and in various conditions.

      Risks

      • Legacy & Lore
      • Bureaucracy & Politics
      • Process Inefficiencies
      • No Quality Standards

      Some stakeholders may not be willing to change due to their familiarity and comfort of business practices.

      Competing and conflicting priorities of strategic products and services undermine digital transformation and broader modernization efforts.

      Business processes are often burdened by wasteful activities. Digital products and services are only as valuable as the processes they support.

      The performance and support of your digital products and services are hampered due to unmanageable technical debt because of a deliberate decision to bypass or omit quality good practices.

      Address your pressure points to fully realize the benefits of this priority

      Success can be dependent on your ability to address your pressure points.

      Attracting and Retaining Talent

      Enhance the employee experience.

      Design the digital processes, tools, and technologies to meet the individual needs of the employee.

      Maximizing the Return on Technology

      Modernize or extend the use of existing investments.

      Drive higher adoption of applications and higher user value and productivity by implementing digital capabilities to the applications that will gain the most.

      Confidently Shifting to Digital

      Prioritize DX in your shift to digital. Include DX as part of your definition of success.

      Your products and services are not valuable if users, customers, and employees do not use them.

      Addressing Competing Priorities

      Ground your digital vision, goals, and objectives

      Establish clear ownership of DX and digital products and services with a cross-functional prioritization framework.

      Fostering a Collaborative Culture

      Involve all perspectives in defining and delivering DX.

      Maintain a committee of owners, stakeholders, and delivery teams to ensure consensus and discuss how to address cross-functional opportunities and risks.

      Creating High-Throughput Teams

      Establish delivery principles centered on DX.

      Enforce guiding principles to streamline and simplify DX delivery, such as plug-and-play architecture and quality standards.

      Recommendations

      Build a digital business strategy

      A digital business strategy clearly articulates the goals and ambitions of the business to adopt digital practices, tools, and technologies. This document:

      • Looks for ways to transform the business by identifying what technologies to embrace, what processes to automate, and what new business models to create.
      • Unifies digital possibilities with your customer experiences.
      • Establishes accountability with the executive leadership.
      • States the importance of cross-functional participation from senior management across the organization.

      Related Research:

      Learn, understand, and empathize with your users, employees, and customers

      • To create a better product, solution, or service, understanding those who use it, their needs, and their context is critical.
      • A great experience design practice can help you balance those goals so that they are in harmony with those of your users.
      • IT leaders must find ways to understand the needs of the business and develop empathy on a much deeper level. This empathy is the foundation for a thriving business partnership.

      Related Research:

      Recommendations

      Center product and service delivery decisions and activities on DX and quality

      User, customer, employee, and brand are integral perspectives on the software development lifecycle (SDLC) and the management and governance practices supporting digital products and services. It ensures quality standards and controls are consistently upheld while maintaining alignment with various needs and priorities. The goal is to come to a consensus on a universal definition and approach to embed quality and DX-thinking throughout the delivery process.

      Related Research:

      Instill collaborative delivery practices

      Today's rapidly scaling and increasingly complex digital products and services create mounting pressure on delivery teams to release new features and changes quickly and with sufficient quality. This pressure is further compounded by the competing priorities of individual stakeholders and the nuances among different personas of digital products and services.

      A collaborative delivery practice sets the activities, channels, and relationships needed to deliver a valuable and quality product or service with cross-functional awareness, accountability, and agreement.

      Related Research:

      Recommendations

      Continuously monitor and modernize your digital products and services

      Today's modern digital products and services are tomorrow's shelfware. They gradually lose their value, and the supporting technologies will become obsolete. Modernization is a continuous need.

      Data-driven insights help decision makers decide which products and services to retire, upgrade, retrain on, or maintain to meet the demands of the business.

      Enhancements focusing on critical business capabilities strengthen the case for investment and build trust with all stakeholders.

      Related Research:

      CASE STUDY
      Mastercard in Asia

      Focus on the customer journey

      Chief Marketing Officer M.V. Rajamannar (Raja) wanted to change Mastercard's iconic "Priceless" ad campaign (with the slogan "There are some things money can't buy. For everything else there's Mastercard."). The main reasons were that the campaign relied on one-way communication and targeted end customers, even though Mastercard doesn't issue cards directly to customers; partner banks do. To drive the change in campaign, Raja and his team created a digital engine that leveraged digital and social media. Digital engine is a seven-step process based on insights gleaned from data and real-time optimization.

      1. Emotional spark: Using data to understand customers' passion points, Mastercard builds videos and creatives to ignite an emotional spark and give customers a reason to engage. For example, weeks before New Year's Eve, Mastercard produced a video with Hugh Jackman to encourage customers to submit a story about someone who deeply mattered to them. The authors of the winning story would be flown to reunite with those both distant and dear.
      2. Engagement: Mastercard targets the right audience with a spark video through social media to encourage customers to share their stories.
      3. Offers: To help its partner banks and merchants in driving their business, the company identifies the best offers to match consumers' interests. In the above campaign, Mastercard's Asia-Pacific team found that Singapore was a favorite destination for Indian customers, so they partnered with Singapore's Resorts World Sentosa with an attractive offer.
      4. Real-time optimization: Mastercard optimizes, in real time, a portfolio of several offers through A/B testing and other analysis.
      5. Amplification: Real-time testing provides confidence to Mastercard about the potential success of these offers and encourages its bank and merchant partners to co-market and co-fund these campaigns.
      6. Network effects: A few weeks after consumers submitted their stories about distant loved ones, Mastercard selected winners, produced videos of them surprising their friends and families, and used these videos in social media to encourage sharing.
      7. Incremental transactions: These programs translate into incremental business for banks who issue cards, for merchants where customers spend money, and for Mastercard, which gets a portion of every transaction.

      Source: Harvard Business Review Press

      CASE STUDY
      Mastercard in Asia (cont'd)

      Focus on the customer journey

      1. Emotional Spark
        Drives genuine personal stories
      2. Engagement
        Through Facebook
        and social media
      3. Offers
        From merchants
        and Mastercard assets
      4. Optimization
        Real-time testing of offers and themes
      5. Amplification
        Paid and organic programmatic buying
      6. Network Effects
        Sharing and
        mass engagement
      7. Incremental Transactions
        Win-win for all parties

      CASE STUDY
      Mastercard in Asia (cont'd)

      The Mastercard case highlights important lessons on how to engage customers:

      • Have a broad message. Brands need to connect with consumers over how they live and spend their time. Organizations need to go beyond the brand or product message to become more relevant to consumers' lives. Dove soap was very successful in creating a conversation among consumers with its "Real Beauty" campaign, which focused not on the brand or even the product category, but on how women and society view beauty.
      • Shift from storytelling to story making. To break through the clutter of advertising, companies need to move from storytelling to story making. A broader message that is emotionally engaging allows for a two-way conversation.
      • Be consistent with the brand value. The brand needs to stand for something, and the content should be relevant to and consistent with the image of the brand. Pepsi announced an award of $20 million in grants to individuals, businesses, and nonprofits that promote a new idea to make a positive impact on community. A large number of submissions were about social causes that had nothing to do with Pepsi, and some, like reducing obesity, were in conflict with Pepsi's product.
      • Create engagement that drives business. Too much entertainment in ads may engage customers but detract from both communicating the brand message and increasing sales. Simply measuring the number of video views provides only a partial picture of a program's success.

      Intelligent Automation

      PRIORITY 2

      • Extend Automation Practices with AI and ML

      AI and ML are rapidly growing. Organizations see the value of machines intelligently executing high-performance and dynamic tasks such as driving cars and detecting fraud. Senior leaders see AI and ML as opportunities to extend their business process automation investments.

      Introduction

      Intelligent automation is the next step in your business process automation journey

      What is intelligent automation (IA)?

      Intelligent automation (IA) is the combination of traditional automation technologies, such as business process management (BPM) and robotic process automation (RPA), with AI and ML. The goal is to further streamline and scale decision making across various business processes by:

      • Removing human interactions.
      • Addressing decisions that involve complex variables.
      • Automatically adapting processes to changing conditions.
      • Bridging disparate automation technologies into an integrated end-to-end value delivery pipeline.

      "For IA to succeed, employees must be involved in the transformation journey so they can experience firsthand the benefits of a new way of working and creating business value," (Cognizant).

      What is the difference between IA and hyperautomation?

      "Hyperautomation is the act of automating everything in an organization that can be automated. The intent is to streamline processes across an organization using intelligent automation, which includes AI, RPA and other technologies, to run without human intervention. … Hyperautomation is a business-driven, disciplined approach that organizations use to rapidly identify, vet, and automate as many business and IT processes as possible" (IBM, 2021).

      Note that hyperautomation often enables IA, but teams solely adopting IA do not need to abide to its automation-first principles.

      IA is a combination of various tools and technologies

      What tools and technologies are involved in IA?

      • Artificial intelligence (AI) & Machine Learning (ML) – AI systems perform tasks mimicking human intelligence such as learning from experience and problem solving. AI is making its own decisions without human intervention. Machine learning systems learn from experience and without explicit instructions. They learn patterns from data then analyze and make predictions based on past behavior and the patterns learned. AI is a combination of technologies and can include machine learning.
      • Intelligent Business Process Management System (iBPMS) – Combination of BPM tools with AI and other intelligence capabilities.
      • Robotic Process Automation (RPA) – Robots leveraging an application's UI rather than programmatic access. Automate rules-based, repetitive tasks performed by human workers with AI/ML.
      • Process Mining & Discovery – Process mining involves reading system event logs and application transactions and applying algorithmic analysis to automatically identify and map inferred business processes. Process discovery involves unintrusive virtual agents that sit on a user's desktop and record and monitor how they interact with applications to perform tasks and processes. Algorithms are then used to map and analyze the processes.
      • Intelligent Document Processing – The conversion of physical or unstructured documents into a structured, digital format that can be used in automation solutions. Optical character recognition (OCR) and natural language processing (NPL) are common tools used to enable this capability.
      • Advanced Analytics – The gathering, synthesis, transformation, and delivery of insightful and consumable information that supports data-driven decision making. Data is queried from various disparate sources and can take on a variety of structured and unstructured formats.

      The cycle of IA technologies

      Signals

      Process automation is an executive priority and requires organizational buy-in

      Stakeholders recognize the importance of business process automation and AI and are looking for ways to deliver more value using these technologies.

      • 90% of executives stated automating business workflows post-COVID-19 will ensure business continuity (Kofax, 2022).
      • 88% of executives stated they need to fast-track their end-to-end digital transformation (Kofax, 2022).

      However, the advertised benefits to vendors of enabling these desired automations may not be easily achievable because of:

      • Manual and undocumented business processes.
      • Fragmented and inaccessible systems.
      • Poor data quality, insights, and security.
      • The lack of process governance and management practice.
      A circle graph is shown with 49% of the circle coloured in dark blue, with the number 49% in the centre.

      of CXOs stated staff sufficiency, skill and engagement issues as a minor IT pain point compared to 51% of CIOs stated this issue as a major pain point.

      Source: CEO-CIO Alignment Diagnostics, August 2021 to July 2022; n=568.

      A circle graph is shown with 36% of the circle coloured in dark blue, with the number 36% in the centre.

      of organizations have already invested in AI or machine learning.

      Source: Tech Trends and Priorities 2023; N=662

      Drivers

      Quality & throughput

      Products and services delivered through an undefined and manual process risk the creation of preventable and catchable defects, security flaws and holes, missing information, and other quality issues. IA solutions consistently reinforce quality standards the same way across all products and services while tailoring outputs to meet an individual's specific needs. Success is dependent on the accurate interpretation and application of quality standards and the user's expectations.

      Worker productivity

      IA removes the tedious, routine, and mundane tasks that distract and restrict employees from doing more valuable, impactful, and cognitively focused activities. Practical insights can also be generated through IA tools that help employees make data-driven decisions, evaluate problems from different angles, and improve the usability and value of the products and services they produce.

      Good process management practices

      Automation magnifies existing inefficiencies of a business process management practice, such as unclear and outdated process documentation and incorrect assumptions. IA reinforces the importance of good business process optimization practices, such as removing waste and inefficiencies in a thoughtful way, choosing the most appropriate automation solution, and configuring the process in the right way to maximize the solution's value.

      Benefits & Risks

      Benefits

      • Documentation
      • Hands-Off
      • Reusability

      All business processes must be mapped and documented to be automated, including business rules, data entities, applications, and control points.

      IA can be configured and orchestrated to automatically execute when certain business, process, or technology conditions are met in an unattended or attended manner.

      IA is applicable in use cases beyond traditional business processes, such as automated testing, quality control, audit, website scraping, integration platform, customer service, and data transfer.

      Risks

      • Data Quality & Bias
      • Ethics
      • Recovery & Security
      • Management

      The accuracy and relevance of the decisions IA makes are dependent on the overall quality of the data
      used to train it.

      Some decisions can have significant reputational, moral, and ethical impacts if made incorrectly.
      The question is whether it is appropriate for a non-human to make that decision.

      IA is composed of technologies that can be compromised or fail. Without the proper monitoring, controls,
      and recovery protocols, impacted IA will generate significant business and IT costs and can potentially harm customers, employees, and the organization.

      Low- and no-code capabilities ease and streamline IA development, which makes it susceptible to becoming unmanageable. Discipline is needed to ensure IA owners are aware of the size and health of the IA portfolio.

      Address your pressure points to fully realize the benefits of this priority

      Success can be dependent on your ability to address your pressure points.

      Attracting and Retaining Talent

      Be transparent and support role changes.

      Plan to address the human sentiment with automation (e.g. job security) and the transition of the role to other activities.

      Maximizing the Return on Technology

      Automate applications across multiple business functions.

      Recognize the value opportunities of improving and automating the integration of cross-functional processes.

      Confidently Shifting to Digital

      Maximize the learning of automation fit.

      Select the right capabilities to demonstrate the value of IA while using lessons learned to establish the appropriate support.

      Addressing Competing Priorities

      Recognize automation opportunities with capability maps.

      Use a capability diagram to align strategic IA objectives with tactical and technical IA initiatives.

      Fostering a Collaborative Culture

      Involve the user in the delivery process.

      Maximize automation adoption by ensuring the user finds value in its use before deployment.

      Creating High-Throughput Teams

      Remove manual, error-prone, and mundane tasks.

      Look for ways to improve team throughput by removing wasteful activities, enforcing quality, and automating away tasks driving down productivity.

      Recommendations

      Build your business process automation playbook and practice

      Formalize your business process automation practice with a good toolkit and a repeatable set of tactics and techniques.

      • Clarify the problem being solved with IA.
      • Optimate your processes. Apply good practices to first optimize (opti-) and then automate (-mate) key business processes.
      • Deliver minimum viable automations (MVAs). Maximize the learning of automation solutions and business operational changes through small, strategic automation use cases.

      Related Research:

      Explore the various IA tooling options

      Each IA tool will address a different problem. Which tool to choose is dependent on a variety of factors, such as functional suitability, technology suitability, delivery and support capabilities, alignment to strategic business goals, and the value it is designed to deliver.

      Related Research:

      Recommendations

      Introduce AI and ML thoughtfully and with a plan

      Despite the many promises of AI, organizations are struggling to fully realize its potential. The reasons boil down to a lack of understanding of when these technologies should and shouldn't be used, as well as a fear of the unknown. The plan to adopt AI should include:

      • Understanding of what AI really means in practice.
      • Identifying specific applications of AI in the business.
      • Understanding the type of AI applicable for the situation.

      Related Research:

      Mitigate AI and ML bias

      Biases can be introduced into an IA system at any stage of the development process, from the data you collect, to the way you collect it, to which algorithms are used and what assumptions were made. In most cases, AI and ML bias is a is a social, political, and business problem.

      While bias may not be intentional nor completely prevented or eliminated, early detection, good design, and other proactive preventative steps can be taken to minimize its scope and impact.

      Related Research:

      CASE STUDY
      University Hospitals

      Challenge

      University Hospitals Cleveland (UH) faces the same challenge that every major hospital confronts regarding how to deliver increasingly complex, high-quality healthcare to a diverse population efficiently and economically. In 2017, UH embarked on a value improvement program aiming to improve quality while saving $400 million over a five-year period.

      In emergency department (ED) and inpatient units, leaders found anticipating demand difficult, and consequently units were often over-staffed when demand was low and under-staffed when demand was high. Hospital leaders were uncertain about how to reallocate resources based on capacity needs.

      Solution

      UH turned to Hospital IQ's Census Solution to proactively manage capacity, staff, and flow in the ED and inpatient areas.

      By applying AI, ML, and external data (e.g. weather forecasts) to the hospital's own data (including EMR data and hospital policies), the solution helped UH make two-day census forecasts that managers used to determine whether to open or close in-patient beds and, when necessary, divert low-acuity patients to other hospitals in the system to handle predicted patient volume.

      Source: University Hospitals

      Results

      ED boarding hours have declined by 10% and the hospital has seen a 50% reduction in the number of patients who leave the hospital without
      being seen.

      UH also predicts in advance patients ready for discharge and identifies roadblocks, reducing the average length of stay by 15%. UH is able to better manage staff, reducing overtime and cutting overall labor costs.

      The hospital has also increased staff satisfaction and improved patient safety by closing specific units on weekends and increasing the number of rooms that can be sterilized.

      Proactive Application Management

      PRIORITY 3

      • Strengthen Applications to Prevent and Minimize the Impact of Future Issues

      Application management is often viewed as a support function rather than an enabler of business growth. Focus and investments are only placed on application management when it becomes a problem. The lack of governance and practice accountability leaves this practice in a chaotic state: politics take over, resources are not strategically allocated, and customers are frustrated. As a result, application management is often reactive and brushed aside for new development.

      Introduction

      What is application management?

      Application management ensures valuable software is successfully delivered and is maintained for continuous and sustainable business operations. It contains a repeatable set of activities needed to rationalize and roadmap products and services while balancing priorities of new features and maintenance tasks.

      Unfortunately, application management is commonly perceived as a practice that solely addresses issues, updates, and incidents. However, application management teams are also tasked with new value delivery that was not part of the original release.

      Why is an effective application maintenance (reactive) practice not good enough?

      Application maintenance is the "process of modifying a software system or its components after delivery to correct faults, improve performance or other attributes, or adapt to a changed environment or business process," (IEEE, 1998). While it is critical to quickly fix defects and issues when they occur, reactively addressing them is more expensive than discovering them early and employing the practices to prevent them.

      Even if an application is working well, its framework, architecture, and technology may not be compatible with the possible upcoming changes stakeholders and vendors may want to undertake. Applications may not be problems now, but they soon can be.

      What motivates proactive application changes?

      This image shows the motivations for proactive application changes, sorted by external and internal sources.

      Proactive application management must be disciplined and applied strategically

      Proactive application management practices are critical to maintaining business continuity. They require continuous review and modification so that applications are resilient and can address current and future scenarios. Depending on the value of the application, its criticality to business operations, and its susceptibility to technology change, a more proactive management approach may be warranted. Stakeholders can then better manage resources and budget according to the needs of specific products.

      Reactive Management

      Run-to-Failure

      Fix and enhance the product when it breaks. In most cases, a plan is in place ahead of a failure, so that the problem can be addressed without significant disruption and costs.

      Preventive

      Regularly inspect and optimize the product to reduce the likelihood that it will fail in the future. Schedule inspections based on a specific timeframe or usage threshold.

      Predictive

      Predict failures before they happen using performance and usage data to alert teams when products are at risk of failure according to specified conditions.

      Reliability and Risk Based

      Analyze all possible failure scenarios for each component of the product and create tailored delivery plans to improve the stability, reliability, and value of each product.

      Proactive Management

      Signals

      Applications begin to degrade as soon as they are used

      Today's applications are tomorrow's shelfware. They gradually lose their value, stability, robustness, and compatibility with other enterprise technologies. The longer these applications are left unattended or simply "keeping the lights on," the more risks they will bring to the application portfolio, such as:

      • Discovery and exploitation of security flaws and gaps.
      • Increasing the lock-in to specific vendor technologies.
      • Inconsistent application performance across various workloads.

      These impacts are further compounded by the continuous work done on a system burdened with technical debt. Technical debt describes the result of avoided costs that, over time, cause ongoing business impacts. Left unaddressed, technical debt can become an existential threat that risks your organization's ability to effectively compete and serve its customers. Unfortunately, most organizations have a significant, growing, unmanageable technical debt portfolio.

      A circle graph is shown with 60% of the circle coloured in dark green, with the number 60% in the centre.

      of respondents stated they saw an increase in perceived change in technical debt during the past three years. A quarter of respondents indicated that it stayed the same.

      Source: McKinsey Digital, 2020.

      US
      $4.35
      Million

      is the average cost of a data breach in 2022. This figure represents a 2.6% increase from last year. The average cost has climbed 12.7% since 2020.

      Source: IBM, 2022; N=537.

      Drivers

      Technical debt

      Historical decisions to meet business demands by deferring key quality, architectural, or other software delivery activities often lead to inefficient and incomplete code, fragile legacy systems, broken processes, data quality problems, and the other contributors to technical debt. The impacts for this challenge is further heightened if organizations are not actively refactoring and updating their applications behind the scenes. Proactive application management is intended to raise awareness of application fragility and prioritize comprehensive refactoring activities alongside new feature development.

      Long-term application value

      Applications are designed, developed, and tested against a specific set of parameters which may become less relevant over time as the business matures, technology changes, and user behaviors and interactions shift. Continuous monitoring of the application system, regular stakeholder and user feedback, and active technology trend research and vendor engagement will reveal tasks to prepare an application for future value opportunities or stability and resilience concerns.

      Security and resiliency

      Innovative approaches to infiltrating and compromising applications are becoming prevailing stakeholder concerns. The loopholes and gaps in existing application security protocols, control points, and end-user training are exploited to gain the trust of unsuspecting users and systems. Proactive application management enforces continuous security reviews to determine whether applications are at risk. The goal is to prevent an incident from happening by hardening or complementing measures already in place.

      Benefits & Risks

      Benefits

      • Consistent Performance
      • Robustness
      • Operating Costs

      Users expect the same level of performance and experience from their applications in all scenarios. A proactive approach ensures the configurations meet the current needs of users and dependent technologies.

      Proactively managed applications are resilient to the latest security concerns and upcoming trends.

      Continuous improvements to the underlying architecture, codebase, and interfaces can minimize the cost to maintain and operate the application, such as the transition to a loosely coupled architecture and the standardization of REST APIs.

      Risks

      • Stakeholder Buy-In
      • Delayed Feature Releases
      • Team Capacity
      • Discipline

      Stakeholders may not see the association between the application's value and its technical quality.

      Updates and enhancements are system changes much like any application function. Depending
      on the priority of these changes, new functions may be pushed off to a future release cycle.

      Applications teams require dedicated capacity to proactively manage applications, but they are often occupied meeting other stakeholder demands.

      Overinvesting in certain application management activities (such as refactoring, re-architecture, and redesign) can create more challenges. Knowing how much to do is important.

      Address your pressure points to fully realize the benefits of this priority

      Success can be dependent on your ability to address your pressure points.

      Attracting and Retaining Talent

      Shift focus from maintenance to innovation.

      Work on the most pressing and critical requests first, with a prioritization framework reflecting cross-functional priorities.

      Maximizing the Return on Technology

      Improve the reliability of mission-critical applications.

      Regularly verify and validate applications are up to date with the latest patches and fixes and comply with industry good practices and regulations.

      Confidently Shifting to Digital

      Prepare applications to support digital tools and technologies.

      Focus enhancements on the key components required to support the integration, performance, and security needs of digital.

      Addressing Competing Priorities

      Rationalize the health of the applications.

      Use data-driven, compelling insights to justify the direction and prioritization of applications initiatives.

      Fostering a Collaborative Culture

      Include the technical perspective in the viability of future applications plans.

      Demonstrate how poorly maintained applications impede the team's ability to deliver confidently and quickly.

      Creating High-Throughput Teams

      Simplify applications to ease delivery and maintenance.

      Refactor away application complexities and align the application portfolio to a common quality standard to reduce the effort to deliver and test changes.

      Recommendations

      Reinforce your application maintenance practice

      Maintenance is often viewed as a support function rather than an enabler of business growth. Focus and investments are only placed on maintenance when it becomes a problem.

      • Justify the necessity of streamlined maintenance.
      • Strengthen triaging and prioritization practices.
      • Establish and govern a repeatable process.

      Ensure product issues, incidents, defects, and change requests are promptly handled to minimize business and IT risks.

      Related Research:

      Build an application management practice

      Apply the appropriate management approaches to maintain business continuity and balance priorities and commitments among maintenance and new development requests.

      This practice serves as the foundation for creating exceptional customer experience by emphasizing cross-functional accountability for business value and product and service quality.

      Related Research:

      Recommendations

      Manage your technical debt

      Technical debt is a type of technical risk, which in turn is business risk. It's up to the business to decide whether to accept technical debt or mitigate it. Create a compelling argument to stakeholders as to why technical debt should be a business priority rather than just an IT one.

      • Define and identify your technical debt.
      • Conduct a business impact analysis.
      • Identify opportunities to better manage technical debt.

      Related Research:

      Gauge your application's health

      Application portfolio management is nearly impossible to perform without an honest and thorough understanding of your portfolio's alignment to business capabilities, business value, total cost of ownership, end-user reception and satisfaction, and technical health.

      Develop data-driven insights to help you decide which applications to retire, upgrade, retrain on, or maintain to meet the demands of the business.

      Related Research:

      Recommendations

      Adopt site reliability engineering (SRE) and DevOps practices

      Site reliability engineering (SRE) is an operational model for running online services more reliably by a team of dedicated reliability-focused engineers.

      DevOps, an operational philosophy promoting development and operations collaboration, can bring the critical insights to make application management practices through SRE more valuable.

      Related Research:

      CASE STUDY
      Government Agency

      Goal

      A government agency needed to implement a disciplined, sustainable application delivery, planning, and management process so their product delivery team could deliver features and changes faster with higher quality. The goal was to ensure change requests, fixes, and new features would relieve requester frustrations, reduce regression issues, and allow work to be done on agreeable and achievable priorities organization-wide. The new model needed to increase practice efficiency and visibility in order to better manage technical debt and focus on value-added solutions.

      Solution

      This organization recognized a number of key challenges that were inhibiting its team's ability to meet its goals:

      • The product backlog had become too long and unmanageable.
      • Delivery resources were not properly allocated to meet the skills and capabilities needed to successfully meet commitments.
      • Quality wasn't defined or enforced, which generated mounting technical debt.
      • There was a lack of clear metrics and defined roles and responsibilities.
      • The business had unrealistic and unachievable expectations.

      Source: Info-Tech Workshop

      Key practices implemented

      • Schedule quarterly business satisfaction surveys.
      • Structure and facilitate regular change advisory board meetings.
      • Define and enforce product quality standards.
      • Standardize a streamlined process with defined roles.
      • Configure management tools to better handle requests.

      Multisource Systems

      PRIORITY 4

      • Manage an Ecosystem Composed of In-House and Outsourced Systems

      Various market and company factors are motivating a review on resource and system sourcing strategies. The right sourcing model provides key skills, resources, and capabilities to meet innovation, time to market, financial, and quality goals of the business. However, organizations struggle with how best to support sourcing partners and to allocate the right number of resources to maximize success.

      Introduction

      A multisource system is an ecosystem of integrated internally and externally developed applications, data, and infrastructure. These technologies can be custom developed, heavily configured vendor solutions, or they may be commercial off-the-shelf (COTS) solutions. These systems can also be developed, supported, and managed by internal staff, in partnership with outsourced contractors, or be completely outsourced. Multisource systems should be configured and orchestrated in a way that maximizes the delivery of specific value drivers for the targeted audience.

      Successfully selecting a sourcing approach is not a simple RFP exercise to choose the lowest cost

      Defining and executing a sourcing approach can be a significant investment and risk because of the close interactions third-party services and partners will have with internal staff, enterprise applications and business capabilities. A careful selection and design is necessary.

      The selection of a sourcing partner is not simple. It involves the detailed inspection and examination of different candidates and matching their fit to the broader vision of the multisource system. In cases where control is critical, technology stack and resource sourcing consolidation to a few vendors and partners is preferred. In other cases, where worker productivity and system flexibility are highly prioritized, a plug-and-play best-of-breed approach is preferred.

      Typical factors involved in sourcing decisions.

      Sourcing needs to be driven by your department and system strategies

      How does the department want to be perceived?

      The image that your applications department and teams want to reflect is frequently dependent on the applications they deliver and support, the resources they are composed of, and the capabilities they provide.

      Therefore, choosing the right sourcing approach should be driven by understanding who the teams are and want to be (e.g. internal builder, an integrator, a plug-in player), what they can or want to do (e.g. custom-develop or implement), and what they can deliver or support (e.g. cloud or on-premises) must be established.

      What value is the system delivering?

      Well-integrated systems are the lifeblood of your organization. They provide the capabilities needed to deliver value to customers, employees, and stakeholders. However, underlying system components may not be sourced under a unified strategy, which can lead to duplicate vendor services and high operational costs.

      The right sourcing approach ensures your partners address key capabilities in your system's delivery and support, and that they are positioned to maximize the value of critical and high-impact components.

      Signals

      Business demand may outpace what vendors can support or offer

      Outsourcing and shifting to a buy-over-build applications strategy are common quick fixes to dealing with capacity and skills gaps. However, these quick fixes often become long-term implementations that are not accounted for in the sourcing selection process. Current application and resource sourcing strategies must be reviewed to ensure that vendor arrangements meet the current and upcoming demands and challenges of the business, customers, and enterprise technologies, such as:

      • Pressure from stakeholders to lower operating costs while maintaining or increasing quality and throughput.
      • Technology lock-in that addresses short-term needs but inhibits long-term growth and maturity.
      • Team capacity and talent acquisition not meeting the needs of the business.
      A circle graph is shown with 42% of the circle coloured in dark brown, with the number 42% in the centre.

      of respondents stated they outsourced software development fully or partly in the last 12 months (2021).

      Source: Coding Sans, 2021.

      A circle graph is shown with 65% of the circle coloured in dark brown, with the number 65% in the centre.

      of respondents stated they were at least somewhat satisfied with the result of outsourcing software development.

      Source: Coding Sans, 2021.

      Drivers

      Business-managed applications

      Employees are implementing and building applications without consulting, notifying, or heeding the advice of IT. IT is often ill-equipped and under-resourced to fight against shadow IT. Instead, organizations are shifting the mindset of "fight shadow IT" to "embrace business-managed applications," using good practices in managing multisource systems. A multisource approach strikes the right balance between user empowerment and centralized control with the solutions and architecture that can best enable it.

      Unique problems to solve

      Point solutions offer features to address unique use cases in uncommon technology environments. However, point solutions are often deployed in siloes with limited integration or overlap with other solutions. The right sourcing strategy accommodates the fragmented nature of point solutions into a broader enterprise system strategy, whether that be:

      • Multisource best of breed – integrate various technologies that provide subsets of the features needed for supporting business functions.
      • Multisource custom – integrate systems built in-house with technologies developed by external organizations.
      • Vendor add-ons and integrations – enhance an existing vendor's offering by using their system add-ons as upgrades, new add-ons, or integrations.

      Vendor services

      Some vendor services in a multisource environment may be redundant, conflicting, or incompatible. Given that multisource systems are regularly changing, it is difficult to identify what services are affected, what would be needed to fill the gap of the removed solution, or which redundant services should be removed.

      A multisource approach motivates the continuous rationalization of your vendor services and partners to determine the right mixture of in-house and outsourced resources, capabilities, and technologies.

      Benefits & Risks

      Benefits

      • Business-Focused Solution
      • Flexibility
      • Cost Optimization

      Multisource systems can be designed to support an employee's ability to select the tools they want and need.

      The environment is architected in a loosely coupled approach to allow applications to be easily added, removed, and modified with minimized impact to other integrated applications.

      Rather than investing in large solutions upfront, applications are adopted when they are needed and are removed when little value is gained. Disciplined application portfolio management is necessary to see the full value of this benefit.

      Risks

      • Manageable Sprawl
      • Policy Adherence
      • Integration & Compatibility

      The increased number and diversity of applications in multisource system environments can overwhelm system managers who do not have an effective application portfolio management practice.

      Fragmented application implementations risk inconsistent adherence to security and other quality policies, especially in situations where IT is not involved.

      Application integration can quickly become tangled, untraceable, and unmanageable because of varying team and vendor preferences for specific integration technologies and techniques.

      Address your pressure points to fully realize the benefits of this priority

      Success can be dependent on your ability to address your pressure points.

      Attracting and Retaining Talent

      Enable business-managed applications.

      Create the integrations to enable the easy connection of desired tools to enterprise systems with the appropriate guardrails.

      Maximizing the Return on Technology

      Enhance the functionality of existing applications.

      Complement current application capability gaps with data, features, and services from third-party applications.

      Confidently Shifting to Digital

      Use best-of-breed tools to meet specific digital needs.

      Select the best tools to meet the unique and special functional needs of the digital vision.

      Addressing Competing Priorities

      Agree on a common philosophy on system composition.

      Establish an owner of the multisource system to guide how the system should mature as the organization grows.

      Fostering a Collaborative Culture

      Discuss how applications can work together better in an ecosystem.

      Build committees to discuss how applications can better support each other and drive more value.

      Creating High-Throughput Teams

      Alleviate delivery bottlenecks and issues.

      Leverage third-party sources to fill skills and capacity gaps until a long-term solution can be implemented.

      Recommendations

      Define the goals of your applications department and product vision

      Understanding the applications team's purpose and image is critical in determining how the system they are managing and the skills and capacities they need should be sourced.

      Changing and conflicting definitions of value and goals make it challenging to convey an agreeable strategy of the multisource system. An achievable vision and practical tactics ensure all parties in the multisource system are moving in the same direction.

      Related Research:

      Develop a sourcing partner strategy

      Almost half of all sourcing initiatives do not realize projected savings, and the biggest reason is the choice of partner (Zhang et al., 2018). Making the wrong choice means inferior products, higher costs and the loss of both clients and reputation.

      Choosing the right sourcing partner involves understanding current skills and capacities, finding the right matching partner based on a desired profile, and managing a good working relationship that sees short-term gains and supports long-term goals.

      Related Research:

      Recommendations

      Strengthen enterprise integration practices

      Integration strategies that are focused solely on technology are likely to complicate rather than simplify because little consideration is given on how other systems and processes will be impacted. Enterprise integration needs to bring together business process, applications, and data – in that order.

      Kick-start the process of identifying opportunities for improvement by mapping how applications and data are coordinated to support business activities.

      Related Research:

      Manage your solution architecture and application portfolio

      Haphazardly implementing and integrating applications can generate significant security, performance, and data risks. A well-thought-through solution architecture is essential in laying the architecture quality principles and roadmap on how the multisource system can grow and evolve in a sustainable and maintainable way.

      Good application portfolio management complements the solution architecture as it indicates when low-value and unused applications should be removed to reduce system complexity.

      Related Research:

      Recommendations

      Embrace business-managed applications

      Multisource systems bring a unique opportunity to support the business and end users' desire to implement and develop their own applications. However, traditional models of managing applications may not accommodate the specific IT governance and management practices required to operate business-managed applications:

      • A collaborative and trusting business-IT relationship is key.
      • The role of IT must be reimagined.
      • Business must be accountable for its decisions.

      Related Research:

      CASE STUDY
      Cognizant

      Situation

      • Strives to be primarily an industry-aligned organization that delivers multiple service lines in multiple geographies.
      • Cognizant seeks to carefully consider client culture to create a one-team environment.
      • Value proposition is a consultative approach bringing thought leadership and mutually adding value to the relationship vs. the more traditional order-taker development partner.
      • Wants to share in solution development to facilitate shared successes. Geographic alignment drives knowledge of the client and their challenges, not just about time zone and supportability.
      • Offers one of the largest offshore capabilities in the world, supported by local and nearshore resources to drive local knowledge.
      • Today's clients don't typically want a black box, they are sophisticated and want transparency around the process and solution, to have a partner.
      • Clients do want to know where the work is being delivered from, how it's being done.

      Source: interview with Jay MacIsaac, Cognizant.

      Approach

      • Best relationship comes where teams operate as one.
      • Clients are seeking value, not a development black box.
      • Clients want to have a partner they can engage with, not just an order taker.
      • Want to build a one-team culture with shared goals and deliver business value.
      • Seek a partner that will add to their thinking not echo it.

      Results

      • Cognizant is continuing to deliver double-digit growth and continues to strive for top quartile performance.
      • Growth in the client base has seen the company grow to over 340,000 associates worldwide.

      Digital Organization as a Platform

      PRIORITY 5

      • Create a Common Digital Interface to Access All Products and Services

      A digital platform enables organizations to leverage a flexible, reliable, and scalable foundation to create a valuable DX, ease delivery and management efforts, maximize existing investments, and motivate the broader shift to digital. This approach provides a standard to architect, integrate, configure, and modernize the applications that compose the platform.

      Introduction

      What is digital organization as a platform (DOaaP)?

      Digital organization as a platform (DOaaP) is a collection of integrated digital services, products, applications, and infrastructure that is used as a vehicle to meet and exceed an organization's digital strategies. It often serves as an accessible "place for exchanges of information, goods, or services to occur between producers and consumers as well as the community that interacts
      with said platform" (Watts, 2020).

      DOaaP involves a strategy that paves the way for organizations to be digital. It helps organizations use their assets (e.g. data, processes, products, services) in the most effective ways and become more open to cooperative delivery, usage, and management. This opens opportunities for innovation and cross-department collaborations.

      How is DOaaP described?

      1. Open and Collaborative
        • Open organization: open data, open APIs, transparency, and user participation.
        • Collaboration, co-creation, crowdsourcing, and innovation
      2. Accessible and Connected
        • Digital inclusion
        • Channel ubiquity
        • Integrity and interoperability
        • Digital marketplace
      3. Digital and Programmable
        • Digital identity
        • Policies and processes as code
        • Digital products and services
        • Enabling digital platforms

      Digital organizations follow a common set of principles and practices

      Customer-centricity

      Digital organizations are driven by customer focus, meeting and exceeding customer expectations. It must design its services with a "digital first" principle, providing access through every expected channel and including seamless integration and interoperability with various departments, partners, and third-party services. It also means creating trust in its ability to provide secure services and to keep privacy and ethics as core pillars.

      Leadership, management, and strategies

      Digital leadership brings customer focus to the enterprise and its structures and organizes efficient networks and ecosystems. Accomplishing this means getting rid of silos and a siloed mentality and aligning on a digital vision to design policies and services that are efficient, cost-effective, and provide maximum benefit to the user. Asset sharing, co-creation, and being open and transparent become cornerstones of a digital organization.

      Infrastructure

      Providing digital services across demographics and geographies requires infrastructure, and that in turn requires long-term vision, smart investments, and partnerships with various source partners to create the necessary foundational infrastructure upon which to build digital services.

      Digitization and automation

      Automation and digitization of processes and services, as well as creating digital-first products, lead to increased efficiency and reach of the organization across demographics and geographies. Moreover, by taking a digital-first approach, digital organizations future-proof their services and demonstrate their commitment to stakeholders.

      Enabling platforms

      DOaaP embraces open standards, designing and developing organizational platforms and ecosystems with a cloud-first mindset and sound API strategies. Developer experience must also take center stage, providing the necessary tools and embracing Agile and DevOps practices and culture become prerequisites. Cybersecurity and privacy are central to the digital platform; hence they must be part of the design and development principles and practices.

      Signals

      The business expects support for digital products and services

      Digital transformation continues to be a high-priority initiative for many organizations, and they see DOaaP as an effective way to enable and exploit digital capabilities. However, DOaaP unleashes new strategies, opportunities, and challenges that are elusive or unfamiliar to business leaders. Barriers in current business operating models may limit DOaaP success, such as:

      • Department and functional silos
      • Dispersed, fragmented and poor-quality data
      • Ill-equipped and under-skilled resources to support DOaaP adoption
      • System fragmentation and redundancies
      • Inconsistent integration tactics employed across systems
      • Disjointed user experience leading to low engagement and adoption

      DOaaP is not just about technology, and it is not the sole responsibility of either IT or business. It is the collective responsibility of the organization.

      A circle graph is shown with 47% of the circle coloured in dark blue, with the number 47% in the centre.

      of organizations plan to unlock new value through digital. 50% of organizations are planning major transformation over the next three years.

      Source: Nash Squared, 2022.

      A circle graph is shown with 70% of the circle coloured in dark blue, with the number 70% in the centre.

      of organizations are undertaking digital expansion projects focused on scaling their business with technology. This result is up from 57% in 2021.

      Source: F5 Inc, 2022.

      Drivers

      Unified brand and experience

      Users should have the same experience and perception of a brand no matter what product or service they use. However, fragmented implementation of digital technologies and inconsistent application of design standards makes it difficult to meet this expectation. DOaaP embraces a single design and DX standard for all digital products and services, which creates a consistent perception of your organization's brand and reputation irrespective of what products and services are being used and how they are accessed.

      Accessibility

      Rapid advancement of end-user devices and changes to end-user behaviors and expectations often outpace an organization's ability to meet these requirements. This can make certain organization products and services difficult to find, access and leverage. DOaaP creates an intuitive and searchable interface to all products and services and enables the strategic combination of technologies to collectively deliver more value.

      Justification for modernization

      Many opportunities are left off the table when legacy systems are abstracted away rather than modernized. However, legacy systems may not justify the investment in modernization because their individual value is outweighed by the cost. A DOaaP initiative motivates decision makers to look at the entire system (i.e. modern and legacy) to determine which components need to be brought up to a minimum digital state. The conversation has now changed. Legacy systems should be modernized to increase the collective benefit of the entire DOaaP.

      Benefits & Risks

      Benefits

      • Look & Feel
      • User Adoption
      • Shift to Digital

      A single, modern, customizable interface enables a common look and feel no matter what and how the platform is being accessed.

      Organizations can motivate and encourage the adoption and use of all products and services through the platform and increase the adoption of underused technologies.

      DOaaP motivates and supports the modernization of data, processes, and systems to meet the goals and objectives outlined in the broader digital transformation strategy.

      Risks

      • Data Quality
      • System Stability
      • Ability to Modernize
      • Business Model Change

      Each system may have a different definition of commonly used entities (e.g. customer), which can cause data quality issues when information is shared among these systems.

      DOaaP can stress the performance of underlying systems due to the limitations of some systems to handle increased traffic.

      Some systems cannot be modernized due to cost constraints, business continuity risks, vendor lock-in, legacy and lore, or other blocking factors.

      Limited appetite to make the necessary changes to business operations in order to maximize the value of DOaaP technologies.

      Address your pressure points to fully realize the benefits of this priority

      Success can be dependent on your ability to address your pressure points.

      Attracting and Retaining Talent Promote and showcase achievements and successes. Share the valuable and innovative work of your teams across the organization and with the public.
      Maximizing the Return on Technology Increase visibility of underused applications. Promote the adoption and use of all products and services through the platform and use the lessons learned to justify removal, updates or modernizations.
      Confidently Shifting to Digital Bring all applications up to a common digital standard. Define the baseline digital state all applications, data, and processes must be in to maximize the value of the platform.
      Addressing Competing Priorities Map to a holistic platform vision, goals and objectives. Work with relevant stakeholders, teams and end users to agree on a common directive considering all impacted perspectives.
      Fostering a Collaborative Culture Ensure the platform is configured to meet the individual needs of the users. Tailor the interface and capabilities of the platform to address users' functional and personal concerns.
      Creating High-Throughput Teams Abstract the enterprise system to expedite delivery. Use the platform to standardize application system access to simplify platform changes and quicken development and testing.

      Recommendations

      Define your platform vision

      Organizations realize that a digital model is the way to provide more effective services to their customers and end users in a cost-effective, innovative, and engaging fashion. DOaaP is a way to help support this transition.

      However, various platform stakeholders will have different interpretations of and preferences for what this platform is intended to solve, what benefits it is supposed to deliver, and what capabilities it will deliver. A grounded vision is imperative to steer the roadmap and initiatives.

      Related Research:

      Assess and modernize your applications

      Certain applications may not sufficiently support the compatibility, flexibility, and efficiency requirements of DOaaP. While workaround technologies and tactics can be employed to overcome these application challenges, the full value of the DOaaP may not be realized.

      Reviewing the current state of the application portfolio will indicate the functional and value limitations of what DOaaP can provide and an indication of the scope of investment needed to bring applications up to a minimum state.

      Related Research:

      Recommendations

      Understand and evaluate end-user needs

      Technology has reached a point where it's no longer difficult for teams to build functional and valuable digital platforms. Rather, the difficulty lies in creating an interface and platform that people want to use and use frequently.

      While it is important to increase the access and promotion of all products and services, orchestrating and configuring them in a way to deliver a satisfying experience is even more important. Applications teams must first learn about and empathize with the needs of end users.

      Related Research:

      Architect your platform

      Formalizing and constructing DOaaP just for the sake of doing so often results in an initiative that is lengthy and costly and ends up being considered a failure.

      The build and optimization of the platform must be predicated on a thorough understanding of the DOaaP's goals, objectives, and priorities and the business capabilities and process they are meant to support and enable. The appropriate architecture and delivery practices can then be defined and employed.

      Related Research:

      CASE STUDY
      e-Estonia

      Situation

      The digital strategy of Estonia resulted in e-Estonia, with the vision of "creating a society with more transparency, trust, and efficiency." Estonia has addressed the challenge by creating structures, organizations, and a culture of innovation, and then using the speed and efficiency of digital infrastructure, apps, and services. This strategy can reduce or eliminate bureaucracy through transparency and automation.

      Estonia embarked on its journey to making digital a priority in 1994-1996, focusing on a committed investment in infrastructure and digital literacy. With that infrastructure in place, they started providing digital services like an e-banking service (1996), e-tax and mobile parking (2002), and then went full steam ahead with a digital information interoperability platform in 2001, digital identity in 2002, e-health in 2008, and e-prescription in 2010. The government is now strategizing for AI.

      Results

      This image contains the results of the e-Estonia case study results

      Source: e-Estonia

      Practices employed

      The e-Estonia digital government model serves as a reference for governments across the world; this is acknowledged by the various awards it has received, like #2 in "internet freedom," awarded by Freedom House in 2019; #1 on the "digital health index," awarded by the Bertelsmann Foundation in 2019; and #1 on "start-up friendliness," awarded by Index Venture in 2018.

      References

      "15th State of Agile Report." Digital.ai, 2021. Web.
      "2022 HR Trends Report." McLean & Company, 2022.
      "2022: State of Application Strategy Report." F5 Inc, 2022.
      "Are Executives Wearing Rose-Colored Glasses Around Digital Transformation?" Cyara, 2021. Web.
      "Cost of a Data Breach Report 2022." IBM, 2022. Web.
      Dalal, Vishal, et al. "Tech Debt: Reclaiming Tech Equity." McKinsey Digital, Oct. 2020. Web.
      "Differentiating Between Intelligent Automation and Hyperautomation." IBM, 15 October 2021. Web.
      "Digital Leadership Report 2021." Harvey Nash Group, 2021.
      "Digital Leadership Report 2022: The State of Digital." Nash Squared, 2022. Web.
      Gupta, Sunil. "Driving Digital Strategy: A Guide to Reimagining Your Business." Harvard Business Review Press, 2018. Web.
      Haff, Gordon. "State of Application Modernization Report 2022." Konveyor, 2022. Web.
      "IEEE Standard for Software Maintenance: IEEE Std 1219-1998." IEEE Standard for Software Maintenance, 1998. Accessed Dec. 2015.
      "Intelligent Automation." Cognizant, n.d. Web.
      "Kofax 2022: Intelligent Automation Benchmark Study". Kofax, 2021. Web.
      McCann, Leah. "Barco's Virtual Classroom at UCL: A Case Study for the Future of All University Classrooms?" rAVe, 2 July 2020, Web.
      "Proactive Staffing and Patient Prioritization to Decompress ED and Reduce Length of Stay." University Hospitals, 2018. Web.
      "Secrets of Successful Modernization." looksoftware, 2013. Web.
      "State of Software Development." Coding Sans, 2021. Web.
      "The State of Low-Code/No-Code." Creatio, 2021. Web.
      "We Have Built a Digital Society and We Can Show You How." e-Estonia. n.d. Web.
      Zanna. "The 5 Types of Experience Series (1): Brand Experience Is Your Compass." Accelerate in Experience, 9 February 2020. Web.
      Zhang, Y. et al. "Effects of Risks on the Performance of Business Process Outsourcing Projects: The Moderating Roles of Knowledge Management Capabilities." International Journal of Project Management, 2018, vol. 36 no. 4, 627-639.

      Research Contributors and Experts

      This is a picture of Chris Harrington

      Chris Harrington
      Chief Technology Officer
      Carolinas Telco Federal Credit Union

      Chris Harrington is Chief Technology Officer (CTO) of Carolinas Telco Federal Credit Union. Harrington is a proven leader with over 20 years of experience developing and leading information technology and cybersecurity strategies and teams in the financial industry space.

      This is a picture of Benjamin Palacio

      Benjamin Palacio
      Senior Information Technology Analyst County of Placer

      Benjamin Palacio has been working in the application development space since 2007 with a strong focus on system integrations. He has seamlessly integrated applications data across multiple states into a single reporting solution for management teams to evaluate, and he has codeveloped applications to manage billions in federal funding. He is also a CSAC-credentialed IT Executive (CA, USA).

      This is a picture of Scott Rutherford

      Scott Rutherford
      Executive Vice President, Technology
      LGM Financial Services Inc.

      Scott heads the Technology division of LGM Financial Services Inc., a leading provider of warranty and financing products to automotive OEMs and dealerships in Canada. His responsibilities include strategy and execution of data and analytics, applications, and technology operations.

      This is a picture of Robert Willatts

      Robert Willatts
      IT Manager, Enterprise Business Solutions and Project Services
      Town of Newmarket

      Robert is passionate about technology, innovation, and Smart City Initiatives. He makes customer satisfaction as the top priority in every one of his responsibilities and accountabilities as an IT manager, such as developing business applications, implementing and maintaining enterprise applications, and implementing technical solutions. Robert encourages communication, collaboration, and engagement as he leads and guides IT in the Town of Newmarket.

      This is a picture of Randeep Grewal

      Randeep Grewal
      Vice President, Enterprise Applications
      Red Hat

      Randeep has over 25 years of experience in enterprise applications, advanced analytics, enterprise data management, and consulting services, having worked at numerous blue-chip companies. In his most recent role, he is the Vice President of Enterprise Applications at Red Hat. Reporting to the CIO, he is responsible for Red Hat's core business applications with a focus on enterprise transformation, application architecture, engineering, and operational excellence. He previously led the evolution of Red Hat into a data-led company by maturing the enterprise data and analytics function to include data lake, streaming data, data governance, and operationalization of analytics for decision support.

      Prior to Red Hat, Randeep was the director of global services strategy at Lenovo, where he led the strategy using market data to grow Lenovo's services business by over $400 million in three years. Prior to Lenovo, Randeep was the director of advanced analytics at Alliance One and helped build an enterprise data and analytics function. His earlier work includes seven years at SAS, helping SAS become a leader in business analytics, and at KPMG consulting, where he managed services engagements at Fortune 100 companies.

      Data security consultancy

      Data security consultancy

      Based on experience
      Implementable advice
      human-based and people-oriented

      Data security consultancy makes up one of Tymans Group’s areas of expertise as a corporate consultancy firm. We are happy to offer our insights and solutions regarding data security and risk to businesses, both through online and offline channels. Read on and discover how our consultancy company can help you set up practical data security management solutions within your firm.

      How our data security consultancy services can help your company

      Data security management should be an important aspect of your business. As a data security consultancy firm, Tymans Group is happy to assist your small or medium-sized enterprise with setting up clear protocols to keep your data safe. As such, we can advise on various aspects comprising data security management. This ranges from choosing a fit-for-purpose data architecture to introducing IT incident management guidelines. Moreover, we can perform an external IT audit to discover which aspects of your company’s data security are vulnerable and which could be improved upon.

      Security and risk management

      Our security and risk services

      Security strategy

      Security Strategy

      Embed security thinking through aligning your security strategy to business goals and values

      Read more

      Disaster Recovery Planning

      Disaster Recovery Planning

      Create a disaster recovey plan that is right for your company

      Read more

      Risk Management

      Risk Management

      Build your right-sized IT Risk Management Program

      Read more

      Check out all our services

      Discover our practical data security management solutions

      Data security is just one aspect with which our consultancy firm can assist your company. Tymans Group offers its extensive expertise in various corporate management domains, such as quality management and risk management. Our solutions all stem from our vast expertise and have proven their effectiveness. Moreover, when you choose to employ our consultancy firm for your data security management, you benefit from a holistic, people-oriented approach.

      Set up an appointment with our experts

      Do you wish to learn more about our data security management solutions and services for your company? We are happy to analyze any issues you may be facing and offer you a practical solution if you contact us for an appointment. You can book a one-hour online talk or elect for an on-site appointment with our experts. Contact us to set up your appointment now.

      Register to read more …

      Go the Extra Mile With Blockchain

      • Buy Link or Shortcode: {j2store}130|cart{/j2store}
      • member rating overall impact: N/A
      • member rating average dollars saved: N/A
      • member rating average days saved: N/A
      • Parent Category Name: Data Management
      • Parent Category Link: /data-management
      • The transportation and logistics industry is facing a set of inherent flaws, such as high processing fees, fraudulent information, and lack of transparency, that blockchain is set to transform and alleviate.
      • Many companies have FOMO (fear of missing out), causing them to rush toward blockchain adoption without first identifying the optimal use case.

      Our Advice

      Critical Insight

      • Understand how blockchain can alleviate your pain points before rushing to adopt the technology. You have been hearing about blockchain for some time now and are feeling pressured to adopt it. Moreover, the series of issues hindering the transportation and logistics industry, such as the lack of transparency, poor cash flow management, and high processing fees, are frustrating business leaders and thereby adding additional pressure on CIOs to adopt the technology. While blockchain is complex, you should focus on its key features of transparency, integrity, efficiency, and security to identify how it can help your organization.
      • Ensure your use case is actually useful and can be valuable to your organization by selecting a business idea that is viable, feasible, and desirable. Applying design thinking tactics to your evaluation process provides a practical approach that will help you avoid wasting resources (both time and money) and hurting IT’s image in the eyes of the business. While it is easy to get excited and invest in a new technology to help maintain your image as a thought leader, you must ensure that your use case is fully developed prior to doing so.

      Impact and Result

      • Understand blockchain’s transformative potential for the transportation and logistics industry by breaking down how its key benefits can alleviate inherent industry flaws.
      • Identify business processes and stakeholders that could benefit from blockchain.
      • Build and evaluate an inventory of use cases to determine where blockchain could have the greatest impact on your organization.
      • Articulate the value and organizational fit of your proposed use case to the business to gain their buy-in and support.

      Go the Extra Mile With Blockchain Research & Tools

      Start here – read the Executive Brief

      Read our concise Executive Brief to find out why your organization should care about blockchain’s transformative potential for the transportation and logistics industry and how Info-Tech will support you as you identify and build your blockchain use case.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Evaluate why blockchain can disrupt the transportation and logistics industry

      Analyze the four key benefits of blockchain as they relate to the transportation and logistics industry to understand how the technology can resolve issues being experienced by industry incumbents.

      • Go the Extra Mile With Blockchain – Phase 1: Evaluate Why Blockchain Can Disrupt the Transportation and Logistics Industry
      • Blockchain Glossary

      2. Build and evaluate an inventory of use cases

      Brainstorm a set of blockchain use cases for your organization and apply design thinking tactics to evaluate and select the optimal one to pitch to your executives for prototyping.

      • Go the Extra Mile With Blockchain – Phase 2: Build and Evaluate an Inventory of Use Cases
      • Blockchain Use Case Evaluation Tool
      • Prototype One Pager
      [infographic]

      Prepare for Post-Quantum Cryptography

      • Buy Link or Shortcode: {j2store}268|cart{/j2store}
      • member rating overall impact: N/A
      • member rating average dollars saved: N/A
      • member rating average days saved: N/A
      • Parent Category Name: Security Processes & Operations
      • Parent Category Link: /security-processes-and-operations
      • Fault-tolerant quantum computers, capable of breaking existing encryption algorithms and cryptographic systems, are widely expected to be available sooner than originally projected.
      • Data considered secure today may already be at risk due to the threat of harvest-now-decrypt-later schemes.
      • Many current security controls will be completely useless, including today's strongest encryption techniques.

      Our Advice

      Critical Insight

      The advent of quantum computing is closer than you think: some nations have already demonstrated capability with the potential to break current asymmetric-key encryption. Traditional encryption methods will no longer provide sufficient protection. You need to act now to begin your transformation to quantum-resistant encryption.

      Impact and Result

      • Developing quantum-resistant cryptography capabilities is crucial to maintaining data security and integrity for critical applications.
      • Organizations need to act now to begin their transformation to quantum-resistant encryption.
      • Data security (especially for sensitive data) should be an organization’s top priority. Organizations with particularly critical information need to be on top of this quantum movement.

      Prepare for Post-Quantum Cryptography Research & Tools

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Prepare for Post-Quantum Cryptography Storyboard – Research to help organizations to prepare and implement quantum-resistance cryptography solutions.

      Developing quantum-resistant cryptography capabilities is crucial to maintaining data security and integrity for critical applications. Organizations need to act now to begin their transformation to quantum-resistant encryption.

      • Prepare for Post-Quantum Cryptography Storyboard
      [infographic]

      Further reading

      Prepare for Post-Quantum Cryptography

      It is closer than you think, and you need to act now.

      Analyst Perspective

      It is closer than you think, and you need to act now.

      The quantum realm presents itself as a peculiar and captivating domain, shedding light on enigmas within our world while pushing the boundaries of computational capabilities. The widespread availability of quantum computers is expected to occur sooner than anticipated. This emerging technology holds the potential to tackle valuable problems that even the most powerful classical supercomputers will never be able to solve. Quantum computers possess the ability to operate millions of times faster than their current counterparts.

      As we venture further into the era of quantum mechanics, organizations relying on encryption must contemplate a future where these methods no longer suffice as effective safeguards. The astounding speed and power of quantum machines have the potential to render many existing security measures utterly ineffective, including the most robust encryption techniques used today. To illustrate, a task that currently takes ten years to crack through a brute force attack could be accomplished by a quantum computer in under five minutes.

      Amid this transition into a quantum future, the utmost priority for organizations remains data security, particularly safeguarding sensitive information. Organizations must proactively prepare for the development of countermeasures and essential resilience measures to attain a state of being "quantum safe."

      This is a picture of Alan Tang

      Alan Tang
      Principal Research Director, Security and Privacy
      Info-Tech Research Group

      Executive Summary

      Your Challenge

      • Anticipated advancements in fault-tolerant quantum computers, surpassing existing encryption algorithms and cryptographic systems, are expected to materialize sooner than previously projected. The timeframe for their availability is diminishing daily.
      • Data that is presently deemed secure faces potential vulnerability due to the emergence of harvest-now-decrypt-later strategies.
      • Numerous contemporary security controls, including the most robust encryption techniques, have become obsolete and offer little efficacy.

      Common Obstacles

      • The complexity involved makes it challenging for organizations to incorporate quantum-resistant cryptography into their current IT infrastructure.
      • The endeavor of transitioning to quantum-resilient cryptography demands significant effort and time, with the specific requirements varying for each organization.
      • A lack of comprehensive understanding regarding the cryptographic technologies employed in existing IT systems poses difficulties in identifying and prioritizing systems for upgrading to post-quantum cryptography.

      Info-Tech's Approach

      • The development of quantum-resistant cryptography capabilities is essential for safeguarding the security and integrity of critical applications.
      • Organizations must proactively initiate their transition toward quantum-resistant encryption to ensure data protection.
      • Ensuring the security of corporate data assets should be of utmost importance for organizations, with special emphasis on those possessing highly critical information in light of the advancements in quantum technology.

      Info-Tech Insight

      The advent of quantum computing (QC) is closer than you think: some nations have demonstrated capability with the potential to break current asymmetric-key encryption. Traditional encryption methods will no longer be sufficient as a means of protection. You need to act now to begin your transformation to quantum-resistant encryption.

      Evolvement of QC theory and technologies

      1900-1975

      1976-1997

      1998-2018

      2019-Now

      1. 1900: Max Planck – The energy of a particle is proportional to its frequency: E = hv, where h is a relational constant.
      2. 1926: Erwin Schrödinger – Since electrons can affect each other's states, their energies change in both time and space. The total energy of a particle is expressed as a probability function.
      1. 1976: Physicist Roman Stanisław Ingarden publishes the paper "Quantum Information Theory."
      2. 1980: Paul Benioff describes the first quantum mechanical model of a computer.
      3. 1994: Peter Shor publishes Shor's algorithm.
      1. 1998: A working 2-qubit NMR quantum computer is used to solve Deutsch's problem by Jonathan A. Jones and Michele Mosca at Oxford University.
      2. 2003: DARPA Quantum Network becomes fully operational.
      3. 2011: D-Wave claims to have developed the first commercially available quantum computer, D-Wave One.
      4. 2018: the National Quantum Initiative Act was signed into law by President Donald Trump.
      1. 2019: A paper by Google's quantum computer research team was briefly available, claiming the project has reached quantum supremacy.
      2. 2020: Chinese researchers claim to have achieved quantum supremacy, using a photonic peak 76-qubit system known as Jiuzhang.
      3. 2021: Chinese researchers reported that they have built the world's largest integrated quantum communication network.
      4. 2022: The Quantinuum System Model H1-2 doubled its performance claiming to be the first commercial quantum computer to pass quantum volume 4096.

      Info-Tech Insight

      The advent of QC will significantly change our perception of computing and have a crucial impact on the way we protect our digital economy using encryption. The technology's applicability is no longer a theory but a reality to be understood, strategized about, and planned for.

      Fundamental physical principles and business use cases

      Unlike conventional computers that rely on bits, quantum computers use quantum bits or qubits. QC technology surpasses the limitations of current processing powers. By leveraging the properties of superposition, interference, and entanglement, quantum computers have the capacity to simultaneously process millions of operations, thereby surpassing the capabilities of today's most advanced supercomputers.

      A 2021 Hyperion Research survey of over 400 key decision makers in North America, Europe, South Korea, and Japan showed nearly 70% of companies have some form of in-house QC program.

      Three fundamental QC physical principles

      1. Superposition
      2. Interference
      3. Entanglement

      This is an image of two headings, Optimization; and Simulation. there are five points under each heading, with an arrow above pointing left to right, labeled Qbit Count.

      Info-Tech Insight

      Organizations need to reap the substantial benefits of QC's power, while simultaneously shielding against the same technologies when used by cyber adversaries.

      Percentage of Surveyed Companies That Have QC Programs

      • 31% Have some form of in-house QC program
      • 69% Have no QC program

      Early adopters and business value

      QC early adopters see the promise of QC for a wide range of computational workloads, including machine learning applications, finance-oriented optimization, and logistics/supply chain management.

      This is an image of the Early Adopters, and the business value drivers.

      Info-Tech Insight

      Experienced attackers are likely to be the early adopters of quantum-enabled cryptographic solutions, harnessing the power of QC to exploit vulnerabilities in today's encryption methods. The risks are particularly high for industries that rely on critical infrastructure.

      The need of quantum-safe solution is immediate

      Critical components of classical cryptography will be at risk, potentially leading to the exposure of confidential and sensitive information to the general public. Business, technology, and security leaders are confronted with an immediate imperative to formulate a quantum-safe strategy and establish a roadmap without delay.

      Case Study – Google, 2019

      In 2019, Google claimed that "Our Sycamore processor takes about 200 seconds to sample one instance of a quantum circuit a million times—our benchmarks currently indicate that the equivalent task for a state-of-the-art classical supercomputer would take approximately 10,000 years."
      Source: Nature, 2019

      Why You Should Start Preparation Now

      • The complexity with integrating QC technology into existing IT infrastructure.
      • The effort to upgrade to quantum-resilient cryptography will be significant.
      • The amount of time remaining will decrease every day.

      Case Study – Development in China, 2020

      On December 3, 2020, a team of Chinese researchers claim to have achieved quantum supremacy, using a photonic peak 76-qubit system (43 average) known as Jiuzhang, which performed calculations at 100 trillion times the speed of classical supercomputers.
      Source: science.org, 2020

      Info-Tech Insight

      The emergence of QC brings forth cybersecurity threats. It is an opportunity to regroup, reassess, and revamp our approaches to cybersecurity.

      Security threats posed by QC

      Quantum computers have reached a level of advancement where even highly intricate calculations, such as factoring large numbers into their primes, which serve as the foundation for RSA encryption and other algorithms, can be solved within minutes.

      Threat to data confidentiality

      QC could lead to unauthorized decryption of confidential data in the future. Data confidentiality breaches also impact improperly disposed encrypted storage media.

      Threat to authentication protocols and digital governance

      A recovered private key, which is derived from a public key, can be used through remote control to fraudulently authenticate a critical system.

      Threat to data integrity

      Cybercriminals can use QC technology to recover private keys and manipulate digital documents and their digital signatures.

      Example:

      Consider RSA-2048, a widely used public-key cryptosystem that facilitates secure data transmission. In a 2021 survey, a majority of leading authorities believed that RSA-2048 could be cracked by quantum computers within a mere 24 hours.
      Source: Quantum-Readiness Working Group, 2022

      Info-Tech Insight

      The development of quantum-safe cryptography capabilities is of utmost importance in ensuring the security and integrity of critical applications' data.

      US Quantum Computing Cybersecurity Preparedness Act

      The US Congress considers cryptography essential for the national security of the US and the functioning of the US economy. The Quantum Computing Cybersecurity Preparedness Act was introduced on April 18, 2022, and became a public law (No: 117-260) on December 21, 2022.

      Purpose

      The purpose of this Act is to encourage the migration of Federal Government information technology systems to quantum-resistant cryptography, and for other purposes.

      Scope and Exemption

      • Scope: Systems of government agencies.
      • Exemption: This Act shall not apply to any national security system.

      Main Obligations

      Responsibilities

      		Requirements
      Inventory Establishment Not later than 180 days after the date of enactment of this Act, the Director of OMB, shall issue guidance on the migration of information technology to post-quantum cryptography.
      Agency Reports "Not later than 1 year after the date of enactment of this Act, and on an ongoing basis thereafter, the head of each agency shall provide to the Director of OMB, the Director of CISA, and the National Cyber Director— (1) the inventory described in subsection (a)(1); and (2) any other information required to be reported under subsection (a)(1)(C)."
      Migration and Assessment "Not later than 1 year after the date on which the Director of NIST has issued post-quantum cryptography standards, the Director of OMB shall issue guidance requiring each agency to— (1) prioritize information technology described under subsection (a)(2)(A) for migration to post-quantum cryptography; and (2) develop a plan to migrate information technology of the agency to post-quantum cryptography consistent with the prioritization under paragraph (1)."

      "It is the sense of Congress that (1) a strategy for the migration of information technology of the Federal Government to post-quantum cryptography is needed; and (2) the government wide and industry-wide approach to post- quantum cryptography should prioritize developing applications, hardware intellectual property, and software that can be easily updated to support cryptographic agility." – Quantum Computing Cybersecurity Preparedness Act

      The development of post-quantum encryption

      Since 2016, the National Institute of Standards and Technology (NIST) has been actively engaged in the development of post-quantum encryption standards. The objective is to identify and establish standardized cryptographic algorithms that can withstand attacks from quantum computers.

      NIST QC Initiative Key Milestones

      Date Development
      Dec. 20, 2016 Round 1 call for proposals: Announcing request for nominations for public-key post-quantum cryptographic algorithms
      Nov. 30, 2017 Deadline for submissions – 82 submissions received
      Dec. 21, 2017 Round 1 algorithms announced (69 submissions accepted as "complete and proper")
      Jan. 30, 2019 Second round candidates announced (26 algorithms)

      July 22, 2020

      		Third round candidates announced (7 finalists and 8 alternates)

      July 5, 2022

      		Announcement of candidates to be standardized and fourth round candidates
      2022/2024 (Plan) Draft standards available

      Four Selected Candidates to be Standardized

      CRYSTALS – Kyber

      CRYSTALS – Dilithium

      FALCON

      SPHINCS+

      NIST recommends two primary algorithms to be implemented for most use cases: CRYSTALS-KYBER (key-establishment) and CRYSTALS-Dilithium (digital signatures). In addition, the signature schemes FALCON and SPHINCS+ will also be standardized.

      Info-Tech Insight

      There is no need to wait for formal NIST PQC standards selection to begin your post-quantum mitigation project. It is advisable to undertake the necessary steps and allocate resources in phases that can be accomplished prior to the finalization of the standards.

      Prepare for post-quantum cryptography

      The advent of QC is closer than you think: some nations have demonstrated capability with the potential to break current asymmetric-key encryption. Traditional encryption methods will no longer be sufficient as a means of protection. You need to act now to begin your transformation to quantum-resistant encryption.

      This is an infographic showing the three steps: Threat is Imminent; Risks are Profound; and Take Acton Now.

      Insight summary

      Overarching Insight

      The advent of QC is closer than you think as some nations have demonstrated capability with the potential to break current asymmetric-key encryption. Traditional encryption methods will no longer be sufficient as a means of protection. You need to act now to begin your transformation to quantum-resistant encryption.

      Business Impact Is High

      The advent of QC will significantly change our perception of computing and have a crucial impact on the way we protect our digital economy using encryption. The technology's applicability is no longer a theory but a reality to be understood, strategized about, and planned for.

      It's a Collaborative Effort

      Embedding quantum resistance into systems during the process of modernization requires collaboration beyond the scope of a Chief Information Security Officer (CISO) alone. It is a strategic endeavor shaped by leaders throughout the organization, as well as external partners. This comprehensive approach involves the collective input and collaboration of stakeholders from various areas of expertise within and outside the organization.

      Leverage Industry Standards

      There is no need to wait for formal NIST PQC standards selection to begin your post-quantum mitigation project. It is advisable to undertake the necessary steps and allocate resources in phases that can be accomplished prior to the finalization of the standards.

      Take a Holistic Approach

      The advent of QC poses threats to cybersecurity. It's a time to regroup, reassess, and revamp.

      Blueprint benefits

      IT Benefits

      Business Benefits

      • This blueprint will help organizations to discover and then prioritize the systems to be upgraded to post-quantum cryptography.
      • This blueprint will enable organizations to integrate quantum-resistant cryptography into existing IT infrastructure.
      • Developing quantum-resistant cryptography capabilities is crucial to maintaining data security and integrity for critical applications.
      • This blueprint will help organizations to save effort and time needed upgrade to quantum-resilient cryptography.
      • Organizations will reap the substantial benefits of QC's power, while simultaneously shielding against the same technologies when used by cyber adversaries.
      • Avoid reputation and brand image by preventing data breach and leakage.
      • This blueprint will empower organizations to protect corporate data assets in the post-quantum era.
      • Be compliant with various security and privacy laws and regulations.

      Info-Tech Project Value

      Time, value, and resources saved to obtain buy-in from senior leadership team using our research material:

      1 FTEs*10 days*$100,000/year = $6,000

      Time, value, and resources saved to implement quantum-resistant cryptography using our research guidance:

      2 FTEs* 30 days*$100,000/year = $24,000

      Estimated cost and time savings from this blueprint:

      $6,000 + $24,000 =$30,000

      Get prepared for a post-quantum world

      The advent of sufficiently powerful quantum computers poses a risk of compromising or weakening traditional forms of asymmetric and symmetric cryptography. To safeguard data security and integrity for critical applications, it is imperative to undertake substantial efforts in migrating an organization's cryptographic systems to post-quantum encryption. The development of quantum-safe cryptography capabilities is crucial in this regard.

      Phase 1 - Prepare

      • Obtain buy-in from leadership team.
      • Educate your workforce about the upcoming transition.
      • Create defined projects to reduce risks and improve crypto-agility.

      Phase 2 - Discover

      • Determine the extent of your exposed data, systems, and applications.
      • Establish an inventory of classical cryptographic use cases.

      Phase 3 - Assess

      • Assess the security and data protection risks posed by QC.
      • Assess the readiness of transforming existing classical cryptography to quantum-resilience solutions.

      Phase 4 - Prioritize

      • Prioritize transformation plan based on criteria such as business impact, near-term technical feasibility, and effort, etc.
      • Establish a roadmap.

      Phase 5 - Mitigate

      • Implement post-quantum mitigations.
      • Decommissioning old technology that will become unsupported upon publication of the new standard.
      • Validating and testing products that incorporate the new standard.

      Phase 1 – Prepare: Protect data assets in the post-quantum era

      The rise of sufficiently powerful quantum computers has the potential to compromise or weaken conventional asymmetric and symmetric cryptography methods. In anticipation of a quantum-safe future, it is essential to prioritize crypto-agility. Consequently, organizations should undertake specific tasks both presently and in the future to adequately prepare for forthcoming quantum threats and the accompanying transformations.

      Quantum-resistance preparations must address two different needs:

      Reinforce digital transformation initiatives

      To thrive in the digital landscape, organizations must strengthen their digital transformation initiatives by embracing emerging technologies and novel business practices. The transition to quantum-safe encryption presents a unique opportunity for transformation, allowing the integration of these capabilities to evolve business transactions and relationships in innovative ways.

      Protect data assets in the post-quantum era

      Organizations should prioritize supporting remediation efforts aimed at ensuring the quantum safety of existing data assets and services. The implementation of crypto-agility enables organizations to respond promptly to cryptographic vulnerabilities and adapt to future changes in cryptographic standards. This proactive approach is crucial, as the need for quantum-safe measures existed even before the complexities posed by QC emerged.

      Preparation for the post-quantum world has been recommended by the US government and other national bodies since 2016.

      In 2016, NIST, the National Security Agency (NSA), and Central Security Service stated in their Commercial National Security Algorithm Suite and QC FAQ: "NSA believes the time is now right [to start preparing for the post-quantum world] — consistent with advances in quantum computing."
      Source: Cloud Security Alliance, 2021

      Phase 1 – Prepare: Key tasks

      Preparing for quantum-resistant cryptography goes beyond simply acquiring knowledge and conducting experiments in QC. It is vital for senior management to receive comprehensive guidance on the challenges, risks, and potential mitigations associated with the post-quantum landscape. Quantum and post-quantum education should be tailored to individuals based on their specific roles and the impact of post-quantum mitigations on their responsibilities. This customized approach ensures that individuals are equipped with the necessary knowledge and skills relevant to their respective roles.

      Leadership Buy-In

      • Get senior management commitment to post-quantum project.
      • Determine the extent of exposed data, systems, and applications.
      • Identify near-term, achievable cryptographic maturity goals, creating defined projects to reduce risks and improve crypto-agility.

      Roles and Responsibilities

      • The ownership should be clearly defined regarding the quantum-resistant cryptography program.
      • This should be a cross-functional team within which members represent various business units.

      Awareness and Education

      • Senior management needs to understand the strategic threat to the organization and needs to adequately address the cybersecurity risk in a timely fashion.
      • Educate your workforce about the upcoming transition. All training and education should seek to achieve awareness of the following items with the appropriate stakeholders.

      Info-Tech Insight

      Embedding quantum resistance into systems during the process of modernization requires collaboration beyond the scope of a CISO alone. It is a strategic endeavor shaped by leaders throughout the organization, as well as external partners. This comprehensive approach involves the collective input and collaboration of stakeholders from various areas of expertise within and outside the organization.

      Phase 2 – Discover: Establish a data protection inventory

      During the discovery phase, it is crucial to locate and identify any critical data and devices that may require post-quantum protection. This step enables organizations to understand the algorithms in use and their specific locations. By conducting this thorough assessment, organizations gain valuable insights into their existing infrastructure and cryptographic systems, facilitating the implementation of appropriate post-quantum security measures.

      Inventory Core Components

      1. Description of devices and/or data
      2. Location of all sensitive data and devices
      3. Criticality of the data
      4. How long the data or devices need to be protected
      5. Effective cryptography in use and cryptographic type
      6. Data protection systems currently in place
      7. Current key size and maximum key size
      8. Vendor support timeline
      9. Post-quantum protection readiness

      Key Things to Consider

      • The accuracy and thoroughness of the discovery phase are critical factors that contribute to the success of a post-quantum project.
      • It is advisable to conduct this discovery phase comprehensively across all aspects, not solely limited to public-key algorithms.
      • Performing a data protection inventory can be a time-consuming and challenging phase of the project. Breaking it down into smaller subtasks can help facilitate the process.
      • Identifying all information can be particularly challenging since data is typically scattered throughout an organization. One approach to begin this identification process is by determining the inputs and outputs of data for each department and team within the organization.
      • To ensure accountability and effectiveness, it is recommended to assign a designated individual as the ultimate owner of the data protection inventory task. This person should have the necessary responsibilities and authority to successfully accomplish the task.

      Phase 3 – Assess: The workflow

      Quantum risk assessment entails evaluating the potential consequences of QC on existing security measures and devising strategies to mitigate these risks. This process involves analyzing the susceptibility of current systems to attacks by quantum computers and identifying robust security measures that can withstand QC threats.

      Risk Assessment Workflow

      This is an image of the Risk Assessment Workflow

      By identifying the security gaps that will arise with the advent of QC, organizations can gain insight into the substantial vulnerabilities that core business operations will face when QC becomes a prevalent reality. This proactive understanding enables organizations to prepare and implement appropriate measures to address these vulnerabilities in a timely manner.

      Phase 4 – Prioritize: Balance business value, security risks, and effort

      Organizations need to prioritize the mitigation initiatives based on various factors such as business value, level of security risk, and the effort needed to implement the mitigation controls. In the diagram below, the size of the circle reflects the degree of effort. The bigger the size, the more effort is needed.

      This is an image of a chart where the X axis represents Security Risk level, and the Y axis is Business Value.

      QC Adopters Anticipated Annual Budgets

      This is an image of a bar graph showing the Anticipated Annual Budgets for QC Adopters.
      Source: Hyperion Research, 2022

      Hyperion's survey found that the range of expected budget varies widely.

      • The most selected option, albeit by only 38% of respondents, was US$5 million to US$15 million.
      • About one-third of respondents foresaw annual budgets that exceeded US$15 million, and one-fifth expected budgets to exceed US$25 million.

      Build your risk mitigation roadmap

      2 hours

      1. Review the quantum-resistance initiatives generated in Phase 3 – Assessment.
      2. With input from all stakeholders, prioritize the initiatives based on business value, security risks, and effort using the 2x2 grid.
      3. Review the position of all initiatives and adjust accordingly considering other factors such as dependency, etc.
      4. Place prioritized initiatives to a wave chart.
      5. Assign ownership and target timeline for each initiative.

      This is an image the Security Risk Vs. Business value graph, above an image showing Initiatives Numbered 1-7, divided into Wave 1; Wave 2; and Wave 3.

      Input

      • Data protection inventory created in phase 2
      • Risk assessment produced in phase 3
      • Business unit leaders' and champions' understanding (high-level) of challenges posed by QC

      Output

      • Prioritization of quantum-resistance initiatives

      Materials

      • Whiteboard/flip charts
      • Sticky notes
      • Pen/whiteboard markers

      Participants

      • Quantum-resistance program owner
      • Senior leadership team
      • Business unit heads
      • Chief security officer
      • Chief privacy officer
      • Chief information officer
      • Representatives from legal, risk, and governance

      Phase 5 – Mitigate: Implement quantum-resistant encryption solutions

      To safeguard against cybersecurity risks and threats posed by powerful quantum computers, organizations need to adopt a robust defense-in-depth approach. This entails implementing a combination of well-defined policies, effective technical defenses, and comprehensive education initiatives. Organizations may need to consider implementing new cryptographic algorithms or upgrading existing protocols to incorporate post-quantum encryption methods. The selection and deployment of these measures should be cost-justified and tailored to meet the specific needs and risk profiles of each organization.

      Governance

      Implement solid governance mechanisms to promote visibility and to help ensure consistency

      • Update policies and documents
      • Update existing acceptable cryptography standards
      • Update security and privacy audit programs

      Industry Standards

      • Stay up to date with newly approved standards
      • Leverage industry standards (i.e. NIST's post-quantum cryptography) and test the new quantum-safe cryptographic algorithms

      Technical Mitigations

      Each type of quantum threat can be mitigated using one or more known defenses.

      • Physical isolation
      • Replacing quantum-susceptible cryptography with quantum-resistant cryptography
      • Using QKD
      • Using quantum random number generators
      • Increasing symmetric key sizes
      • Using hybrid solutions
      • Using quantum-enabled defenses

      Vendor Management

      • Work with key vendors on a common approach to quantum-safe governance
      • Assess vendors for possible inclusion in your organization's roadmap
      • Create acquisition policies regarding quantum-safe cryptography

      Research Contributors and Experts

      This is a picture of Adib Ghubril

      Adib Ghubril
      Executive Advisor, Executive Services
      Info-Tech Research Group

      This is a picture of Erik Avakian

      Erik Avakian
      Technical Counselor
      Info-Tech Research Group

      This is a picture of Alaisdar Graham

      Alaisdar Graham
      Executive Counselor
      Info-Tech Research Group

      This is a picture of Carlos Rivera

      Carlos Rivera
      Principal Research Advisor
      Info-Tech Research Group

      This is a picture of Hendra Hendrawan

      Hendra Hendrawan
      Technical Counselor
      Info-Tech Research Group

      This is a picture of Fritz Jean-Louis

      Fritz Jean-Louis
      Principal Cybersecurity Advisor
      Info-Tech Research Group

      Bibliography

      117th Congress (2021-2022). H.R.7535 - Quantum Computing Cybersecurity Preparedness Act. congress.gov, 21 Dec 2022.
      Arute, Frank, et al. Quantum supremacy using a programmable superconducting processor. Nature, 23 Oct 2019.
      Bernhardt, Chris. Quantum Computing for Everyone. The MIT Press, 2019.
      Bob Sorensen. Quantum Computing Early Adopters: Strong Prospects For Future QC Use Case Impact. Hyperion Research, Nov 2022.
      Candelon, François, et al. The U.S., China, and Europe are ramping up a quantum computing arms race. Here's what they'll need to do to win. Fortune, 2 Sept 2022.
      Curioni, Alessandro. How quantum-safe cryptography will ensure a secure computing future. World Economic Forum, 6 July 2022.
      Davis, Mel. Toxic Substance Exposure Requires Record Retention for 30 Years. Alert presented by CalChamber, 18 Feb 2022.
      Eddins, Andrew, et al. Doubling the size of quantum simulators by entanglement forging. arXiv, 22 April 2021.
      Gambetta, Jay. Expanding the IBM Quantum roadmap to anticipate the future of quantum-centric supercomputing. IBM Research Blog, 10 May 2022.
      Golden, Deborah, et al. Solutions for navigating uncertainty and achieving resilience in the quantum era. Deloitte, 2023.
      Grimes, Roger, et al. Practical Preparations for the Post-Quantum World. Cloud Security Alliance, 19 Oct 2021.
      Harishankar, Ray, et al. Security in the quantum computing era. IBM Institute for Business Value, 2023.
      Hayat, Zia. Digital trust: How to unleash the trillion-dollar opportunity for our global economy. World Economic Forum, 17 Aug 2022.
      Mateen, Abdul. What is post-quantum cryptography? Educative, 2023.
      Moody, Dustin. Let's Get Ready to Rumble—The NIST PQC 'Competition.' NIST, 11 Oct 2022.
      Mosca, Michele, Dr. and Dr. Marco Piani. 2021 Quantum Threat Timeline Report. Global Risk Institute, 24 Jan 2022.
      Muppidi, Sridhar and Walid Rjaibi. Transitioning to Quantum-Safe Encryption. Security Intelligence, 8 Dec 2022.
      Payraudeau, Jean-Stéphane, et al. Digital acceleration: Top technologies driving growth in a time of crisis. IBM Institute for Business Value, Nov 2020.
      Quantum-Readiness Working Group (QRWG). Canadian National Quantum-Readiness- Best Practices and Guidelines. Canadian Forum for Digital Infrastructure Resilience (CFDIR), 17 June 2022.
      Rotman, David. We're not prepared for the end of Moore's Law. MIT Technology Review, 24 Feb 2020.
      Saidi, Susan. Calculating a computing revolution. Roland Berger, 2018.
      Shorter., Ted. Why Companies Must Act Now To Prepare For Post-Quantum Cryptography. Forbes.com, 11 Feb 2022.
      Sieger, Lucy, et al. The Quantum Decade, Third edition. IBM, 2022.
      Sorensen, Bob. Broad Interest in Quantum Computing as a Driver of Commercial Success. Hyperion Research, 17 Nov 2021.
      Wise, Jason. How Much Data is Created Every Day in 2022? Earthweb, 22 Sept 2022.
      Wright, Lawrence. The Plague Year. The New Yorker, 28 Dec 2020.
      Yan, Bao, et al. Factoring integers with sublinear resources on a superconducting quantum processor. arXiv, 23 Dec 2022.
      Zhong, Han-Sen, et al. Quantum computational advantage using photons. science.org, 3 Dec 2020.

      Considerations for a Move to Virtual Desktops

      • Buy Link or Shortcode: {j2store}69|cart{/j2store}
      • member rating overall impact: N/A
      • member rating average dollars saved: N/A
      • member rating average days saved: N/A
      • Parent Category Name: End-User Computing Strategy
      • Parent Category Link: /end-user-computing-strategy
      • Hybrid work environments, remote from anywhere and any device, and the security concerns that go hand-in-hand with these strategies have accelerated the move to VDI and DaaS.
      • IT departments can encounter many obstacles to VDI and DaaS, many of which will be determined by your business model and other factors, including complicated shared infrastructure, inadequate training or insufficient staff, and security and compliance concerns.
      • If you do not consider how your end user will be impacted, you will run into multiple issues that affect end-user satisfaction, productivity, and adoption.
      • How will you manage and navigate the right solution for your organization?

      Our Advice

      Critical Insight

      • In the world of VDI and DaaS, if you do not get buy-in from the end user, the rate of adoption and the overall success of the implementation will prove difficult to measure. It will be impossible to calculate ROI even as you feel the impact of your TCO.

      Impact and Result

      • The dimensions of end-user experience can be broken down into four distinct categories that will impact not only the end user but also the business: performance, availability, functionality, and security.
      • Picturing your landscape in this framework will help clearly define your considerations when deciding on whether a VDI or DaaS solution is right for your business.

      Considerations for a Move to Virtual Desktops Research & Tools

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Considerations for a Move to Virtual Desktops Storyboard – A guide to the strategic, technical, and support implications that should be considered in support of a move to VDI or DaaS.

      By defining your goals, framing solutions based on end-user workloads, and understanding the pros and cons of various solutions, you can visualize what success looks like for your VDI/DaaS deployment. This includes defining your KPIs by end-user experience, knowing the decision gates for a successful deployment, and defining your hypothesis for value to make your decision more accurate and gain C-suite buy-in.

      • Considerations for a Move to Virtual Desktops Storyboard
      [infographic]

      Further reading

      What strategic, technical, and support implications should be considered in support of a move to VDI or DaaS?

      Executive Summary

      Insight

      End-user experience is your #1 consideration

      Virtual desktop infrastructure (VDI)/desktop as a service (DaaS) users expect their user experience to be at least equal to that provided by a physical PC, and they do not care about the underlying infrastructure. If the experience is less, then IT has failed in the considerations for VDI/ DaaS. In this research we analyze the data that the IT industry tracks but doesn't use or sometimes even look at regarding user experience (UX).

      Identify the gaps in your IT resources that are critical to success

      Understanding the strengths and weaknesses in your in-house technical skills and business requirements will assist you in making the right decision when it comes to VDI or DaaS solutions. In the case of DaaS this will include a managed service provider for small to medium-sized IT teams. Many IT teams lack a seasoned IT project manager who can identify gaps, risks, and weaknesses in the organization's preparedness. Redeploy your IT staff to new roles that impact management and monitoring of UX.

      IT should think about VDI and DaaS solutions

      Ultimately, IT needs to reduce its complexity, increase user satisfaction, reduce management and storage costs, and maintain a secure and effective environment for both the end user and the business. They must also ensure productivity standards throughout the considerations, strategically, tactically, and in support of a move to a VDI or DaaS solution.

      Executive Summary

      Your Challenge

      With the evolution of VDI over the last 15-plus years, there has been a proliferation of solutions, such as Citrix desktop services, VMware Horizon, and in-house hypervisor solutions (e.g. ESX hosts). There has also been a great deal of growth and competition of DaaS and SaaS solutions in the cloud space. Hybrid work environments, remote from anywhere and any device, and the security concerns that go hand-in-hand with these strategies have certainly accelerated the move to VDI and DaaS.

      How will you manage and navigate the right solution for your organization?

      		Common Obstacles

      IT departments can encounter many obstacles to VDI and DaaS, many of which will be determined by your business model and other factors, such as:

      • Complicated shared infrastructure such as federated multitenant partners and legacy app servers.
      • Inadequate in-house training or insufficient staff to execute migration or manage post-migration activates such as governance and retention policies.
      • Security, compliance, legal, and data classification concerns. Some security tools cannot be deployed in the cloud, limiting you to an on-premises solution.
      		Info-Tech’s Approach

      By defining your end goals, framing solutions based on end-user workloads, and understanding the pros and cons of what solution(s) will meet your needs, you can visualize what success looks like.

      1. Define your KPIs by end-user experience.
      2. Knowing what the decision gates are for a successful VDI/DaaS deployment will prove out your selection process.
      3. Define your hypothesis for value. How you determine value will make your decision more accurate and gain C-suite buy-in.

      Info-Tech Insight

      Every IT organization needs to be asking what success looks like. If you do not consider how your end user will be impacted, whether they are doing something as simple as holding a team meeting with voice and video or working with highly technical workloads on a virtual environment, you will run into multiple issues that affect end-user satisfaction, productivity, and adoption. Understand the tension metrics that may conflict with meeting business objectives and KPIs.

      Voice of the customer

      Client-Driven Insight

      Different industries have different requirements and issues, so they look at solutions differently.

      Info-Tech Insight

      If end-user experience is at the forefront of business requirements, then any solution that fits the business KPIs can be successful.

      Client Pain Point

      Description Indicators

      Flexible work environmentWhat VDI solution can support a work-from-anywhere scenario? Possible solutions: Azure Virtual Desktop, IGEL client, Citrix virtual apps, and desktop services.
      Security concerns Corporate resources need to be secure. Working with untrusted endpoints or unsecured locations. Using VPN-type solution.
      End-user experience What performance metrics should be used to evaluate UX? Are there issues around where the endpoint is located? What kind of link do they have to the virtual desktop? What solutions are there?
      Optimization of routing What routings need to take place to achieve reduced latency and improved experience?
      Multifactor authenticationSecurity features such as a multilayered MFA and corporate data protection.
      Business continuity What are the options when dealing with cloud outages, meeting SLAs, and building resilience?
      Optimizing app performance and response times Define users based on a multiuser environment. Engineers and designers require more CPU resources, which negatively impacts on other users. Optimize CPU to avoid this situation. MS Teams and video streaming apps are not performing in an optimized manner.
      Optimization of cloud costs Scalability and usage schedule. Minimize cloud costs with tools to handle workloads and usage.
      Third-party access outsourcingContractors and third parties accessing business resources need to control data and source code along with developer tools in a centrally managed SaaS.

      The enterprise end-user compute landscape is changing

      Starting on the left are three computer types 'Windows on a PC', 'Mac', and 'VDI on a Thick Client'. In the next part, the first two are combined into 'BYOD', and the tree begins at 'Win11'. Branches from Win11 are: 'DIY' which branches to 'Autopilot & Endpoint Manager (Intune)'; 'Outsource' which branches to 'Device as a Service' which brances to 'Dell', 'Lenovo', and 'HP'; and another branch from 'Outsource', 'Azure Desktop', Which snakes us around to the top of the diagram at 'VDI'. VDI branches to 'VDI on a thin client' and 'VDI on a Browser', then they both branch into 'DIY' which branches to 'Citrix', 'VMware', and 'Azure', and 'Outsource' which branches to 'Desktop as a Service Vendor'.

      Surveys are telling us a story

      Questions you should be asking before you create your RFP
      • What are the use cases and types of workloads?
      • What is the quality of the network connection and bandwidth for the user base?
      • What are the application requirements?
      • What type of end points does the user have and what is the configuration?
      • Where are the data storage containers, how are they accessed, and are there proximity constraints?
      • What is the business security and identity policy requirements?
      • What are the functional and nonfunctional requirements?
      • Will the virtual desktops be persistent or non-persistent?

      How would you rate the user experience on your VDI/DaaS solution?


      (Source: Hysolate, 2020)

      • 18% of CISOs say htue employees are happy with their company's VDI/DaaS solution
      • 82% say their employees are neutral or unhappy with their company's VDI/DaaS solution

      Info-Tech Insight

      Asking critical use-case questions should give you a clear picture of the end-user experience outcome.

      End-user KPI metrics are difficult to gather

      Security is always quoted as a primary justification for VDI/DaaS, while UX is far down the list of KPIs. WHY?

      IT engineers use network and performance metrics to manage end-user complaints of “slowness,” which in reality is not what the user is experiencing.

      IT needs to invest in more meaningful metrics to manage end-user pain:

      • Logon duration
      • App load time
      • App response time
      • Session response time
      • Graphic quality and responsiveness and latency
      • Application availability and performance
      		Bar chart of justifications used for business investment in VDI/DaaS. The most used justification is 'IT Efficiency' at 38%, and highlighted in the 2nd last place is 'Employee Experience' at 11%.
      (Source: Enterprise Strategy Group, 2020)

      Dimensions of user experience

      The dimensions of end-user experience can be broken down into four distinct categories that will impact not only the end user but also the business.

      Picturing your landscape in this framework will help clearly define your considerations when deciding on whether a VDI or DaaS solution is right for your business. We will investigate how these scenarios impact the end user, what that means, and how that can guide the questions that you are asking as you move to an RFP.

      Info-Tech Insight

      In the world of VDI and DaaS, if you do not get buy-in from the end user, the rate of adoption and the overall success of the implementation will prove difficult to measure. It will be impossible to calculate ROI even as you feel the impact of your TCO.

      Three arrows pointing right with labels in sequence 'Dimensions', 'Operational Metrics', and 'Technical Capabilities/ Controls'

      		Cycle diagram with many tiers, titled 'USER EXPERIENCE'. The first tier from the center has four items cycling clockwise 'Availability', 'Functionality', 'Security', and 'Performance'. The second tier is associated to the first tier: under Availability is 'Maintenance', 'Uptime', and 'Degradation'; under Functionality is 'Graphics Quality', 'User Friction', and 'Usability'; under Security is 'Endpoint Monitoring', 'Plane Control', and 'Identity'; under Performance is 'Response Time', 'Reliability', and 'Latency'. Around the edge on the third tier are many different related terms.

      KPIs and metrics

      • Understand the types of end-user activities that are most likely to be reported as being slow.
      • You need to know what storage, CPU, memory, and network resources are being used when the user performs those activities. In other words, what is the OS doing behind the scenes and what hardware is it using?
      • Once you have determined which resources are being used by the various activities you will have to monitor the UX metrics to see which OS, network, storage, or server configuration issue is causing the performance issue that the user is reporting.

      What IT measures

      Most business KPI objectives concentrate on business goals, whether it be cost containment, security, simplification, ease of management, or centralization of apps and data, but rarely is there a KPI for end-user experience.

      You can’t fix what you can’t see. Putting a cost benefit to end-user satisfaction may come in the form of productivity.

      This may be a central reason why VDI has not been widely adopted as an architecture since it came to the marketplace more than 15 years ago.

      		Samples of different KPIs and metrics.

      VDI processes to monitor

      Monitoring end-user metrics will mitigate the tension between business KPIs and end-user satisfaction

      Metric

      Description

      End-User
      Experience

      		PERFORMANCELogon durationOnce the user puts in their password, how long does it take to get to their desktop? What is the measurement and how do you measure?
      App load timeWhen an app is launched by the user there should be immediate indication that it is loading.
      App response timeWhen the user performs a task, there should be no wait time, or hourglass icon, waiting for the app to catch up to the user input. (There is no succinct way to measure this.)
      Session response timeHow does the user’s OS respond to I/O? The user should not experience any latency issues when doing a drag and drop, clicking on a menu item, or doing a search.
      AVAILABILITYSLAsWhen something goes wrong in the VDI/DaaS environment, how quickly can the user expect to get back to their tasks?
      Geographic locationWhen all other considerations are configured correctly, the user experience may be impacted by their location. So, for example, a user working out of Mexico and logging into a VDI may experience latency based on location compared to a user in California, for example, where the resources are stored, managed, and monitored.
      Application availabilityMuch like app load time and response time, the only factor affecting the user experience is the back-end load on the app itself, for example a CAD or heavy resource app not properly resourced.
      FUNCTIONALITYConfiguration of user desktopDegradation in functionality is caused by improper allocation of CPU, RAM, and GPU for the tasks at hand, creating a bad UX and end-user satisfaction score.
      Graphics quality and responsivenessThe user should have the same experience as if on their own physical machine. A video experience should not have any lag in it, for example. MS Teams should not have latency or sound quality issues.
      Predictive analysisContinuous performance and availability monitoring.
      END USERBrowser real user monitoring (RUM)A real-time view into how the web application is performing from the point of view of a real end user.
      Customer satisfaction scoreSurvey-based metrics on customer satisfaction.

      “If employees are the competitive edge and key differentiator for a business, I&O has a duty of care to ensure that the employees’ digital experience enables and does not impede the value of that asset.” (John Annand, Principal Director, Info-Tech Research Group)

      The case for VDI today

      Is security and data sovereignty the only reason?

      Technical capability
      AVAILABILITYVDI is a better fit than DaaS in organizations that have limited or unreliable internet connectivity.
      FUNCTIONALITYApplication flexibility: Resource-intensive applications may require specific virtual desktop configurations, for example in-house GIS apps, CAD, and gaming software requiring specific GPU configurations.
      SECURITYData protection is often stated as a need to maintain an on-premises VDI solution, ensuring sensitive and highly privileged data does not travel across the internet.
      AVAILABILITYWhile some cloud providers will allow you to bring your OS licensing along with a cloud migration, many subscriptions already include OS licensing, and you may be paying additional licensing costs.
      SECURITYVDI makes sense if security and control are primary business KPIs, the IT resources are experienced virtual infrastructure engineers and administrators, and funding is not a hindrance.
      PERFORMANCEWhen processing power is a functional requirement, such as CPU, GPU, and storage capacity, VDI offers performance benefits over a standard PC, reducing the need to deploy high-powered PCs to end users.

      “Though the desktops are moving to the cloud, accountability is not.” (Gary Bea, Director of Consulting Services and Technical Operations, Goliath Technologies)

      The case for DaaS

      Any device anywhere: key benefits of DaaS

      Technical capabilityChallenges
      AVAILABILITYDelivers a consistent user experience regardless of location or device.

      Info-Tech Insight

      The total cost of the solution will be higher than you anticipate, and management is complex. Additionally, your ability to set your conditions and controls is limited.

      Info-Tech Insight

      Depending on your technical abilities and experience with cloud services, you will likely benefit from professional third-party services, technical services, and consulting, which can be critical when deciding if DaaS can fit into your current IT architecture, processes, and security posture.

      SECURITYEnhances security posture by eliminating your client VPN and keeping sensitive data off the endpoint device.
      FUNCTIONALITYOnboard and offboard users quickly and securely.
      FUNCTIONALITYProvides centralize workspace management.
      FUNCTIONALITYScale up or down on demand with a consumption- and subscription-based contract.
      FUNCTIONALITYSignificantly reduce operational overhead compared to managing a traditional VDI deployment.

      Technical capability comparison

      Table comparing technical capabilities using a scale of circle quarters: zero quarters being 'Poor' and 4 quarters being 'Good'. There are six columns in the body, three of which are under 'VDI': 'Thin Client', 'Thick Client', and 'Web Client', and the other three are 'Desktop as a service', 'Device as a service', and 'Win11 w/ Autopilot & Intune'. Rows are split into four categories: In 'Performance' are 'Reliability', 'Response Time', and 'Latency'; in 'Availability' are 'Uptime' and 'Degradation'; in 'Functionality' are 'Usability', 'Graphics Quality', and 'User Friction'; in 'Security' are 'Endpoint Mgt.', 'Control Plane', and 'Identity'.

      X as an endpoint client

      From an end-user experience perspective, what makes sense in terms of usage and cost?

      Thin Client
      • ✓ Easy provisioning and simple to use and manage
      • ✓ Easy to secure and update
      • ✓ Less vulnerable to data loss
      • ✓ Easily scaled
      • ✓ Requires less power
      • ✓ Cheaper than PCs
      • x compared to a PC
      • x Not powerful enough to manage loads such as CAD
      • x Infrastructure and network must be robust and up to date to avoid possible network latency
      • Examples: Terminals, Dell Wyse 5070, Lenovo M625, IGEL, HP Thin Client, repurposed PCs, Chromebook
      		Desktop as a Service
      • ✓ Flexibility: work from anywhere, on any device, collaboratively
      • ✓ Resource scalability not reliant on on-premises server hardware
      • ✓ Easy to configure, install, and maintain
      • ✓ Reliable and easy to provision
      • ✓ Centralized sensitive data cloud security
      • x Requires high-speed internet, especially for remote users
      • x Learning curve can cause user friction
      • x Workload configuration use cases
      • Examples: Citrix, VM Horizon, AWS WorkSpaces, WVD, BYOD
      		Thick Client
      • ✓ Completely flexible, for use with on-premises or cloud infrastructure
      • ✓ Able to work offline
      • ✓ Multimedia or bandwidth-intensive resource processing
      • ✓ Higher server capacity due to less resource load on servers
      • x Higher maintenance and updates attention
      • x Patching, security, and data migration friction
      • x More security vulnerability
      • x Less cost effective
      • Examples: Windows, MacOS desktops, laptops, smartphones, tablets
      		Device as a Service
      • ✓ Device supply chain flow fulfillment, services, and recovery
      • ✓ Able to update to new equipment more frequently
      • ✓ Scale up and down as needed
      • ✓ Better device backup, asset tracking , security, and EOL disposal
      • x Challenging risk management, regulatory obligations, and liabilities
      • x Change in helpdesk and business workflows
      • x Vendor may limit selection
      • Examples: PCs, smartphones, mobile computing devices, Lenovo, HP, Microsoft, Dell, Macs, iPads, iPhones
      		Web Client
      • ✓ Can be accessed from any computer; only requires username and password
      • ✓ Client works with a URL, so browser-based
      • ✓ Updates are easier than on a Windows client
      • x Security risk and information leakage
      • x Dependent on internet access
      • x Unable to work on high-impact resource apps (e.g. CAD, graphics)
      • x Limited user base, less technical operations
      • Examples: Chrome, Edge, HTML5

      Security: on-premises versus cloud

      Security decisions based on risk tolerance

      • What is your risk tolerance? When deciding between VDI and DaaS, the first consideration is whether the business is better served with an on-premises or a cloud solution.
      • Low risk tolerance: Considerer data sovereignty, complex compliance requirements, and data classification. For example, at the Pentagon, DoD requires heavy compliance with security and data sovereignty. DaaS cloud providers may be in a better position to respond to threats and attacks in a timely manner.
      • Low risk tolerance: If the business mandates security tools that cannot be deployed in cloud solutions, VDI is a better solution.
      • Low risk tolerance: Smaller businesses that don’t have resources with the expertise and skill set to handle security are better served in cloud. Security operations centers (SOCs) are more likely to present in large corporations.
      • Low risk tolerance: When patching requires customization, for example in legacy applications, the ability to test patches is impacted, which may cause possible complications or failures.
      • High risk tolerance: For cloud-based solutions, patching is taken out of the IT team’s hands, and testing is done against the complete cloud solution.

      Info-Tech Insight

      What is the better security posture and control plane? Clarify your stakeholders’ objectives, then see if VDI is an adequate solution.

      Security needs for VDI and DaaS

      • IDENTITY AND ACCESS MANAGEMENT — MFA, authorization, provisioning, SSO, identity federation, data owners, workflows, role-based access control (RBAC), user lifecycle management
      • ENCRYPTION — TLS 1.3, and 256-bit, endpoint encryption, file encryption, AES, PKI, BitLocker
      • DATA LOSS PREVENTION — Centralized policy management, sensitive data detection, HIPAA, GDPR
      • ANTIVIRUS & PATCH MANAGEMENT — Group policy management, AV exclusions, anti-ransomware, keylogger mitigation
      • DDoS protection — HTTP, UDP flood mitigation, content delivery network, always-on services
      • ENDPOINT DETECTION & RESPONSE — Detect and react to advanced active attacks on endpoints

      Activity

      Define the virtual infrastructure solution for your end users

      1. Define and build your value hypothesis/proposition
        1. What is the business case? Who is championing the investment?
        2. Identify the project management team and stakeholders.
        3. Set goals to be achieved based on value.
        4. Identify KPIs and metrics to measure success.
      2. Identify use cases and personas
        1. Identify possible user friction (e.g. emotional, cognitive, interaction).
        2. Understand current infrastructure shortcomings/capabilities (e.g. network, security posture/tolerance, staffing needs, qualified technicians, end-user devices).
      3. Articulate use cases into functional and nonfunctional requirements
        1. Separate must haves and nice to haves.
        2. Categorize requirements into identifiable functionality capabilities.
        3. Review your outputs and identify “gotchas” using the MECE (mutually exclusive, collectively exhaustive) principle.

      Related Info-Tech Research

      Stock image of a dashboard.Modernize and Transform Your End-User Computing Strategy

      Phase 3.2 of this research set covers virtual desktop infrastructure.

      Stock image of a world surrounded by clouds.Implement Desktop Virtualization and Transition to Everything as a Service

      Follow Info-Tech’s process for implementing the right desktop virtualization solution to create a project plan that will help ensure that you not only choose the right solution but also implement it effectively.

      Stock image of a finger pushing a button.Cloud Strategy Workbook

      Use this tool to assess cloud services (desktop-as-a-service).

      Stock image of a world surrounded by clouds.Desktop Virtualization TCO Calculator

      This tool is designed to help you understand what desktop virtualization looks like from a cost perspective.

      Bibliography

      Anderson, Joseph. “Five Ways VDI Will Grow in 2022 Thanks to Hybrid Work.” StratoDesk, 28 Feb. 2022. Web.

      Bowker, Mark. “Are Desktops Doomed? Trends in Digital Workspaces, VDI, and DaaS.” ESG, May 2020. Web.

      “The CISO's Dilemma: How Chief Information Security Officers Are Balancing Enterprise Endpoint Security and Worker Productivity in Response to COVID-19.” Hysolate, Oct. 2020. Web.

      King, Val. “Why the End-User Experience Is Not Good for Your Remote Workforce .” Whitehat Virtual Technologies, 2 Dec. 2021. Web.

      Perry, Yifat. “VDI vs DaaS: 5 Key Differences and 6 Leading Solutions.” NetApp, 26 Aug. 2020. Web.

      Rigg, Christian. “Best virtual desktop services 2022.” TechRadar, 20 Jan. 2022 . Web.

      Seget, Vladan. “Key metrics to consider when assessing the performance of your VDI/DaaS environment.” vladan.fr, 19 April 2021. Web.

      Spruijt, Ruben. “Why Should You Care About VDI and Desktop-as-a-Service?” Nutanix, 28 Jan. 2020. Web.

      Stowers, Joshua. “The Best Desktop as a Service (DaaS) Providers 2022.” business.com, 21 Dec. 2021. Web.

      “Virtual Desktop Infrastructure(VDI) Market 2022.” MarketWatch, 5 Jan. 2022. Web. Press release.

      Zamir, Tal. “VDI Security Best Practices: Busting the Myths.” Hysolate, 29 Nov. 2021. Web.

      Zychowicz, Paul. “Why do virtual desktop deployments fail?” Turbonomic Blog, 16 Dec. 2016. Web.

      Build a Chatbot Proof of Concept

      • Buy Link or Shortcode: {j2store}532|cart{/j2store}
      • member rating overall impact: 8.8/10 Overall Impact
      • member rating average dollars saved: $9,566 Average $ Saved
      • member rating average days saved: 7 Average Days Saved
      • Parent Category Name: Service Desk
      • Parent Category Link: /service-desk
      • Implement a chatbot proof of concept mapped to business needs.
      • Scale up customer service delivery in a cost-effective manner.
      • Objectively measure the success of the chatbot proof of concept with metrics-based data.
      • Choose the ticket categories to build during your chatbot proof of concept.

      Our Advice

      Critical Insight

      • Build your chatbot to create business value. Whether it is increasing service or resource efficiency, keep the goal of value in mind when making decisions with your proof of concept.

      Impact and Result

      • When implemented effectively, chatbots can help save costs, generate new revenue, and ultimately increase customer satisfaction for both external- and internal-facing customers.

      Build a Chatbot Proof of Concept Research & Tools

      Start here – read the Executive Brief

      Read our concise Executive Brief to find out why you should build a chatbot proof of concept, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Form your chatbot strategy

      Build action-based metrics to measure the success of your chatbot proof of concept.

      • Chatbot ROI Calculator
      • Chatbot POC Metrics Tool

      2. Build your chatbot foundation

      Put business value first to architect your chatbot before implementation.

      • Chatbot Conversation Tree Library (Visio)
      • Chatbot Conversation Tree Library (PDF)

      3. Continually improve your chatbot

      Continue to grow your chatbot beyond the proof of concept.

      • Chatbot POC RACI
      • Chatbot POC Implementation Roadmap
      • Chatbot POC Communication Plan
      [infographic]

      Workshop: Build a Chatbot Proof of Concept

      Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

      1 Build Your Strategy

      The Purpose

      Build your strategy.

      Key Benefits Achieved

      Calculate your chatbot’s ROI to determine its success.

      Organize your chatbot proof of concept (POC) metrics to keep the project on track.

      Objectively choose chatbot ticket categories.

      Activities

      1.1 Customize your chatbot ROI calculator.

      1.2 Choose your proof of concept ticket categories.

      1.3 Design chatbot metrics to measure success.

      Outputs

      Chatbot ROI Calculator

      Chatbot POC Implementation Roadmap

      Chatbot POC Metrics Tool

      2 Architect Your Chatbot

      The Purpose

      Architect your chatbot.

      Key Benefits Achieved

      Design your integrations with business value in mind.

      Begin building chatbot decision trees.

      Activities

      2.1 List and map your chatbot integrations.

      2.2 Build your conversation tree library.

      Outputs

      Chatbot Integration Map

      Chatbot Conversation Tree Library

      3 Architect Your Chatbot Conversations

      The Purpose

      Architect your chatbot conversations.

      Key Benefits Achieved

      Detail your chatbot conversations in the decision trees.

      Activities

      3.1 Build your conversation tree library.

      Outputs

      Chatbot Conversation Tree Library

      4 Continually Grow Your Chatbot

      The Purpose

      Continually grow your chatbot.

      Key Benefits Achieved

      Identify talent for chatbot support.

      Create an implementation plan.

      Activities

      4.1 Outline the support responsibilities for your chatbot.

      4.2 Build a communication plan.

      Outputs

      Chatbot POC RACI

      Chatbot POC Communication Plan

      Develop a Targeted Flexible Work Program for IT

      • Buy Link or Shortcode: {j2store}542|cart{/j2store}
      • member rating overall impact: 9.0/10 Overall Impact
      • member rating average dollars saved: $18,909 Average $ Saved
      • member rating average days saved: 13 Average Days Saved
      • Parent Category Name: Attract & Select
      • Parent Category Link: /attract-and-select
      • Workplace flexibility continues to be top priority for IT employees. Organizations who fail to offer flexibility will have a difficult time attracting, recruiting, and retaining talent.
      • When the benefits of remote work are not available to everyone, this raises fairness and equity concerns.

      Our Advice

      Critical Insight

      IT excels at hybrid location work and is more effective as a business function when location flexibility is an option for its employees. But hybrid work is just a start. A comprehensive flex work program extends beyond flexible location, so organizations must understand the needs of unique employee groups to uncover the options that will attract and retain talent.

      Impact and Result

      • Uncover the needs of unique employee segments to shortlist flexible work options that employees want and will use.
      • Assess the feasibility of various flexible work options and select ones that meet employee needs and are feasible for the organization.
      • Equip leaders with the information and tools needed to implement and sustain a flexible work program.

      Develop a Targeted Flexible Work Program for IT Research & Tools

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Assess employee and organizational flexibility needs

      Identify prioritized employee segments, flexibility challenges, and the desired state to inform program goals.

      • Develop a Targeted Flexible Work Program for IT – Phases 1-3
      • Talent Metrics Library
      • Targeted Flexible Work Program Workbook
      • Fast-Track Hybrid Work Program Workbook

      2. Identify potential flex options and assess feasibility

      Review, shortlist, and assess the feasibility of common types of flexible work. Identify implementation issues and cultural barriers.

      • Flexible Work Focus Group Guide
      • Flexible Work Options Catalog

      3. Implement selected option(s)

      Equip managers and employees to adopt flexible work options while addressing implementation issues and cultural barriers and aligning HR programs.

      • Guide to Flexible Work for Managers and Employees
      • Flexible Work Time Policy
      • Flexible Work Time Off Policy
      • Flexible Work Location Policy

      Infographic

      Workshop: Develop a Targeted Flexible Work Program for IT

      Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

      1 Prepare to Assess Flex Work Feasibility

      The Purpose

      Gather information on organizational and employee flexibility needs.

      Key Benefits Achieved

      Understand the flexibility needs of the organization and its employees to inform a targeted flex work program.

      Activities

      1.1 Identify employee and organizational needs.

      1.2 Identify employee segments.

      1.3 Establish program goals and metrics.

      1.4 Shortlist flexible work options.

      Outputs

      Organizational context summary

      List of shortlisted flex work options

      2 Assess Flex Work Feasibility

      The Purpose

      Perform a data-driven feasibility analysis on shortlisted work options.

      Key Benefits Achieved

      A data-driven feasibility analysis ensures your flex work program meets its goals.

      Activities

      2.1 Conduct employee/manager focus groups to assess feasibility of flex work options.

      Outputs

      Summary of flex work options feasibility per employee segment

      3 Finalize Flex Work Options

      The Purpose

      Select the most impactful flex work options and create a plan for addressing implementation challenge

      Key Benefits Achieved

      A data-driven selection process ensures decisions and exceptions can be communicated with full transparency.

      Activities

      3.1 Finalize list of approved flex work options.

      3.2 Brainstorm solutions to implementation issues.

      3.3 Identify how to overcome cultural barriers.

      Outputs

      Final list of flex work options

      Implementation barriers and solutions summary

      4 Prepare for Implementation

      The Purpose

      Create supporting materials to ensure program implementation proceeds smoothly.

      Key Benefits Achieved

      Employee- and manager-facing guides and policies ensure the program is clearly documented and communicated.

      Activities

      4.1 Design employee and manager guide prototype.

      4.2 Align HR programs and policies to support flexible work.

      4.3 Create a communication plan.

      Outputs

      Employee and manager guide to flexible work

      Flex work roadmap and communication plan

      5 Next Steps and Wrap-Up

      The Purpose

      Put everything together and prepare to implement.

      Key Benefits Achieved

      Our analysts will support you in synthesizing the workshop’s efforts into a cohesive implementation strategy.

      Activities

      5.1 Complete in-progress deliverables from previous four days.

      5.2 Set up review time for workshop deliverables and to discuss next steps.

      Outputs

      Completed flexible work feasibility workbook

      Flexible work communication plan

      Further reading

      Develop a Targeted Flexible Work Program for IT

      Select flexible work options that balance organizational and employee needs to drive engagement and improve attraction and retention.

      Executive Summary

      Your Challenge

      • IT leaders continue to struggle with workplace flexibility, and it is a top priority for IT employees; as a result, organizations who fail to offer flexibility will have a difficult time attracting, recruiting, and retaining talent.
      • The benefits of remote work are not available to everyone, raising fairness and equity concerns for employees.

      Common Obstacles

      • A one-size-fits-all approach to selecting and implementing flexible work options fails to consider unique employee needs and will not reap the benefits of offering a flexible work program (e.g. higher engagement or enhanced employer brand).
      • Improper structure and implementation of flexible work programs exacerbates existing challenges (e.g. high turnover) or creates new ones.

      Info-Tech's Approach

      • Uncover the needs of unique employee segments to shortlist flexible work options that employees want and will use.
      • Assess the feasibility of various flexible work options and select ones that meet employee needs and are feasible for the organization.
      • Equip leaders with the information and tools needed to implement and sustain a flexible work program.

      Info-Tech Insight

      IT excels at hybrid location work and is more effective as a business function when location flexibility is an option for its employees. But hybrid work is just a start. A comprehensive flex work program extends beyond flexible location, so organizations must understand the needs of unique employee groups to uncover the options that will attract and retain talent.

      Flexible work arrangements are a requirement in today's world of work

      Flexible work continues to gain momentum…

      A 2022 LinkedIn report found that the following occurred between 2019 and 2021:

      +362%

      Increase in LinkedIn members sharing content with the term "flexible work."

      +83%

      Increase in job postings that mention "flexibility."
      (LinkedIn, 2022)

      In 2022, Into-Tech found that hybrid was the most commonly used location work model for IT across all industries.

      ("State of Hybrid Work in IT," Info-Tech Research Group, 2022)

      …and employees are demanding more flexibility

      90%

      of employees said they want schedule and location flexibility ("Global Employee Survey," EY, 2021).

      17%

      of resigning IT employees cited lack of flexible work options as a reason ("IT Talent Trends 2022," Info-Tech Research Group, 2022).

      71%

      of executives said they felt "pressure to change working models and adapt workplace policies to allow for greater flexibility" (LinkedIn, 2021).

      Therefore, organizations who fail to offer flexibility will be left behind

      Difficulty attracting and retaining talent

      98% of IT employees say flexible work options are important in choosing an employer ("IT Talent Trends 2022," Info-Tech Research Group, 2022).

      Worsening employee wellbeing and burnout

      Knowledge workers with minimal to no schedule flexibility are 2.2x more likely to experience work-related stress and are 1.4x more likely to suffer from burnout (Slack, 2022; N=10,818).

      Offering workplace flexibility benefits organizations and employees

      Higher performance

      IT departments that offer some degree of location flexibility are more effective at supporting the organization than those who do not.

      35% of service desk functions report improved service since implementing location flexibility.
      ("State of Hybrid Work in IT," Info-Tech Research Group, 2023).

      Enhanced employer brand

      Employees are 2.1x more likely to recommend their employer to others when they are satisfied with their organization's flexible work arrangements (LinkedIn, 2021).

      Improved attraction

      41% of IT departments cite an expanded hiring pool as a key benefit of hybrid work.

      Organizations that mention "flexibility" in their job postings have 35% more engagement with their posts (LinkedIn, 2022).

      Increased job satisfaction

      IT employees who have more control over their working arrangement experience a greater sense of contribution and trust in leadership ("State of Hybrid Work in IT," Info-Tech Research Group, 2023).

      Better work-life balance

      81% of employees say flexible work will positively impact their work-life balance (FlexJobs, 2021).

      Boosted inclusivity

      • Caregivers regardless of gender, supporting them in balancing responsibilities
      • Individuals with disabilities, enabling them to work from the comfort of their homes
      • Women who may have increased responsibilities
      • Women of color to mitigate the emotional tax experienced at work

      Info-Tech Insight

      Flexible work options are not a concession to lower productivity. Properly implemented, flex work enables employees to be more productive at reaching business goals.

      Despite the popularity of flexible work options, not all employees can participate

      IT organizations differ on how much flexibility different roles can have.

      IT employees were asked what percentage of IT roles were currently in a hybrid or remote work arrangement ("State of Hybrid Work in IT," Info-Tech Research Group, 2023).

      However, the benefits of remote work are not available to all, which raises fairness and equity concerns between remote and onsite employees.

      45%

      of employers said, "one of the biggest risks will be their ability to establish fairness and equity among employees when some jobs require a fixed schedule or location, creating a 'have and have not' dynamic based on roles" ("Businesses Suffering," EY, 2021).

      Offering schedule flexibility to employees who need to be fully onsite can be used to close the fairness and equity gap.

      When offered the choice, 54% of employees said they would choose schedule flexibility over location flexibility ("Global Employee Survey," EY, 2021).

      When employees were asked "What choice would you want your employer to provide related to when you have to work?" The top three choices were:

      68%

      Flexibility on when to start and finish work

      38%

      Compressed or four-day work weeks

      33%

      Fixed hours (e.g. 9am to 5pm)

      Disclaimer: "Percentages do not sum to 100%, as each respondent could choose up to three of the [five options provided]" ("Global Employee Survey," EY, 2021).

      Beware of the "all or nothing" approach

      There is no one-size-fits-all approach to workplace flexibility.

      Understanding the needs of various employee segments in the organization is critical to the success of a flexible work program.

      Working parents want more flexibility

      82%

      of working mothers desire flexibility in where they work.

      48%

      of working fathers "want to work remotely 3 to 5 days a week."

      Historically underrepresented groups value more flexibility

      38%

      "Thirty-eight percent of Black male employees and 33% of Black female employees would prefer a fully flexible schedule, compared to 25% of white female employees and 26% of white male employees."
      (Slack, 2022; N=10,818)

      33%

      Workplace flexibility must be customized to the organization to avoid longer working hours and heavy workloads that impact employee wellbeing

      84%

      of remote workers and 61% of onsite workers reported working longer hours post pandemic. Longer working hours were attributed to reasons such as pressure from management and checking emails after working hours (Indeed, 2021).

      2.6x

      Respondents who either agreed or strongly agreed with the statement "Generally, I find my workload reasonable" were 2.6x more likely to be engaged compared to those who stated they disagreed or strongly disagreed (McLean & Company Engagement Survey Database;2022; N=5,615 responses).

      Longer hours and unsustainable workloads can contribute to stress and burnout, which is a threat to employee engagement and retention. With careful management (e.g. setting clear expectations and establishing manageable workloads), flexible work arrangement benefits can be preserved.

      Info-Tech Insight

      Employees' lived experiences and needs determine if people use flexible work programs – a flex program that has limited use or excludes people will not benefit the organization.

      Develop a flexible work program that meets employee and organizational needs

      This is an image of a sample flexible work program which meets employee and organizational needs.

      Insight summary

      Overarching insight: IT excels at hybrid location work and is more effective as a business function when location, time, and time-off flexibility are an option for its employees.

      Introduction

      Step 1 insight

      Step 2 insight

      Step 3 insight

      • Flexible work options are not a concession to lower productivity. Properly implemented, flex work enables employees to be more productive at reaching business goals.
      • Employees' lived experiences and needs determine if people use flexible work programs – a flex program that has limited use or excludes people will not benefit the organization.
      • Flexible work benefits everyone. IT employees experience greater engagement, motivation, and company loyalty. IT organizations realize benefits such as better service coverage, reduced facilities costs, and increased productivity.
      • Hybrid work is a start. A comprehensive flex work program extends beyond flexible location to flexible time and time off. Organizations must understand the needs of unique employee groups to uncover the options that will attract and retain talent. Provide greater inclusivity to employees by broadening the scope to include flex location, flex time, and flex time off.
      • No two employee segments are the same. To be effective, flexible work options must align with the expectations and working processes of each segment.
      • Every role is eligible for hybrid location work. If onsite work duties prevent an employee group from participating, see if processes can be digitized or automated. Flexible work is an opportunity to go beyond current needs to future proofing your organization.
      • Flexible work options must balance organizational and employee needs. If an option is beneficial to employees but there is little or no benefit to the organization, or if the cost of the option is too high, it will not support the long-term success of the organization.
      • Prioritize flexible work options that employees want. Providing too many options often leads to information overload and results in employees not understanding what is available, lowering adoption of the flexible work program.
      • Leaders' collective support of the flexible program determines the program's successful adoption. Don't sweep cultural barriers under the rug; acknowledge and address them to overcome them.
      • Negative performance of a flexible work option does not necessarily mean failure. Take the time to evaluate whether the option simply needs to be tweaked or whether it truly isn't working for the organization.
      • A set of formal guidelines for IT ensures flexible work is:
        1. Administered fairly across all IT employees.
        2. Defensible and clear.
        3. Scalable to the rest of the organization.

      Case Study

      Expanding hybrid work at Info-Tech

      Challenge

      In 2020, Info-Tech implemented emergency work-from-home for its IT department, along with the rest of the organization. Now in 2023, hybrid work is firmly embedded in Info-Tech's culture, with plans to continue location flexibility for the foreseeable future.

      Adjusting to the change came with lessons learned and future-looking questions.

      Lessons Learned

      Moving into remote work was made easier by certain enablers that had already been put in place. These included issuing laptops instead of desktops to the user base and using an existing cloud-based infrastructure. Much support was already being done remotely, making the transition for the support teams virtually seamless.

      Continuing hybrid work has brought benefits such as reduced commuting costs for employees, higher engagement, and satisfaction among staff that their preferences were heard.

      Looking Forward

      Every flexible work implementation is a work in progress and must be continually revisited to ensure it continues to meet organizational and employee needs. Current questions being explored at Info-Tech are:

      • The concept of the "office as a tool" – how does use of the office change when it is used for specific collaboration-related tasks, rather than everything? How should the physical space change to support this?
      • What does a viable replacement for quick hallway meetings look like in a remote world where communication is much more deliberate? How can managers adjust their practices to ensure the benefits of informal encounters aren't lost?

      Info-Tech offers various levels of support to best suit your needs

      DIY Toolkit

      “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

      Guided Implementation

      “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

      Workshop

      “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

      Consulting

      “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

      Diagnostics and consistent frameworks used throughout all four options

      Guided Implementation

      What does a typical GI on this topic look like?

      Preparation

      Step 1

      Step 2

      Step 3

      Follow-up

      Call #1: Scope requirements, objectives, and your specific challenges.

      Call #2: Assess employee and organizational needs.

      Call #3: Shortlist flex work options and assess feasibility.

      Call #4: Finalize flex work options and create rollout plan.

      Call #5: (Optional) Review rollout progress or evaluate pilot success.

      A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

      A typical GI is 3 to 5 calls over the course of 4 to 6 months.

      Workshop Overview

      Contact your account representative for more information.
      workshops@infotech.com 1-888-670-8889

      Day 1

      Day 2

      Day 3

      Day 4

      Day 5

      Activities

      Prepare to assess flex work feasibility

      Assess flex work feasibility

      Finalize flex work options

      Prepare for implementation

      Next Steps and Wrap-Up (offsite)

      1.1 Identify employee and organizational needs.

      1.2 Identify employee segments.

      1.3 Establish program goals and metrics.

      1.4 Shortlist flex work options.

      2.1 Conduct employee/manager focus groups to assess feasibility of flex work options.

      3.1 Finalize list of approved flex work options.

      3.2 Brainstorm solutions to implementation issues.

      3.2 Identify how to overcome cultural barriers.

      4.1 Design employee and manager guide prototype.

      4.2 Align HR programs and policies to support flexible work.

      4.3 Create a communication plan.

      5.1 Complete in-progress deliverables from previous four days.

      5.2 Set up review time for workshop deliverables and to discuss next steps.

      Deliverables
      1. Organizational context summary
      2. List of shortlisted flex work options
      1. Summary of flex work options' feasibility per employee segment
      1. 1.Final list of flex work options
      2. 2.Implementation barriers and solutions summary
      1. Employee and manager guide to flexible work
      2. Flex work roadmap and communication plan
      1. Completed flexible work feasibility workbook
      2. Flexible work communication plan

      Step 1

      Assess employee and organizational needs

      1. Assess employee and organizational flexibility needs
      2. Identify potential flex options and assess feasibility
      3. Implement selected option(s)

      After completing this step you will have:

      • Identified key stakeholders and their responsibilities
      • Uncovered the current and desired state of the organization
      • Analyzed feedback to identify flexibility challenges
      • Identified and prioritized employee segments
      • Determined the program goals
      • Identified the degree of flexibility for work location, timing, and deliverables

      Identify key stakeholders

      Organizational flexibility requires collaborative and cross-functional involvement to determine which flexible options will meet the needs of a diverse workforce. HR leads the project to explore flexible work options, while other stakeholders provide feedback during the identification and implementation processes.

      HR
      • Assist with the design, implementation, and maintenance of the program.
      • Provide managers and employees with guidance to establish successful flexible work arrangements.
      • Help develop communications to launch and maintain the program.

      Senior Leaders
      • Champion the project by modeling and promoting flexible work options
      • Help develop and deliver communications; set the tone for flexible work at the organization.
      • Provide input into determining program goals.

      Managers
      • Model flexible work options and encourage direct reports to request and discuss options.
      • Use flexible work program guidelines to work with direct reports to select suitable flexible work options.
      • Develop performance metrics and encourage communication between flexible and non-flexible workers.

      Flexible Workers
      • Indicate preferences of flexible work options to the manager.
      • Identify ways to maintain operational continuity and communication while working flexibly.
      • Flag issues and suggest improvements to the manager.
      • Develop creative ways to work with colleagues who don't work flexibly.

      Non-Flexible Workers
      • Share feedback on issues with flexible arrangements and their impact on operational continuity.

      Info-Tech Insight

      Flexible work is a holistic team effort. Leaders, flexible workers, teammates, and HR must clearly understand their roles to ensure that teams are set up for success.

      Uncover the current and desired state of flexibility in the organization

      Current State

      Target State

      Review:

      • Existing policies related to flexibility (e.g. vacation, work from anywhere)
      • Existing flexibility programs (e.g. seasonal hours) and their uptake
      • Productivity of employees
      • Current culture at the organization. Look for:
        • Employee autonomy
        • Reporting structure and performance management processes
        • Trust and psychological safety of employees
        • Leadership behavior (e.g. do leaders model work-life balance, or does the organization have a work 24/7 mentality?)

      Identify what is driving the need for flexible work options. Ask:

      • Why does the organization need flexible options?
        • For example, the introduction of flexibility for some employees has created a "have and have not" dynamic between roles that must be addressed.
      • What does the organization hope to gain from implementing flexible options? For example:
        • Improved retention
        • Increased attraction, remaining competitive for talent
        • Increased work-life balance for employees
        • Reduced burnout
      • What does the organization aspire to be?
        • For example, an organization that creates an environment that values output, not face time.

      These drivers identify goals for the organization to achieve through targeted flexible work options.

      Info-Tech Insight

      Hybrid work is a start. A comprehensive flex work program extends beyond flexible location, so organizations must understand the needs of unique employee groups to uncover the options that will attract and retain talent. Provide greater inclusivity to employees by broadening the scope to include flex location, flex time, and flex time off.

      Identify employee segments

      Using the data, feedback, and challenges analyzed and uncovered so far, assess the organization and identify employee segments.

      Identify employee segments with common characteristics to assess if they require unique flexible work options. Assess the feasibility options for the segments separately in Step 2.

      • Segments' unique characteristics include:
        • Role responsibilities (e.g. interacting with users, creating reports, development and testing)
        • Work location/schedule (e.g. geographic, remote vs. onsite, 9 to 5)
        • Work processes (e.g. server maintenance, phone support)
        • Group characteristics (e.g. specific teams, new hires)

      Identify employee segments and sort them into groups based on the characteristics above.

      Examples of segments:

      • Functional area (e.g. Service Desk, Security)
      • Job roles (e.g. desktop support, server maintenance)
      • Onsite, remote, or hybrid
      • Full-time or part-time
      • Job level (e.g. managers vs. independent contributors)
      • Employees with dependents

      Prioritize employee segments

      Determine whether the organization needs flexible work options for the entire organization or specific employee segments.
      For specific employee segments:

      • Answer the questions on the right to identify whether an employee segment is high, medium, or low priority. Complete slides 23 to 25 for each high-priority segment, repeating the process for medium-priority segments when resources allow.

      For the entire organization:

      • When identifying an option for the entire organization, consider all segments. The approach must create consistency and inclusion; keep this top of mind when identifying flexibility on slides 23 to 25. For example, the work location flexibility would be low in an organization where some segments can work remotely and others must be onsite due to machinery requirements.

      High priority: The employee segment has the lowest engagement scores or highest turnover within the organization. Segment sentiment is that current flexibility is nonexistent or not sufficiently meeting needs.
      Medium priority: The employee segment has low engagement or high turnover. Segment sentiment is that currently available flexibility is minimal or not sufficiently meeting needs.
      Low priority: The segment does not have the lowest engagement or the highest turnover rate. Segment sentiment is that currently available flexibility is sufficiently meeting needs.

      1. What is the impact on the organization if this segment's challenges aren't addressed (e.g. if low engagement and high turnover are not addressed)?
      2. How critical is flexibility to the segment's needs/engagement?
      3. How time sensitive is it to introduce flexibility to this segment (e.g. is the organization losing employees in this segment at a high rate)?
      4. Will providing flexibility to this segment increase organizational productivity or output

      Identify challenges to address with flexibility

      Uncover the lived experiences and expectations of employees to inform selection of segments and flexible options.

      1. Collect data from existing sources, such as:
        • Engagement surveys
        • New hire/exit surveys
        • Employee experience monitor surveys
        • Employee retention pulse surveys
        • Burnout surveys
        • DEI pulse surveys
      2. Analyze employee feedback on experiences with:
        • Work duties
        • Workload
        • Work-life balance
        • Operating processes and procedures
        • Achieving operational outcomes
        • Collaboration and communication
        • Individual experience and engagement
      3. Evaluate the data and identify challenges

      Example challenges:

      • Engagement: Low average score on work-life balance question; flexible work suggested in open-ended responses.
      • Retention: Exit survey indicating that lack of work-life balance is consistently a reason employees leave. Include the cost of turnover (e.g. recruitment, training, severance).
      • Burnout: Feedback from employees through surveys or HR business partner anecdotes indicating high burnout; high usage of wellness services or employee assistance programs.
      • Absenteeism: High average number of days employees were absent in the past year. Include the cost of lost productivity.
      • Operational continuity: Provide examples of when flexible work would have enabled operational continuity in the case of disaster or extended customer service coverage.
      • Program uptake: If the organization already has a flexible work program, provide data on the low proportion of eligible employees using available options.

      1.1 Prepare to evaluate flexible work options

      1-3 hours

      Follow the guidance on preceding slides to complete the following activities.
      Note: If you are only considering remote or hybrid work, use the Fast-Track Hybrid Work Program Workbook. Otherwise, proceed with the Targeted Flexible Work Program Workbook.

      1. Identify key stakeholders. Be sure to record the level of involvement and responsibility expected from each stakeholder. Use the "Stakeholders" tab of the workbook.
      2. Uncover current and desired state. Review and record your current state with respect to culture, productivity, and current flexible work options, if any. Next, record your desired future state, including reasons for implementing flexible work, and goals for the program. Record this in the "Current and Desired State" tab of the workbook.
      3. Identify and prioritize employee segments. Identify and record employee segments. Depending on the size of your department, you may identify a few or many. Be as granular as necessary to fully separate employee groups with different needs. If your resources or needs prevent you from rolling out flexible work to the entire department, record the priority level of each segment so you can focus on the highest priority first.
      4. Identify challenges with flexibility. With each employee segment in mind, analyze your available data to identify and record each segment's main challenges regarding flexible work. These will inform your program goals and metrics.

      Download the Targeted Flexible Work Program Workbook

      Download the Fast-Track Hybrid Work Program Workbook

      Input

      • List of departmental roles
      • Data on employee engagement, productivity, sentiment regarding flexible work, etc.

      Output

      • List of stakeholders and responsibilities
      • Flexible work challenges and aims
      • Prioritized list of employee segments

      Materials

      • Targeted Flexible Work Program Workbook
        Or
      • Fast-Track Hybrid Work Program Workbook

      Participants

      • IT department head
      • HR business partner
      • Flexible work program committee

      Determine goals and metrics for the flexible work program

      Sample program goals

      Sample metrics

      Increase productivity
      • Employee, team, and department key performance indicators (KPIs) before and after flexible work implementation
      • Absenteeism rate (% of lost working days due to all types of absence)

      Improve business satisfaction and perception of IT value

      Increase retention
      • % of exiting employees who cite lack of flexible work options or poor work-life balance as a reason they left
      • Turnover and retention rates

      Improve the employee value proposition (EVP) and talent attraction
      • # of responses on the new hire survey where flexible work options or work-life balance are cited as a reason for accepting an employment offer
      • # of views of career webpage that mentions flexible work program
      • Time-to-fill rates

      Improve engagement and work-life balance

      • Overall engagement score – deploy Info-Tech's Employee Engagement Diagnostics
      • Score for questions about work-life balance on employee engagement or pulse survey, including:
        • "I am able to maintain a balance between my work and personal life."
        • "I find my stress levels at work manageable."

      Info-Tech Insight

      Implementing flex work without solid performance metrics means you won't have a way of determining whether the program is enabling or hampering your business practices.

      1.2 Determine goals and metrics

      30 minutes

      Use the examples on the preceding slide to identify program goals and metrics:

      1. Brainstorm program goals. Be sure to consider both the business benefits (e.g. productivity, retention) and the employee benefits (work-life balance, engagement). A successful flexible work program benefits both the organization and its employees.
      2. Brainstorm metrics for each goal. Identify metrics that are easy to track accurately. Use Info-Tech's IT and HR metrics libraries for reference. Ideally, the metrics you choose should already exist in your organization so no extra effort will be necessary to implement them. It is also important to have a baseline measure of each one before flexible work is rolled out.
      3. Record your outputs on the "Goals and Metrics" tab of the workbook.

      Download the Targeted Flexible Work Program Workbook

      Download the IT Metrics Library

      Download the HR Metrics Library

      Input

      • Organizational and departmental strategy

      Output

      • List of program goals and metrics

      Materials

      • Targeted Flexible Work Program Workbook
        Or
      • Fast-Track Hybrid Work Program Workbook

      Participants

      • Flexible work program committee

      Determine work location flexibility for priority segments

      Work location looks at where a segment can complete all or some of their tasks (e.g. onsite vs. remote). For each prioritized employee segment, evaluate the amount of location flexibility available.

      Work Duties

      Processes

      Operational Outcomes

      High degree of flexibility
      • Low dependence on onsite equipment
      • Work easily shifts to online platforms
      • Low dependence on onsite external interactions (e.g. clients, customers, vendors)
      • Low interdependence of work duties internally (most work is independent)
      • Work processes and expectations are or can be formally documented
      • Remote work processes are sustainable long term

      Most or all operational outcomes can be achieved offsite (e.g. products/service delivery not impacted by WFH)
      • Some dependence on onsite equipment
      • Some work can shift to online platforms
      • Some dependence on onsite external interactions
      • Some interdependence of work duties internally (collaboration is critical)
      • Most work processes and expectations have been or can be formally documented
      • Remote work processes are sustainable (e.g. workarounds can be supported and didn't add work)

      Some operational outcomes can be achieved offsite (e.g. some impact of WFH on product/service delivery)

      Low degree of flexibility
      • High dependence on onsite equipment
      • Work cannot shift to online platforms
      • High dependence on onsite external interactions
      • High interdependence of work duties internally (e.g. line work)
      • Few work processes and expectations can be formally documented
      • Work processes cannot be done remotely, and workarounds for remote work are not sustainable long term

      Operational outcomes cannot be achieved offsite (e.g. significant impairment to product/service delivery)

      Note

      If roles within the segment have differing levels of location flexibility, use the lowest results (e.g. if role A in the segment has a high degree of flexibility for work duties and role B has a low degree of flexibility, use the results for role B).

      Identify work timing for priority segments

      Work timing looks at when work can or needs to be completed (e.g. Monday to Friday, 9am to 5pm).

      Work Duties

      Processes

      Operational Outcomes

      High degree of flexibility

      • No need to be available to internal and/or external customers during standard work hours
      • Equipment is available at any time
      • Does not rely on synchronous (occurring at the same time) work duties internally
      • Work processes and expectations are or can be formally documented
      • Low reliance on collaboration
      • Work is largely asynchronous (does not occur at the same time)

      Most or all operational outcomes are not time sensitive

      • Must be available to internal and/or external customers during some standard work hours
      • Some reliance on synchronous work duties internally (collaboration is critical)
      • Most work processes and expectations have been or can be formally documented
      • Moderate reliance on collaboration
      • Some work is synchronous

      Some operational outcomes are time sensitive and must be conducted within set date or time windows

      Low degree of flexibility

      • Must be available to internal and/or external customers during all standard work hours (e.g. Monday to Friday 9 to 5)
      • High reliance on synchronous work duties internally (e.g. line work)
      • Few work processes and expectations can be formally documented
      • High reliance on collaboration
      • Most work is synchronous

      Most or all operational outcomes are time sensitive and must be conducted within set date or time windows

      Note

      With additional coordination, flex time or flex time off options are still possible for employee segments with a low degree of flexibility. For example, with a four-day work week, the segment can be split into two teams – one that works Monday to Thursday and one that works Tuesday to Friday – so that employees are still available for clients five days a week.

      Examine work deliverables for priority segments

      Work deliverables look at the employee's ability to deliver on their role expectations (e.g. quota or targets) and whether reducing the time spent working would, in all situations, impact the work deliverables (e.g. constrained vs. unconstrained).

      Work Duties

      Operational Outcomes

      High degree of flexibility

      • Few or no work duties rely on equipment or processes that put constraints on output (unconstrained output)
      • Employees have autonomy over which work duties they focus on each day
      • Most or all operational outcomes are unconstrained (e.g. a marketing analyst who builds reports and strategies for clients can produce more reports, produce better reports, or identify new strategies)
      • Work quota or targets are achievable even if working fewer hours
      • Some work duties rely on equipment or processes that put constraints on output
      • Employees have some ability to decide which work duties they focus on each day
      • Some operational outcomes are constrained or moderately unconstrained (e.g. an analyst build reports based on client data; while it's possible to find efficiencies and build reports faster, it's not possible to attain the client data any faster)
      • Work quota or targets may be achievable if working fewer hours

      Low degree of flexibility

      • Most or all work duties rely on equipment or processes that put constraints on output (constrained output)
      • Daily work duties are prescribed (e.g. a telemarketer is expected to call a set number of people per day using a set list of contacts and a defined script)
      • Most or all operational outcomes are constrained (e.g. a machine operator works on a machine that produces 100 parts an hour; neither the machine nor the worker can produce more parts)
      • Work quota or targets cannot be achieved if fewer hours are worked

      Note

      For segments with a low degree of work deliverable flexibility (e.g. very constrained output), flexibility is still an option, but maintaining output would require additional headcount.

      1.3 Determine flexibility needs and constraints

      1-2 hours

      Use the guidelines on the preceding slides to document the parameters of each work segment.

      1. Determine work location flexibility. Work location looks at where a segment can complete all or some of their tasks (e.g. onsite vs. remote). For each prioritized employee segment, evaluate the amount of location flexibility available.
      2. Identify work timing. Work timing looks at when work can or needs to be completed (e.g. Monday to Friday, 9am to 5pm).
      3. Examine work deliverables. Work deliverables look at the employee's ability to deliver on their role expectations (e.g. quota or targets) and whether reducing the time spent working would, in all situations, impact the work deliverables (e.g. constrained vs. unconstrained).
      4. Record your outputs on the "Current and Desired State" tab of the workbook.

      Download the Targeted Flexible Work Program Workbook

      Input

      • List of employee segments

      Output

      • Summary of flexibility needs and constraints for each employee segment

      Materials

      • Targeted Flexible Work Program Workbook
        Or
      • Fast-Track Hybrid Work Program Workbook

      Participants

      • Flexible work program committee
      • Employee segment managers

      Step 2

      Identify potential flex options and assess feasibility

      1. Assess employee and organizational flexibility needs
      2. Identify potential flex options and assess feasibility
      3. Implement selected option(s)

      After completing this step you will have:

      • Created a shortlist of potential options for each prioritized employee segment
      • Evaluated the feasibility of each potential option
      • Determined the cost and benefit of each potential option
      • Gathered employee sentiment on potential options
      • Finalized options with senior leadership

      Prepare to identify and assess the feasibility of potential flexible work options

      First, review the Flexible Work Solutions Catalog

      Before proceeding to the next slide, review the Flexible Work Options Catalog to identify and shortlist five to seven flexible work options that are best suited to address the challenges faced for each of the priority employee segments identified in Step 1.

      Then, assess the feasibility of implementing selected options using slides 29 to 32

      Assess the feasibility of implementing the shortlisted solutions for the prioritized employee segments against the feasibility factors in this step. Repeat for each employee segment. Use the following slides to consult with and include leaders when appropriate.

      • Document your analysis in tabs 6 to 8 of the Targeted Flexible Work Program Workbook.
      • Note implementation issues throughout the assessment and record them in the tool. They will be addressed in Step 3: Implement Selected Program(s). Don't rule out an option simply because it presents some challenges; careful implementation can overcome many challenges.
      • At the end of this step, determine the final list of flexible work options and gain approval from senior leaders for implementation.

      Evaluate feasibility by reviewing the option's impact on continued operations and job performance

      Operational coverage

      Synchronous communication

      Time zones

      Face-to-face

      communication

      To what extent are employees needed to deliver products or services?

      • If constant customer service is required, stagger employees' schedules (e.g. one team works Monday-Thursday while another works Tuesday-Friday).

      To what extent do employees need to communicate with each other synchronously?

      • Break the workflow down and identify times when employees do and do not have to work at the same time to communicate with each other.

      To what extent do employees need to coordinate work across time zones?

      • If the organization already operates in different time zones, ensure that the option does not impact operations requiring continuous coverage.
      • When employees are located in different time zones, coordinate schedules based on the other operational factors.

      When do employees need to interact with each other or clients in person?

      • Examine the workflow closely to identify times when face-to-face communication is not required. Schedule "office days" for employees to work together when in-person interaction is needed.
      • When the interaction is only required with clients, determine whether employees are able to meet clients offsite.

      Info-Tech Insight

      Every role is eligible for hybrid location work. If onsite work duties prevent an employee group from participating, see if processes can be digitized or automated. Flexible work is an opportunity to go beyond current needs to future-proof your organization.

      Assess the option's alignment with organizational culture

      Symbols

      Values

      		 Behaviors

      How supportive of flexible work are the visible aspects of the organization's culture?

      • For example, the mission statement, newsletters, or office layout.
      • Note: Visible elements will need to be adapted to ensure they reinforce the value of the flexible work option.

      How supportive are both the stated and lived values of the organization?

      • When the flexible work option includes less direct supervision, assess how empowered employees feel to make decisions.
      • Assess whether all types of employees (e.g. virtual) are included, valued, and supported.

      How supportive are the attitudes and behaviors, especially of leaders?

      • Leaders set the expectations for acceptable behaviors in the organization. Determine how supportive leaders are toward flexible workers by examining their attitudes and perceptions.
      • Identify if employees are open to different ways of doing work.

      Determine the resources required for the option

      People

      Process

      		 Technology

      Do employees have the knowledge, skills, and abilities to adopt this option?

      • Identify any areas (e.g. process, technology) employees will need to be trained on and assess the associated costs.
      • Determine whether the option will require additional headcount to ensure operational continuity (e.g. two part-time employees in a job-sharing arrangement) and calculate associated costs (e.g. recruitment, training, benefits).

      How much will work processes need to change?

      • Interview organizational leaders with knowledge of the employee segment's core work processes. Determine whether a significant change will be required.
      • If a significant change is required, evaluate whether the benefits of the option outweigh the costs of the process and behavioral change (see the "net benefit" factor on slide 33).

      What new technologies will be required?

      • Identify the technology (e.g. that supports communication, work processes) required to enable the flexible work option.
      • Note whether existing technology can be used or additional technology will be required, and further investigate the viability and costs of these options.

      Examine the option's risks

      Data

      Health & Safety

      Legal

      How will data be kept secure?

      • Determine whether the organization's data policy and technology covers employees working remotely or other flexible work options.
      • If the employee segment handles sensitive data (e.g. personal employee information), consult relevant stakeholders to determine how data can be kept secure and assess any associated costs.

      How will employees' health and safety be impacted?

      • Consult your organization's legal counsel to determine whether the organization will be liable for the employees' health and safety while working from home or other locations.
      • Determine whether the organization's policies and processes will need to be modified.

      What legal risks might be involved?

      • Identify any policies in place or jurisdictional requirements to avoid any legal risks. Consult your organization's legal counsel about the situations below.
        • If the option causes significant changes to the nature of jobs, creating the risk of constructive dismissal.
        • If there are any risks to providing less supervision (e.g. higher chance of harassment).
        • When only some employee segments are eligible for the option, determine whether there is a risk of inequitable access.
        • If the option impacts any unionized employees or collective agreements.

      Determine whether the benefits of the option outweigh the costs

      Include senior leadership in the net benefit process to ensure any unfeasible options are removed from consideration before presenting to employees.

      1. Document the employee and employer benefits of the option from the previous feasibility factors on slides 29 to 32.
      • Include the benefits of reaching program goals identified in Step 1.
      • Quantify the benefits in dollar value where possible.
    • Document the costs and risks of the option, referring to the costs noted from previous feasibility factors.
      • Quantify the costs in dollar value where possible.
    • Compare the benefits and costs.
      • Add an option to your final list if the benefits are greater than the costs.

      • This is an image of a table with the main heading being Net Benefit, with the following subheadings: Benefits to organization; Benefits to employees; Costs.

      Info-Tech Insight

      Flexible work options must balance organizational and employee needs. If an option is beneficial to employees but there is little or no benefit to the organization as a whole, or if the cost of the option is too high, it will not support the long-term success of the organization.

      2.1a Identify and evaluate flexible work options

      30 minutes per employee segment per work option

      If you are only considering hybrid or remote work, skip to activity 2.1b. Use the guidelines on the preceding slides to conduct feasibility assessments.

      1. Shortlist flexible work options. Review the Flexible Work Options Catalog to identify and shortlist five to seven flexible work options that are best suited to address the challenges faced for each of the priority employee segments. Record these on the "Options Shortlist" tab of the workbook. Even if the decision is simple, ensure you record the rationale to help communicate your decision to employees. Transparent communication is the best way to avoid feelings of unfairness if desired work options are not implemented.
      2. Evaluate option feasibility. For each of the shortlisted options, complete one "Feasibility - Option" tab in the workbook. Make as many copies of this tab as needed.
        • When evaluating each option, consider each employee segment individually as you work through the prompts in the workbook. You may find that segments differ greatly in the feasibility of various types of flexible work. You will use this information to inform your overall policy and any exceptions to it.
        • You may need to involve each segment's management team to get an accurate picture of day-to-day responsibilities and flexible work feasibility.
      3. Weigh benefits and costs. At the end of each flexible work option evaluation, record the anticipated costs and benefits. Discuss whether this balance renders the option viable or rules it out.

      Download the Targeted Flexible Work Program Workbook

      Download the Flexible Work Options Catalog

      Input

      • List of employee segments

      Output

      • Shortlist of flexible work options
      • Feasibility analysis for each work option

      Materials

      • Targeted Flexible Work Program Workbook
      • Flexible Work Options Catalog

      Participants

      • Flexible work program committee
      • Employee segment managers

      2.1b Assess hybrid work feasibility

      30 minutes per employee segment

      Use the guidelines on the preceding slides to conduct a feasibility assessment. This exercise relies on having trialed hybrid or remote work before. If you have never implemented any degree of remote work, consider completing the full feasibility assessment in activity 2.1a.

      1. Evaluate hybrid work feasibility. Review the feasibility prompts on the "Work Unit Remote Work Assessment" tab and record your insight for each employee segment.
        • When evaluating each option, consider each employee segment individually as you work through the prompts in the workbook. You may find that segments differ greatly in their ability to accommodate hybrid work. You will use this information to inform your overall policy and any exceptions to it.
        • You may need to involve each segment's management team to get an accurate picture of day-to-day responsibilities and hybrid work feasibility.

      Download the Fast-Track Hybrid Work Program Workbook

      Input

      • List of employee segments

      Output

      • Feasibility analysis for each work option

      Materials

      • Fast-Track Hybrid Work Program Workbook

      Participants

      • Flexible work program committee
      • Employee segment managers

      Ask employees which options they prefer and gather feedback for implementation

      Deliver a survey and/or conduct focus groups with a selection of employees from all prioritized employee segments.

      Share

      • Present your draft list of options to select employees.
      • Communicate that the organization is in the process of assessing the feasibility of flexible work options and would like employee input to ensure flex work meets needs.
      • Be clear that the list is not final or guaranteed.

      Ask

      • Ask which options are preferred more than others.
      • Ask for feedback on each option – how could it be modified to meet employee needs better? Use this information to inform implementation in Step 3.

      Decide

      • Prioritize an option if many employees indicated an interest in it.
      • If employees indicate no interest in an option, consider eliminating it from the list, unless it will be required. There is no value in providing an option if employees won't use it.

      Survey

      • List the options and ask respondents to rate each on a Likert scale from 1 to 5.
      • Ask some open-ended questions with comment boxes for employee suggestions.

      Focus Group

      • Conduct focus groups to gather deeper feedback.
      • See Appendix I for sample focus group questions.

      Info-Tech Insight

      Prioritize flexible work options that employees want. Providing too many options often leads to information overload and results in employees not understanding what is available, lowering adoption of the flexible work program.

      Finalize options list with senior leadership

      1. Select one to three final options and outline the details of each. Include:
        • Scope: To what extent will the option be applied? E.g. work-from-home one or two days a week.
        • Eligibility: Which employee segments are eligible?
        • Cost: What investment will be required?
        • Critical implementation issues: Will any of the implementation issues identified for each feasibility factor impact whether the option will be approved?
        • Resources: What additional resources will be required (e.g. technology)?
      2. Present the options to stakeholders for approval. Include:
        • An outline of the finalized options, including what the option is and the scope, eligibility, and critical implementation issues.
        • The feasibility assessment results, including benefits, costs, and employee preferences. Have more detail from the other factors ready if leaders ask about them.
        • The investment (cost) required to implement the option.
      3. Proceed to Step 3 to implement approved options.

      Running an IT pilot of flex work

      • As a technology department, IT typically doesn't own flexible work implementation for the entire organization. However, it is common to trial flexible work options for IT first, before rolling out to the entire organization.
      • During a flex work pilot, ensure you are working closely with HR partners, especially regarding regulatory and compliance issues.
      • Keep the rest of the organizational stakeholders in the loop, especially regarding their agreement on the metrics by which the pilot's success will be evaluated.

      2.2a Finalize flexible work options

      2-3 hours + time to gather employee feedback

      If you are only considering hybrid or remote work, skip to activity 2.2b. Use the guidelines on the preceding slides to gather final feedback and finalize work option selections.

      1. Gather employee feedback. If employee preferences are already known, skip this step. If they are not, gather feedback to ascertain whether any of the shortlisted options are preferred. Remember that a successful flexible work program balances the needs of employees and the business, so employee preference is a key determinant in flexible work program success. Document this on the "Employee Preferences" tab of the workbook.
      2. Finalize flexible work options. Use your notes on the cost-benefit balance for each option, along with employee preferences, to decide whether the move forward with it. Record this decision on the "Options Final List" tab. Include information about eligible employee segments and any implementation challenges that came up during the feasibility assessments. This is the final decision summary that will inform your flexible program parameters and policies.

      Download the Targeted Flexible Work Program Workbook

      Input

      • Flexible work options shortlist

      Output

      • Final flexible work options list

      Materials

      • Targeted Flexible Work Program Workbook

      Participants

      • Flexible work program committee

      2.2b Finalize hybrid work parameters

      2-3 hours + time to gather employee feedback

      Use the guidelines on the preceding slides to gather final feedback and finalize work option selections.

      1. Summarize feasibility analysis. On the "Program Parameters" tab, record the main insights from your feasibility analysis. Finalize important elements, including eligibility for hybrid/remote work by employee segment. Additionally, record the standard parameters for the program (i.e. those that apply to all employee segments) and variable parameters (i.e. ones that differ by employee segment).

      Download the Fast-Track Hybrid Work Program Workbook

      Input

      • Hybrid work feasibility analysis

      Output

      • Final hybrid work program parameters

      Materials

      • Fast-Track Hybrid Work Program Workbook

      Participants

      • Flexible work program committee

      Step 3

      Implement selected option(s)

      1. Assess employee and organizational flexibility needs
      2. Identify potential flex options and assess feasibility
      3. Implement selected option(s)

      After completing this step, you will have:

      • Addressed implementation issues and cultural barriers
      • Equipped the organization to adopt flexible work options successfully
      • Piloted the program and assessed its success
      • Developed a plan for program rollout and communication
      • Established a program evaluation plan
      • Aligned HR programs to support the program

      Solve the implementation issues identified in your feasibility assessment

      1. Identify a solution for each implementation issue documented in the Targeted Flexible Work Program Workbook. Consider the following when identifying solutions:
        • Scope: Determine whether the solution will be applied to one or all employee segments.
        • Stakeholders: Identify stakeholders to consult and develop a solution. If the scope is one employee segment, work with organizational leaders of that segment. When the scope is the entire organization, consult with senior leaders.
        • Implementation: Collaborate with stakeholders to solve implementation issues. Balance the organizational and employee needs, referring to data gathered in Steps 1 and 2.

      Example:

      Issue

      Solution

      Option 1: Hybrid work

      Brainstorming at the beginning of product development benefits from face-to-face collaboration.

      Block off a "brainstorming day" when all team members are required in the office.

      Employee segment: Product innovation team

      One team member needs to meet weekly with the implementation team to conduct product testing.

      Establish a schedule with rotating responsibility for a team member to be at the office for product testing; allow team members to swap days if needed.

      Address cultural barriers by involving leaders

      To shift a culture that is not supportive of flexible work, involve leaders in setting an example for employees to follow.

      Misconceptions

      Tactics to overcome them
      • Flexible workers are less productive.
      • Flexible work disrupts operations.
      • Flexible workers are less committed to the organization.
      • Flexible work only benefits employees, not the organization.
      • Employees are not working if they aren't physically in the office.

      Make the case by highlighting challenges and expected benefits for both the organization and employees (e.g. same or increased productivity). Use data in the introductory section of this blueprint.

      Demonstrate operational feasibility by providing an overview of the feasibility assessment conducted to ensure operational continuity.

      Involve most senior leadership in communication.

      Encourage discovery and exploration by having managers try flexible work options themselves, which will help model it for employees.

      Highlight success stories within the organization or from competitors or similar industries.

      Invite input from managers on how to improve implementation and ownership, which helps to discover hidden options.

      Shift symbols, values, and behaviors

      • Work with senior leaders to identify symbols, values, and behaviors to modify to align with the selected flexible work options.
      • Validate that the final list aligns with your organization's mission, vision, and values.

      Info-Tech Insight

      Leaders' collective support of the flexible program determines the program's successful adoption. Don't sweep cultural barriers under the rug; acknowledge and address them to overcome them.

      Equip the organization for successful implementation

      Info-Tech recommends providing managers and employees with a guide to flexible work, introducing policies, and providing training for managers.

      Provide managers and employees with a guide to flexible work

      Introduce appropriate organization policies

      Equip managers with the necessary tools and training

      Use the guide to:

      • Familiarize employees and managers with the flexible work program.
      • Gain employee and manager buy-in and support for the program.
      • Explain the process and give guidance on selecting flexible work options and working with their colleagues to make it a success.

      Use Info-Tech's customizable policy templates to set guidelines, outline arrangements, and scope the organization's flexible work policies. This is typically done by, or in collaboration with, the HR department.

      Download the Guide to Flexible Work for Managers and Employees

      Download the Flex Location Policy

      Download the Flex Time-Off Policy

      Download the Flex Time Policy

      3.1 Prepare for implementation

      2-3 hours

      Use the guidelines on the preceding slides to brainstorm solutions to implementation issues and prepare to communicate program rollout to stakeholders.

      1. Solve implementation issues.
        • If you are working with the Targeted Flexible Work Program Workbook: For each implementation challenge identified on the "Final Options List" tab, brainstorm solutions. If you are working with the Fast-Track Hybrid Work Program Workbook: Work through the program enablement prompts on the "Program Enablement" tab.
        • You may need to involve relevant stakeholders to help you come up with appropriate solutions for each employee segment.
        • Ensure that any anticipated cultural barriers have been documented and are addressed during this step. Don't underestimate the importance of a supportive organizational culture to the successful rollout of flexible work.
      2. Prepare the employee guide. Modify the Guide to Flexible Work for Managers and Employees template to reflect your final work options list and the processes and expectations employees will need to follow.
      3. Create a communication plan. Use Info-Tech's Communicate Any IT Initiative blueprint and Appendix II to craft your messaging.

      Download the Guide to Flexible Work for Managers and Employees

      Download the Targeted Flexible Work Program Workbook

      Input

      • Flexible work options final list

      Output

      • Employee guide to flexible work
      • Flexible work rollout communication plan

      Materials

      • Guide to Flexible Work for Managers and Employees
      • Targeted Flexible Work Program Workbook
        Or
      • Fast-Track Hybrid Work Program Workbook

      Participants

      • Flexible work program committee
      • Employee segment managers

      Run an IT pilot for flexible work

      Prepare for pilot

      Launch Pilot

      Identify the flexible work options that will be piloted.

      • Refer to the final list of selected options for each priority segment to determine which options should be piloted.

      Select pilot participants.

      • If not rolling out to the entire IT department, look for the departments and/or team(s) where there is the greatest need and the biggest interest (e.g. team with lowest engagement scores).
      • Include all employees within the department, or team if the department is too large, in the pilot.
      • Start with a group whose managers are best equipped for the new flexibility options.

      Create an approach to collect feedback and measure the success of the pilot.

      • Feedback can be collected using surveys, focus groups, and/or targeted in-person interviews.

      The length of the pilot will greatly vary based on which flexible work options were selected (e.g. seasonal hours will require a shorter pilot period compared to implementing a compressed work week). Use discretion when deciding on pilot length and be open to extending or shortening the pilot length as needed.

      Launch pilot.

      • Launch the program through a town hall meeting or departmental announcement to build excitement and buy-in.
      • Develop separate communications for employee segments where appropriate. See Appendix II for key messaging to include.

      Gather feedback.

      • The feedback will be used to assess the pilot's success and to determine what modifications will be needed later for a full-scale rollout.
      • When gathering feedback, tailor questions based on the employee segment but keep themes similar. For example:
        • Employees: "How did this help your day-to-day work?"
        • Managers: "How did this improve productivity on your team?"

      Track metrics.

      • The success of the pilot is best communicated using your department's unique KPIs.
      • Metrics are critical for:
        • Accurately determining pilot success.
        • Getting buy-in to expand the pilot beyond IT.
        • Justifying to employees any changes made to the flexible work options.

      Assess the pilot's success and determine next steps

      Review the feedback collected on the previous slide and use this decision tree to decide whether to relaunch a pilot or proceed to a full-scale rollout of the program.

      This is an image of the flow chart used to assess the pilot's success and determine the next steps. It will help you to determine whether you will Proceed to full-scale rollout on next slide, Major modifications to the option/launch (e.g. change operating time) – adjust and relaunch pilot or select a new employee segment and relaunch pilot, Minor modifications to the option/launch (e.g. introduce additional communications) – adjust and proceed to full scale rollout, or Return to shortlist (Step 2) and select a different option or launch pilot with a different employee segment.

      Prepare for full-scale rollout

      If you have run a team pilot prior to rolling out to all of IT, or run an IT pilot before an organizational rollout, use the following steps to transition from pilot to full rollout.

      1. Determine modifications
        • Review the feedback gathered during the pilot and determine what needs to change for a full-scale implementation.
        • Update HR policies and programs to support flexible work. Work closely with your HR business partner and other organizational leaders to ensure every department's needs are understood and compliance issues are addressed.
      2. Roll out and evaluate
        • Roll out the remainder of the program (e.g. to other employee segments or additional flexible work options) once there is significant uptake of the pilot by the target employee group and issues have been addressed.
        • Determine how feedback will be gathered after implementation, such as during engagement surveys, new hire and exit surveys, stay interviews, etc., and assess whether the program continues to meet employee and organizational needs.

      Rolling out beyond IT

      For a rollout beyond IT, HR will likely take over.

      However, this is your chance to remain at the forefront of your organization's flexible work efforts by continuing to track success and gather feedback within IT.

      Align HR programs and organizational policies to support flexible work

      Talent Management

      Learning & Development

      Talent Acquisition

      Reinforce managers' accountability for the success of flexible work in their teams:

      • Include "managing virtual teams" in the people management leadership competency.
      • Recognize managers who are modeling flexible work.

      Support flexible workers' career progression:

      • Monitor the promotion rates of flexible workers vs. non-flexible workers.
      • Make sure flexible workers are discussed during talent calibration meetings and have access to career development opportunities.

      Equip managers and employees with the knowledge and skills to make flexible work successful.

      • Provide guidance on selecting the right options and maintaining workflow.
      • If moving to a virtual environment, train managers on how to make it a success.

      Incorporate the flexible work program into the organization's employee value proposition to attract top talent who value flexible work options.

      • Highlight the program on the organization's career site and in job postings.

      Organizational policies

      Determine which organizational policies will be impacted as a result of the new flexible work options. For example, the introduction of flex time off can result in existing vacation policies needing to be updated.

      Plan to re-evaluate the program and make improvements

      Collect data

      Collect data

      Act on data

      Uptake

      Gather data on the proportion of employees eligible for each option who are using the option.

      If an option is tracking positively:

      • Maintain or expand the program to more of the organization.
      • Conduct a feasibility assessment (Step 2) for new employee segments.

      Satisfaction

      Survey managers and employees about their satisfaction with the options they are eligible for and provide an open box for suggestions on improvements.

      If an option is tracking negatively:

      • Investigate why. Gather additional data, interview organizational leaders, and/or conduct focus groups to gain deeper insight.
      • Re-assess the feasibility of the option (Step 2). If the costs outweigh the benefits based on new data, determine whether to cancel the option.
      • Take appropriate action based on the outcome of the evaluation, such as modifying or cancelling the option or providing employees with more support.
        • Note: Cancelling an option can impact the engagement of employees using the option. Ensure that the data, reasons for cancelling the option, and potential substitute options are communicated to employees in advance.

      Program goal progress

      Monitor progress against the program goals and metrics identified in Step 1 to evaluate the impact on issues that matter to the organization (e.g. retention, productivity, diversity).

      Career progression

      Evaluate flexible workers' promotion rates and development opportunities to determine if they are developing.

      Info-Tech Insight

      Negative performance of a flexible work option does not necessarily mean failure. Take the time to evaluate whether the option simply needs to be tweaked or whether it truly isn't working for the organization.

      Insight summary

      Overarching insight: IT excels at hybrid location work and is more effective as a business function when location, time, and time-off flexibility are an option for its employees.

      Introduction

      • Flexible work options are not a concession to lower productivity. Properly implemented, flex work enables employees to be more productive at reaching business goals.
      • Employees' lived experiences and needs determine if people use flexible work programs – a flex program that has limited use or excludes people will not benefit the organization.
      • Flexible work benefits everyone. IT employees experience greater engagement, motivation, and company loyalty. IT organizations realize benefits such as better service coverage, reduced facilities costs, and increased productivity.

      Step 1 insight

      • Hybrid work is a start. A comprehensive flex work program extends beyond flexible location to flexible time and time off. Organizations must understand the needs of unique employee groups to uncover the options that will attract and retain talent. Provide greater inclusivity to employees by broadening the scope to include flex location, flex time, and flex time off.
      • No two employee segments are the same. To be effective, flexible work options must align with the expectations and working processes of each segment.

      Step 2 insight

      • Every role is eligible for hybrid location work. If onsite work duties prevent an employee group from participating, see if processes can be digitized or automated. Flexible work is an opportunity to go beyond current needs to future proofing your organization.
      • Flexible work options must balance organizational and employee needs. If an option is beneficial to employees but there is little or no benefit to the organization, or if the cost of the option is too high, it will not support the long-term success of the organization.
      • Prioritize flexible work options that employees want. Providing too many options often leads to information overload and results in employees not understanding what is available, lowering adoption of the flexible work program.

      Step 3 insight

      • Leaders' collective support of the flexible program determines the program's successful adoption. Don't sweep cultural barriers under the rug; acknowledge and address them to overcome them.
      • Negative performance of a flexible work option does not necessarily mean failure. Take the time to evaluate whether the option simply needs to be tweaked or whether it truly isn't working for the organization.
      • A set of formal guidelines for IT ensures flexible work is:
        1. Administered fairly across all IT employees.
        2. Defensible and clear.
        3. Scalable to the rest of the organization.

      Research Contributors and Experts

      Quinn Ross
      CEO
      The Ross Firm Professional Corporation

      Margaret Yap
      HR Professor
      Ryerson University

      Heather Payne
      CEO
      Juno College

      Lee Nguyen
      HR Specialist
      City of Austin

      Stacey Spruell
      Division HR Director
      Travis County

      Don MacLeod
      Chief Administrative Officer
      Zorra Township

      Stephen Childs
      CHRO
      Panasonic North America

      Shawn Gibson
      Sr. Director
      Info Tech Research Group

      Mari Ryan
      CEO/Founder
      Advancing Wellness

      Sophie Wade
      Founder
      Flexcel Networks

      Kim Velluso
      VP Human Resources
      Siemens Canada

      Lilian De Menezes
      Professor of Decision Sciences
      Cass Business School, University of London

      Judi Casey
      WorkLife Consultant and former Director, Work and Family Researchers Network
      Boston College

      Chris Frame
      Partner – Operations
      LiveCA

      Rose M. Stanley, CCP, CBP, WLCP, CEBS
      People Services Manager
      Sunstate Equipment Co., LLC

      Shari Lava
      Director, Vendor Research
      Info-Tech Research Group

      Carol Cochran
      Director of People & Culture
      FlexJobs

      Kidde Kelly
      OD Practitioner

      Dr. David Chalmers
      Adjunct Professor
      Ted Rogers School of Management, Ryerson University

      Kashmira Nagarwala
      Change Manager
      Siemens Canada

      Dr. Isik U. Zeytinoglu
      Professor of Management and Industrial Relations McMaster University, DeGroote School of Business

      Claire McCartney
      Diversity & Inclusion Advisor
      CIPD

      Teresa Hopke
      SVP of Client Relations
      Life Meets Work – www.lifemeetswork.com

      Mark Tippey
      IT Leader and Experienced Teleworker

      Dr. Kenneth Matos
      Senior Director of Research
      Families and Work Institute

      1 anonymous contributor

      Appendix I: Sample focus group questions

      See Info-Tech's Focus Group Guidefor guidance on setting up and delivering focus groups. Customize the guide with questions specific to flexible work (see sample questions below) to gain deeper insight into employee preferences for the feasibility assessment in Step 2 of this blueprint.

      Document themes in the Targeted Flexible Work Program Workbook.

      • What do you need to balance/integrate your work with your personal life?
      • What challenges do you face in achieving work-life balance/integration?
      • What about your job is preventing you from achieving work-life balance/integration?
      • How would [flexible work option] help you achieve work-life balance/integration?
      • How well would this option work with the workflow of your team or department? What would need to change?
      • What challenges do you see in adopting [flexible work option]?
      • What else would be helpful for you to achieve work-life balance/integration?
      • How could we customize [flexible work option] to ensure it meets your needs?
      • If this program were to fail, what do you think would be the top reasons and why?

      Appendix II: Communication key messaging

      1. Program purpose

      Start with the name and high-level purpose of the program.

      2. Business reasons for the program

      Share data you gathered in Step 1, illustrating challenges causing the need for the program and the benefits.

      3. Options selection process

      Outline the process followed to select options. Remember to share the involvement of stakeholders and the planning around employees' feedback, needs, and lived experiences.

      4. Options and eligibility

      Provide a brief overview of the options and eligibility. Specify that the organization is piloting these options and will modify them based on feedback.

      5. Approval not guaranteed

      Qualify that employees need to be "flexible about flexible work" – the options are not guaranteed and may sometimes be unavailable for business reasons.

      6. Shared responsibility

      Highlight the importance of everyone (managers, flexible workers, the team) working together to make flexible work achievable.

      7. Next steps

      Share any next steps, such as where employees can find the organization's Guide to Flexible Work for Managers and Employees, how to make flexible work a success, or if managers will be providing further detail in a team meeting.

      8. Ongoing communications

      Normalize the program and embed it in organizational culture by continuing communications through various media, such as the organization's newsletter or announcements in town halls.

      Works Cited

      Baziuk, Jennifer, and Duncan Meadows. "Global Employee Survey - Key findings and implications for ICMIF." EY, June 2021. Accessed May 2022.
      "Businesses suffering 'commitment issues' on flexible working," EY, 21 Sep. 2021. Accessed May 2022.
      "IT Talent Trends 2022". Info-Tech Research Group, 2022.
      "Jabra Hybrid Ways of Working: 2021 Global Report." Jabra, Aug. 2021. Accessed May 2022.
      LinkedIn Talent Solutions. "2022 Global Talent Trends." LinkedIn, 2022. Accessed May 2022.
      Lobosco, Mark. "The Future of Work is Flexible: 71% of Leaders Feel Pressure to Change Working Models." LinkedIn, 9 Sep. 2021. Accessed May 2022.
      Ohm, Joy, et al. "Covid-19: Women, Equity, and Inclusion in the Future of Work." Catalyst, 28 May 2020. Accessed May 2022.
      Pelta, Rachel. "Many Workers Have Quit or Plan to After Employers Revoke Remote Work." FlexJobs, 2021. Accessed May 2022.
      Slack Future Forum. "Inflexible return-to-office policies are hammering employee experience scores." Slack, 19 April 2022. Accessed May 2022.
      "State of Hybrid Work in IT: A Trend Report". Info-Tech Research Group, 2023.
      Threlkeld, Kristy. "Employee Burnout Report: COVID-19's Impact and 3 Strategies to Curb It." Indeed, 11 March 2021. Accessed March 2022.

      Prepare an Actionable Roadmap for Your PMO

      • Buy Link or Shortcode: {j2store}358|cart{/j2store}
      • member rating overall impact: 9.5/10 Overall Impact
      • member rating average dollars saved: $103,124 Average $ Saved
      • member rating average days saved: 55 Average Days Saved
      • Parent Category Name: Project Management Office
      • Parent Category Link: /project-management-office
      • Problems with project management offices (PMOs) often start with a lack of a clear definition of what the PMO is actually about and what the organization does.
      • Few organizations provide the minimum required services, and many are not using their PMOs effectively. Many people see the PMO as nothing more than the “project document police,” i.e. a source of red tape rather than a helpful support system. This impacts staffing and hiring.
      • The PMO is often misunderstood as a center for project management governance when it also needs to facilitate the communication of project data from project teams to decision makers to ensure that appropriate decisions get made around resourcing, approval of new projects, etc.
      • Accountability is something that is not clearly defined for many activities that flow through the PMO. Business leaders, project workers, and project managers are rarely as aligned as they need to be.

      Our Advice

      Critical Insight

      • There is a gap in the perception of the actual role of the PMO in many organizations by different stakeholder groups. Many people see the PMO as police that produce red tape rather than a helpful support system. Those that need to present a coherent plan to leadership to champion the need for a PMO often have an uphill battle.
      • Determine the PMO’s role and needs and then determine your staff needs based on that PMO.
      • Staff the PMO according to its actual role and needs. Don’t rush to the assumption that PMO staff starts with accomplished project managers.
      • The difference in a winning PMO is determined by a roadmap or plan created at the beginning.

      Impact and Result

      • Define a PMO with functions that work for you based on the needs of your organization and the gaps in services. A “fit-for-purpose” PMO is the right kind of PMO for your organization.
      • Determine your PMO staffing needs. Our approach to building a PMO starts by analyzing the staffing requirements of your PMO mandate.
      • Create purpose-built role descriptions. Once you understand the staff and skills you’ll need to succeed, we have job description aids you’ll need to fill the roles.

      Prepare an Actionable Roadmap for Your PMO Research & Tools

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Prepare and Actionable Roadmap for Your PMO – An actionable deck to help you establish a valuable PMO.

      Before setting up or re-structuring a PMO, organizational need should not only be taken into consideration but used as a foundation. Phase 1 of this blueprint will help you define the services that your PMO should provide to your organization, instead of the one-size-fits-all approach that doesn’t work.

      • Prepare an Actionable Roadmap for Your PMO – Phases 1-3

      2. PMO Role Definition Tool – An Excel tool to help you define the services of your PMO.

      Use the PMO Role Definition Tool to establish your PMO current state and the service gaps you may have. Use the results to determine the role your PMO should play within your organization.

      • PMO Role Definition Tool

      3. PMO Project Charter – A template to formalize your PMO and make sure everyone is on the same page.

      The PMO Project Charter shares the vision to achieve consensus between stakeholders and projects and initiatives of the PMO. Use this template to jump-start your PMO project.

      • PMO Project Charter

      4. Blank Job Description Template – A template to create different job descriptions from.

      Use this template to create your job descriptions from scratch.

      • Blank Job Description Template

      5. Portfolio Manager Job Description – A clear and realistic job description template for a Portfolio Manager.

      The Portfolio Manager will oversee the business of discovering unsatisfied needs, articulating them as project demand, and organizing appropriate responses. Your customers are the people who approve projects, and you will service them.

      • Portfolio Manager

      6. PMO Job Description Builder Workbook – An Excel tool to help you access PMO staffing requirements.

      This tool will help you assess staffing requirements to facilitate project management, business analysis, and organizational change management outcomes.

      • PMO Job Description Builder Workbook

      7. PMO Strategic Plan – A template to help you compose a PMO strategy.

      This template will help you compose a PMO strategy. Follow the steps in the blueprint to complete the strategy.

      • PMO Strategic Plan

      8. Organizational Change Impact Analysis Tool – An Excel tool to analyze the impact of change to the organization.

      Use the Organizational Change Impact Analysis Tool to analyze the effects of a change across the organization, and to assess the likelihood of adoption to right-size your OCM efforts.

      • Organizational Change Impact Analysis Tool

      9. PMO MS Project Plan – A template to map out timeline for completing the tasks to create your PMO.

      Use this tool to determine the next steps and assign tasks to the appropriate people.

      • PMO MS Project Plan Sample

      Infographic

      Workshop: Prepare an Actionable Roadmap for Your PMO

      Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

      1 Define

      The Purpose

      Get a common understanding of your PMO options.

      Determine where you are and engage leadership.

      Key Benefits Achieved

      A clear vision for your PMO and an articulated reason for establishing it.

      An understanding of you PMO goals and which challenges it sets to address.

      Activities

      1.1 PPM Current State Scorecard

      1.2 SWOT Analysis

      1.3 Current State and Leadership Engagement

      1.4 PMO Mandate and Vision

      Outputs

      PPM Current State Scorecard Results

      SWOT Results

      PMO Role Development Tool

      PMO Charter

      2 Staff

      The Purpose

      Identify organizational design.

      Build job descriptions.

      Key Benefits Achieved

      An analysis of staffing requirements of your PMO that aligns with your mandate from phase 1.

      Job description aids to fill the necessary roles.

      Activities

      2.1 Right, Wrong, Missing, Confusing

      2.2 PMO Function, Roles, and Responsibilities

      2.3 Job Descriptions

      Outputs

      Right, Wrong, Missing, Confusing Results

      Job Description Survey Tool

      Job Description Templates

      3 Plan

      The Purpose

      Create a roadmap.

      Key Benefits Achieved

      An actionable roadmap that can be presented to leadership and implemented.

      Activities

      3.1 Roadmap Hierarchy and Staffing and Sizing

      3.2 Governance and Authority

      Outputs

      PMO Roadmap Draft

      Governance Authority

      4 Change

      The Purpose

      Set up governance and OCM.

      Key Benefits Achieved

      An introduction to the concept of governance and tools for a change impact analysis.

      Activities

      4.1 Analyze the impact of the change across multiple dimensions and stakeholder groups.

      4.2 Gain sponsorship.

      Outputs

      Organizational Change Impact Analysis Tool

      Sponsor Template

      Further reading

      Prepare an Actionable Roadmap for Your PMO

      Turn planning into action with a realistic PMO timeline.

      EXECUTIVE BRIEF

      Analyst Perspective

      Prepare an actionable roadmap for your PMO.

      Photo of Ugbad Farah, PMP, Senior Research Analyst, PPM, Info-Tech Research Group

      We all have junk drawers somewhere in our homes, and we probably try not to think about what’s going on in there. We’re just happy that they close and that the contents are concealed from anyone living in or passing through the house.

      What goes in these junk drawers? Things that don’t have a home, things you don’t know what to do with, and things you don’t have the time or desire to deal with. Eventually, the drawer gets full, and it doesn’t serve you anymore because you can’t add anything else to it. Instead of cleaning the drawer and keeping the things you need, you throw everything away in one sweep. One day you will start the process again.

      The junk drawer is like your project management office (PMO). The PMO is given projects that are barely scoped, projects that don’t have clear sponsors, and ad hoc administrative tasks you don’t have the time or desire to deal with. Inevitably, your PMO is out of capacity. This happens rather quickly, since it’s understaffed. You question its purpose because you made it a junk drawer. You even think about closing it. One day you will start the process again.

      Use this blueprint to stop the madness. Learn how to properly define, staff, and plan a roadmap of a PMO that will actually serve your organization.

      Ugbad Farah, PMP
      Senior Research Analyst, PPM
      Info-Tech Research Group

      Your challenge

      This research is designed to help organizations that are facing these challenges:

      • No visibility into projects
      • The organization views the PMO as unnecessary overhead
      • The PMO is not properly staffed to support the organization’s needs
      • Project managers/staff aren’t providing information or following processes
      • Leadership and sponsors are disengaged

      Pie chart of 'IT Time Allocation by Area'. The grey section on the bottom left represents 'Projects and Project Portfolio Management, 11.5%'.
      IT is responsible for many different business services. The data from Info-Tech’s IT Staffing diagnostic shows that 11.5% of staff time is spent on projects and project portfolio management. (Source: Info-Tech IT Staffing Benchmark Report)

      PMOs can’t do everything and be all things to all people. Define limits with a strong mandate and effective staffing. Make sure you have the skills and capacity to support required PMO functions.

      Project management chaos

      PMOs get pulled into the day-to-day project and resourcing issues, making it difficult to focus on running a portfolio:

      1. Teammates seem unphased by overdue tasks and missed milestones.
      2. Fire drills may happen more often than planned projects.
      3. Resources are allocated and then redirected to something more urgent.
      4. Communication that’s stuck in silos, leading to confusion about priorities.
      5. Due dates mysteriously shift without explanation.
      6. Project teams are more focused on the due date than adoption and outcomes.

      Common obstacles

      IT and PMO leaders face several challenges.

      • Many people see the PMO as nothing more than the “project document police,” i.e. a source of red tape rather than a helpful support system. This impacts staffing and hiring.
      • The PMO is often misunderstood as a center for project management governance, when it also needs to facilitate the communication of project data from project teams to decision makers to ensure that appropriate decisions get made around resourcing, approval of new projects, etc.
      • Accountability is something that is not clearly defined for many activities that flow through the PMO. Business leaders, project workers, and project managers are rarely as aligned as they need to be.

      The Reality

      68% — Sixty-eight percent of stakeholders see their PMOs as sources of unnecessary bureaucratic red tape. (Source: KeyedIn, 2014)

      50% — Fifty percent of PMOs close within the first three years due to such things as poorly defined mandates and poor leadership. (Source: KeyedIn, 2014)

      Info-Tech’s approach

      Prepare an Actionable Roadmap for Your PMO

      The Info-Tech difference:

      1. Get a departmental job description first. Defining your PMO may not be as simple as it seems. Explore the boundaries of portfolio, project, resource, and organizational change management before jumping ahead with processes and tools.
      2. The staffing plan should come before your long-term plan. Get buy-in around your definition of the roles needed to run your PMO before articulating a long-term plan. Too often, plans have been accepted without the commensurate level of staffing. Our approach gives you a chance to put hiring on the roadmap as a predecessor to accountability.
      3. Keep your eye on the ball. Build your PMO around the operational imperative to recognize completed projects as an early milestone in broader changes. In other words, projects exist to create change.

      Prepare an Actionable Roadmap for your PMO

      Turn planning into action with a realistic PMO timeline.

      50% of PMOs close within the first 3 years.

      Logo for Info-Tech.


      		Logo for ITRG.

      01 Define

      DEFINE THE RIGHT KIND OF PMO

      Establish the purpose of your PMO. Identify organizational needs to fill in gaps instead of duplicating efforts.

      LOGICAL FALLACY
      “If we approve more work, we'll get more done.”

      A properly run portfolio reconciles demand (project requests) to supply (available people) and drives throughput by approving the amount of projects that can get done.

      02 Staff

      STAFF THE PMO FOR RESILIENCE

      Analyze the staffing requirements for your PMOs mandate. Create purpose-built role descriptions.

      FALSE ASSUMPTION
      “Our best project manager should run the PMO.”

      Your best project manager should be running projects and, no, they shouldn't do both.

      03 Plan

      PREPARE AN ACTIONABLE ROADMAP

      The difference in a winning PMO is determined by a roadmap or plan created at the beginning. Leaders should understand the full scope of the plan before committing their teams to the project.

      COMMON MISTAKE
      “We'll get great at project management now and worry about portfolio management later.”

      Too often, PMOs focus on project management rigor and plan to do portfolio management after that's done. But few successfully maintain the process long enough to get there. If you start with portfolio management, leadership might soften their demands for project management rigor.

      04 Execute

      ALIGN TO STRATEGIC PLAN

      Use the power of organizational change management to ensure success and adoption. Iterate through the finer points of planning and execution to deploy the kind of PMO defined in step 1, with the people described in step 2, and the strategic roadmap articulated in step 3.

      PROJECT MYOPIA
      “Let's focus on delivering the project on time so we can move on to our next project.”

      Don't forget why the idea got approved in the first place. The goal is to sustain beneficial business outcomes well beyond the completion of your project.

      Info-Tech’s methodology for Preparing an Actionable Roadmap for Your PMO

      1. Define the PMO 2. Staff the PMO 3. Prepare a Roadmap
      Phase Steps
      1. Get a Common Understanding of Your PMO Options
      2. Determine Where You Are and Engage Leadership
      1. Identify Organizational Design
      2. Build Job Descriptions
      1. Create Roadmap
      2. Governance and OCM
      Phase Outcomes A clear vision for your PMO and an articulated reason for establishing it.
      An understanding of your PMO goals and which challenges it sets to address.       		An analysis of staffing requirements of your PMO that aligns with your mandate from phase 1. Job descriptions help to fill the necessary roles. An actionable roadmap that can be presented to leadership and implemented. An introduction to the concept of governance and tools for a change impact analysis.

      Insight summary

      Overarching insight

      There is a gap in the perception of the actual role of the PMO in many organizations by different stakeholder groups. Many people see the PMO police that produce red tape rather than a helpful support system. Those that need to present a coherent plan to leadership championing the need for a PMO often have an uphill battle.

      Phase 1 insight

      Determine the PMO’s role and needs and then determine your staff needs based on that PMO.

      PMO leaders are all too often set up to fail, left to make successes out of PMOs that:

      1. have poorly defined mandates;
      2. lack the proper resourcing to support the services the organization requires; or
      3. lack executive leadership, vision, and backing.

      Phase 2 insight

      Staff the PMO according to its actual role and needs. Don’t rush to the assumption that PMO staff starts with accomplished project managers.

      Many organizations have PMOs of one person, and it is simply not a long-term recipe for success. People in this situation have a lot of weight on their shoulders and feel like they are being set up to fail. It is very challenging for anyone to run a PMO alone without support or administrative help.

      Phase 3 insight

      The difference in a winning PMO is determined by a roadmap or plan created at the beginning.

      When you are determining what your PMO will provide in the future, it is important to align the ambition of the PMO with the maturity of the business. Too often, a lot of effort is spent trying to convince businesses of the value of a PMO.

      Blueprint deliverables

      Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

      PMO Role Definition Tool Sample of the PMO Role Definition Tool deliverable. PMO Project Charter Template Sample of the PMO Project Charter Template deliverable.
      Blank Job Description Template
      Sample of the Blank Job Description Template deliverable.       		Sample Job Descriptions
      Sample of the Sample Job Descriptions deliverable.       		PMO Job Description Builder Workbook
      Sample of the PMO Job Description Builder Workbook deliverable.

      Blueprint deliverables

      Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

      PMO Strategic Plan
      Sample of the PMO Strategic Plan deliverable.       		PMO MS Project Plan Sample
      Sample of the PMO MS Project Plan Sample deliverable.       		Organizational Change Impact Analysis Tool
      Sample of the Organizational Change Impact Analysis Tool deliverable.

      Benefits

      IT Benefits

      • Determine how you can fill gaps and not duplicate efforts to bring value to your organization.
      • Ensure that key PMO capabilities like portfolio management, project management, and organizational change management are in balance.
      • Staffing is purpose-driven. Avoid putting good people in the wrong role.

      Business Benefits

      • Intake and governance have a primary focus and are not merely afterthoughts of someone primarily focused on project management methodology.
      • Avoid unrealistic commitments by ensuring better upfront analysis of ability to execute.
      • Ensure appropriately mandated sponsor management.

      Info-Tech offers various levels of support to best suit your needs

      DIY Toolkit

      Guided Implementation

      Workshop

      Consulting
      "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

      Diagnostics and consistent frameworks used throughout all four options

      Guided Implementation

      A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

      A typical GI is 8 to 12 calls over the course of 4 to 6 months.

      What does a typical GI on this topic look like?

        Phase 1

      • Call #1: Scope requirements, objectives, and your specific challenges.
      • Call #2: Assess current state and determine PMO role/type.
      • Call #3: Complete job description survey.

        • Phase 2

      • Call #4: Analyze survey results and complete FTE analysis.
      • Call #5: Discuss necessary roles and create job descriptions.

        • Phase 3

      • Call #6: Discuss business goals and priorities.
      • Call #7: Identify and prioritize initiatives on roadmap.
      • Call #8: Discuss governance and organizational change.
      • Call #9: Summarize results in strategic plan and discuss next steps.

      Workshop Overview

      Contact your account representative for more information.
      workshops@infotech.com1-888-670-8889

      Day 1 Day 2 Day 3 Day 4 Day 5
      Activities
      Define

      1.1 Review PPM Current State Scorecard Results

      1.2 Get a Common Understanding of Your PMO Options

      1.3 Conduct SWOT Analysis

      1.4 Current State and Leadership Engagement

      1.5 PMO Mandate and Vision

      Staff

      2.1 Identify Organizational Design

      2.2 Right, Wrong, Missing, Confusing

      2.3 PMO Function, Roles, and Responsibilities

      2.4 Job Descriptions

      Plan

      3.1 Roadmap Top-Level Hierarchy

      3.2 Roadmap Second-Level Hierarchy

      3.2 Staffing and Sizing

      3.3 Reconcile and Finalize Roadmap

      3.4 Governance and Authority

      Change

      4.1 Importance of OCM

      4.2 Sponsorship

      4.3 Analyze the Impact of the Change Across Multiple Dimensions and Stakeholder Groups

      Next Steps and Wrap-Up (offsite)

      5.1 Complete in-progress deliverables from previous four days.

      5.2 Set up review time for workshop deliverables and to discuss next steps.

      Deliverables
      1. PPM Current State Scorecard
      2. SWOT Results
      3. PMO Role Development Tool
      4. PMO Charter
      1. Right, Wrong, Missing, Confusing Results
      2. Job Description Survey Tool
      3. Job Description Templates
      1. PMO Roadmap Draft
      2. Governance and Authority Activity
      1. Organizational Change Impact Analysis Tool
      2. Sponsor Template
      1. Completed PMO Roadmap draft
      2. PMO Strategic Plan draft

      Prepare an Actionable Roadmap for Your PMO

      Phase 1

      Define the Right Kind of PMO

      Phase 1

      • 1.1 Get a Common Understanding of Your PMO Options
      • 1.2 Determine Where You Are and Engage Your Leadership
        •

      Phase 2

      • 2.1 Identify Organizational Design
      • 2.2. Build Job Descriptions

      Phase 3

      • 3.1 Create Roadmap
      • 3.2 Governance and OCM

      A PMO may not simply be an office of project managers

      Project management offices are evolving and taking on activities that differ from company to company.

      1915 1930s 1950s 1980s 1990s
      Frederick Taylor introduces the PMO with the implementation of the scientific management method and the increase in the number and complexity of projects. The US Air Corps creates a Project Office function to monitor aircraft development (probably the first record of the term being used). The US military starts developing complex missile systems. Each weapon system was composed of several sub-projects grouped together in system program offices (SPOs). This built the structures underlying the traditional PMO. The Project Office concept exported to construction and IT. The PMO gains a lot of momentum with professional associations and project management certifications becoming recognized industry standards.

      Organizations are confused about what a PMO is, whether they should have one, and what it should do

      PMBOK

      The responsibilities of a PMO can range from providing project management support functions to the direct management of one or more projects. The PMO is an organizational body assigned with various responsibilities related to the centralized and coordinated management of those projects under its domain.

      The PMO may play a role in supporting strategic alignment and delivering organizational value, integrating data and information for organizational strategic projects, and evaluating how higher-level strategic objectives are being fulfilled.

      COBIT

      The PMO can be responsible for portfolio maintenance, setting a standard approach for project and program and portfolio management.

      OPM

      The PMO is an organizational body assigned with various responsibilities related to the centralized and coordinated management of those projects under its domain.

      In an effort to set a standard, the governance frameworks have over complicated it for most of us.

      Use Info-Tech’s framework to create the PMO that works for your organization

      Determine the Services Your PMO Will Provide
      Manage your PMO services in alignment with your mandate and your organization’s needs.

      Establish Your PMO’s Mandate
      Figure out the purpose of your PMO and write it down so it’s clear to your leadership. Align your mandate to the organization’s needs.

      Ensure Organizational Needs Are Being Met
      Before you can decide on what your PMO will do, find out who’s doing what in your organization so you can fill gaps instead of duplicating efforts.

      		Hierarchy of PMO Needs
      Hierarchy of PMO needs with 'Organizational Needs' as the base, 'PMO Mandate' in the middle, and 'PMO Services' at the top.

      Info-Tech Insight

      Consider the principles of Maslow’s Hierarchy of Needs, which view the lower tiers of the hierarchy as fundamentally required to validate the pursuit of the higher tiers.

      Step 1.1

      Get a Common Understanding of Your PMO Options

      Activities
      • 1.1.1 Review PMO Types
      • 1.1.2 SWOT Analysis

      This step will walk you through the following activities:

      • Review Info-Tech’s PMO Types
      • Complete a Strengths, Weaknesses, Opportunities, and Threats Analysis

      This step involves the following participants:

      • PMO director and/or portfolio manager
      • PMO staff/stakeholders
      • Project managers

      Outcomes of this step

      • Current state analysis
      Define the Right Kind of PMO
      Step 1.1 Step 1.2

      People mistake the PMO as only an office with project managers

      It sounded simple enough, but no one could really explain what it meant.

      PMOs are often born out of necessity or desperation. A traumatic event happens, and leadership decides that it wouldn’t have happened had there been a “Project Management Office.” The phrase itself is often quite reassuring and offers the hope of some sort of sanity and order.

      People may not really be able to explain what a PMO is, but they do have a common understanding that it should solve all project management issues. But simply prescribing the “PMO” as a remedy for every organizational alignment is not going to be sufficient. There are different types of PMOs and more importantly there are different types of organizations.

      Screenshot of a Google search for 'what is a project management office'.
      Google and the Google logo are trademarks of Google LLC.

      The PMI has described what a PMO could be

      The PMI does not have a standard for PMOs like it does for things like project, program, and portfolio management. Its PMO definitions should be used as more of a reference point than a best practice.

      But what should it do?

      • Supportive: Provides a consultative role to projects by supplying templates, best practices, training, access to information, and lessons learned from previous projects.
      • Controlling: Provides support and requires compliance through various means.
      • Directive: Takes control of the projects by directly executing them.

      The PMI described three types of PMOs. These three types are well known in the industry, but they are essentially characteristics and do little to help people understand the functions and services of a PMO. There continue to be questions about the role a PMO should play in an organization and how it’s supposed to add value.

      Stock photo of two sticky notes reading 'project' and 'management'.

      Thousands of practitioners came together at the 2012 PMI Symposium and expanded upon PMBOK’s PMO types

      1. Managing
        Manages the work in projects and programs.
      2. Consulting
        Serves as an experience-based consultative body to project managers.
      3. Project Repository
        Repository of previous project documentation, lessons learned, etc.
      4. Enterprise PMO
        Provides PMO services to the organization.
      5. Center of Excellence
        Creates the standard and methodologies and provides tools.
      6. Managerial
        Manages the project and program managers, and eventually, other project resources.
      7. Delivery
        Manages the project and programs.

      1.1.1 Leverage Info-Tech’s PMO types to anchor yourself

      We have narrowed it down to five types of PMOs.

      ePMO
      Icon for ePMO.       		IT PMO
      Icon for IT PMO.       		PMO
      Icon for PMO.       		CMO
      Icon for CMO.       		CoE
      Icon for CoE.
      Enterprise
      Highest level PMO, typically responsible to align project and program work to strategy-significant projects or programs for the entire organization. Could include both IT and business units.       		IT
      IT PMOs provide project-related support for IT project portfolios. For many organizations PMOs originate in IT departments because of the structure required for technology-related projects.       		Project/Program
      Provides project-related tactical service as an entity to support a specific project or program. Can be dismantled when program is done.       		Change
      Change management offices (CMO) help build change management capabilities and enable change readiness in organizations.       		Excellence
      These centers differ in size and mode of organization, depending on their subject and scope. They support project work by providing the organizations with standard methodologies and tools.

      What is your definition of a PMO?

      Use this model to clearly show what is in and out of scope.

      ePMO IT PMO PMO CMO CoE
      PPM Reporting for enterprise portfolio and the financial/human resources needed to deliver them X
      PPM Finance for project/portfolio capital and expense X X
      PPM Customer Management – the customers, sponsors of the project X X
      PPM Strategy Management – projects and programs relate to corporate X X X
      PPM Program Management – related projects in the portfolio X X X
      PPM Time Accounting X X x
      PPM Business Relationship Management (BRM) X X
      PPM Project Information System (PMIS) – organization of project information X X
      PPM Administrative Support – general assistance with Portfolio X
      PPM Record Keeping – Enterprise Information X X
      RM Forecasting X
      PM Quality Assurance X X
      PM Procurement and Vendor Management X X X
      PM Project Status Reporting X X
      PM PM Services X X X
      PM Training X
      PM PM SOP X
      OCM Adoption X X
      OCM Change Management X X
      OCM Benefits Attainment X X
      OCM Forecast Benefits X X
      OCM Track Benefits X X
      GOV Intake X
      GOV Governance X X
      GOV Reporting X X X X

      Use Info-Tech’s PMO function matrix to help provide role definitions for your PMO

      Info-Tech’s potential PMO capabilities are in the header of the table below. These are the services a PMO may (or may not) provide depending on the needs of the organization.

      Portfolio Management Resource Management Project Management Organizational Change Management PMO Governance
      Recordkeeping and bookkeeping Strategy management Assessment of available supply of people and their time Project status reporting PM SOP
      (e.g. feed the portfolio, project planning, task managing)       		Benefits management Technology and infrastructure
      Reporting Financial management HR Security
      PMIS Intake Matching supply to demand based on time, cost, scope, and skill set requirements Procurement and vendor management Legal Financial
      CRM/RM/BRM Program management
      Tracking of utilization based on the allocations Quality Intake
      Time Accounting PM services
      (e.g. staffing project managers or coordinators)       		Quality assurance Organizational change management Project progress, visibility, and process
      Forecasting of utilization via supply-demand reconciliation Closure and lessons learned
      Administrative support PM Training

      The rest of this blueprint will help you choose the right capabilities and accompanying job functions for your PMO.

      Various options for specific PMO job functions are listed below each capability. PMO leaders need to decide which of these functions are required for their organization.

      1.1.2 SWOT analysis

      45-60 minutes

      Input: Current PMO governance documents and SOPs

      Output: An assessment of current strengths, opportunities, threats, and weaknesses of capabilities in previous slide

      Materials: Whiteboard/flip charts, Sticky notes

      Participants: PMO director and/or portfolio manager, PMO staff/stakeholders, Project managers

      Perform a SWOT analysis to assess the current state of PMO capabilities covered on the previous slide.

      The purpose of the SWOT is to begin to define the goals of this implementation by assessing your project management, portfolio management, resource management, organizational change management, and governance capabilities and cultivating alignment around the most critical opportunities and challenges.

      Follow these steps to complete the SWOT analysis:

      1. Have participants discuss and identify strengths, weaknesses, opportunities, and threats.
      2. Spend roughly 60 minutes on this. Use a whiteboard, flip chart, or PowerPoint slide to document results of the discussion as points are made.
      3. Make sure results are recorded and saved either using the template provided in the next slide or by taking a picture of the whiteboard or flip chart.

      1.1.2 Sample SWOT analysis

      Strengths

      • Knowledge, skills, and talent of project staff.
      • We have fairly effective project management processes.
      • Motivation to get things done when priorities, goals, and action plans are clear.

      Weaknesses

      • IT-business communication and alignment.
      • No standards are currently in place across departments. Staff are unsure which templates to use and how/when/why to use them.
      • There are no formal intake structures in place. Projects are approved and it’s up to us to “figure it out.”
      • We have no prioritization practices to keep up with constantly changing priorities and shifts in the marketplace.

      Opportunities

      • Establish portfolio discipline to improve IT-business communication through more effective and efficient project coordination.
      • Stronger initiation processes should translate to smoother project execution.
      • Establish more disciplined and efficient weekly/monthly project reporting practices that should facilitate more effective communication with senior leaders.

      Threats

      • Risk of introducing burdensome processes and documentation that takes more time away from getting things done.
      • We tried to formalize a PMO in the past and it failed after eight months.
      • We have no insight into project resourcing.

      Step 1.2

      Determine Where You Are and Engage Your Leadership

      Activities
      • 1.2.1 Assess Current State
      • 1.2.2 Gap Analysis
      • 1.2.3 Vision Exercise
      • 1.2.4 PMO Charter
      • 1.2.5 Strategic Planning

      This step will walk you through the following activities:

      • Assess the current state of your PPM/PM services using the PMO Role Definition Tool
      • Determine current gaps in your services and processes using the PMO Role Definition Tool
      • Discuss the vison for your PMO
      • Start creating your PMO charter

      This step involves the following participants:

      • PMO director and/or portfolio manager
      • PMO staff/stakeholders
      • Project managers

      Outcomes of this step

      • Results of PMO Role Definition Tool
      • PMO vision
      • PMO charter

      Define the Right Kind of PMO

      Step 1.1 Step 1.2

      Why do organizations need a PMO?

      Stock image of a man thinking.

      “If a company is not a project-oriented organization, there’s less of a need for a PMO. If they are project-focused though, they should have one. Otherwise, who’s driving the delivery of their projects? Who’s establishing their methodology? How are they managing resources efficiently?” (Mary Hubbard, PMP, director of the PMO at Siemens Government Technologies Inc., A PMI Global Executive Council Member)

      Signs you might need a PMO:

      • A lack of project transparency.
      • Significant discrepancies in project results.
      • Poor customer satisfaction rates.
      • An inability to cost projects accurately.
      • A high percentage of delayed or cancelled projects.
      • High project failure rates.
      • Poor alignment of project activity and business strategy investments.
      • Inconsistent project management processes and methodologies.
      • A lack of collaboration and knowledge sharing.
      • Little to no resource training to meet IT and business needs.
      • A lack of resource management for utilization and capacity.
      • Little to no visibility into project, program, and portfolio-level status.

      Why does your organization need a PMO?

      Observe the needs of your organization before deciding on services to support it.
      • Observe what is and what is not in place. Look for existing processes, tools, and systems and evidence that they are being followed. You might already have some pieces in place; the question becomes what to keep and what not to keep.
      • What does your organization look like?
        • Name
        • Population
        • Current Project Lifecycle
        • IT Services Team
        • # of Unique Applications
        • Annual Budget
      • Gather a list of potential areas for improvement where a PMO can add value. Once a list is established, convert it to a prioritized queue of initiatives. A key item on your list should be how projects go from beginning to end so you can understand the potential issues and opportunities with your current project delivery.
      		 Stock image of a hierarchy mapped out over a birds eye view of people.

      Ideally, we wouldn’t invest in project, portfolio, or OCM because they’re overhead processes without any direct value…

      …but you need to spend just enough to demonstrate you are a diligent steward of the assets under your administration.

      Organizational Change Management

      • Well-run projects can fail without OCM.
      • More than anyone else, it’s up to the sponsor to pursue outcomes.

      Project Management

      • Determine the current project management standards and methodologies.
      • Uncover any forms and templates that are currently in use.
      • If there is a lack of project management knowledge among current or future staff, you will need to do some training.

      Portfolio Management

      • Who currently approves projects and who will be approving them in the future?
      • Who is accountable for approving too many projects?
      • What roles does resource capacity play? Is it constrained or do you approve everything?
      • Are the resources in your PMO full-time?
      • How big is your portfolio?
      • How much do you spend on resources (hours or months)?

      Governance

      • Governance can mean many different things: intake, finance, over-sight of existing projects, resource management, technology and architecture, and process.
      • Don’t try to introduce governance without considering the people who may already be governing different areas.
      • Consider what things can be done without getting executive approval.

      Define your PMO’s role in the organization

      Use Info-Tech’s PMO Role Definition Tool to help establish your PMO’s future state.

      • Use Info-Tech’s PMO Role Definition Tool to figure out the functions your PMO should provide.
      • The current-state analysis uses specific questions to assess how you are doing things now and provide you with some situational awareness.
      • The gap analysis uses another set of specific questions to uncover the holes in your organization and the services that are not being provided.
      • Based on the answers you gave to the questions, the tool will populate the functions that your PMO should provide to your organization: the services your organization needs.
      • Use the outputs to start looking into missing functions and ultimately start building or re-establishing the responsibilities of your PMO.
      • Consider having multiple team members answer all the questions to establish alignment and get realistic data.

      Sample of the PMO Role Definition Tool.

      Download the PMO Role Definition Tool

      Hey, you don’t to have to spend anything on portfolio, project, and organizational change management! Assuming of course…

      • You have enough people to do all your projects
      • All projects are getting done on time
      • Your customers and employees are happy
      • You have complete visibility into the portfolio
      • Your projects align with your corporate strategy
      • Your projects align with your operational needs
      • Your strategic and operational needs are in harmony
      • You have the right skills
      • You are using all resources provided to you
      • People self-identify the right work and independently do that work
      • Time is not wasted
      • The work is production-ready (i.e. high quality)
      • Vendors honor their commitments
      • The sponsor is confident they’re getting what was committed
      • You have sufficient reports for the portfolio
      • Stakeholders make it through transitions with minimal resistance
      • The organization is prepared to adopt the outcomes of projects
      • The sponsors’ forecasted benefits are realized
      • Stakeholders are aware of the need for change
      • Stakeholders transition well from current to future state

      Use the tool on the next slide to see where you may need to spend.

      1.2.1 Assess the current state of your project environment

      20-30 minutes

      Input: Understanding of current project portfolio environment

      Output: Completed current state survey

      Materials: Tab 1 of Info-Tech’s PMO Role Definition Tool

      Participants: PMO director and/or portfolio manager, PMO staff/stakeholders, Project managers

      Screenshot from tab 1 of Info-Tech’s PMO Role Definition Tool.

      Screenshot from tab 1 of Info-Tech’s PMO Role Definition Tool. There are three columns: '#', 'Question', and 'Answer'.

      There are 20 current-state questions in column C. Together, the questions address the five capabilities in Info-Tech’s PMO function matrix (slide 28).

      Use the drop-down menu in column D to answer Agree, Somewhat Agree, Neutral, Somewhat Disagree, or Disagree to each question in column C.

      The questions are broad by design. Answer them honestly and select “neutral” if anything is not applicable.

      1.2.2 Set your target state needs to identify gaps

      15-30 minutes

      Input: Reflection on the question, “If I/We do nothing, someone in the organization is…”

      Output: Completed target state survey

      Materials: Tab 2 of Info-Tech’s PMO Role Definition Tool

      Participants: PMO director and/or portfolio manager, PMO staff/stakeholders, Project managers

      Screenshot from tab 2 of Info-Tech’s PMO Role Definition Tool.

      Screenshot from tab 2 of Info-Tech’s PMO Role Definition Tool. There are four columns: '#', 'Question', 'Answer', and 'Department'.

      Each question in column C of tab 2 should be answered in the context of, “If I do nothing, someone in the organization is…”

      Answer each question by using the drop-down menu in column D to select “Yes,” “No,” “I don’t know,” or “N/A.”

      If “Yes” include the department or area that is responsible.

      Hierarchy of PMO needs with 'Organizational Needs' highlighted. 'Organizational Needs' at the base, 'PMO Mandate' in the middle, and 'PMO Services' at the top.

      Review the preliminary list of your potential PMO functions

      Tab 3 of the PMO Role Definition Tool contains a customized version of Info-Tech’s PMO definition matrix, based upon your inputs in the previous two tabs.

      Screenshot from tab 3 of Info-Tech’s PMO Role Definition Tool. It is titled 'PMO Functions and Groups' and contains a table with five columns: 'Portfolio Management', 'Resource Management', 'Project Management', 'Organizational Change Management', and 'Governance'. Each column contains high level recommendations, and at the bottom of the columns are outputs.

      The name of the box is the group the function belongs to.

      These outputs are based on the answers to the questions on the previous 2 tabs.

      In each group’s box are high-level recommendations.

      Consider your stakeholders

      Who benefits from the new or updated PMO structure?

      In a matrix environment, understanding the challenges other teams are facing is a core requirement of an effective PMO. The best way to understand this is through direct engagement like conducting interviews and taking surveys with management and members of other teams.

      Ask yourself these questions about your PMO:

      • Are we doing the right things?
      • Do we know the current status of projects?
      • Are we managing, escalating, and resolving project issues?
      • Do PMs have the right training?
      • What is our overall utilization?

      A PMO should be structured to provide service to the organization. View it as a business, serving the stakeholders.

      1.2.3 Complete this vision exercise to produce an initial mandate for a new/improved PMO

      45-60 minutes

      Input: Outputs from SWOT analysis

      Output: An initial PMO mandate

      Materials: Whiteboard/flip charts, Sticky notes

      Participants: PMO director and/or portfolio manager, PMO staff/stakeholders, Project managers

      Now that you have an idea of the services your organization needs from steps 1.1 and 1.2 of this blueprint, you can discuss the target state of your PMO.

      Follow these steps to complete the SWOT analysis:

      1. Each person writes one aspect of a future state that would solve the issues described in the SWOT analysis (activity 1.1.1). Use sticky notes and post them on the whiteboard.
      2. As a group, identify which of these aspects would be good candidates for embodying the “core element” of your PMO’s new mandate.
      3. From the aspects gathered, have everyone individually come up with a statement of one to two sentences they think captures the overall theme and vision of this PMO.
      4. Collectively choose the best statement to use as the working mandate for your new project management office. This mandate can be modified as needed in the time leading up the creation and launch of your PMO.

      Hierarchy of PMO needs with 'PMO Mandate' highlighted. 'Organizational Needs' at the base, 'PMO Mandate' in the middle, and 'PMO Services' at the top.

      1.2.4 Use Info-Tech’s PMO Project Charter template to help capture your mandate and obtain approval

      3-4 hours

      Input: Activity 1.2.3, Logical considerations for PMO deployment (see bulleted list on this slide)

      Output: An assessment of current strengths, opportunities, threats, and weaknesses of capabilities in previous slide

      Materials: Whiteboard/flip charts, Sticky notes

      Participants: PMO director and/or portfolio manager, PMO staff/stakeholders, Project managers

      A successful PMO will offer a range of services which business units can rely on. The aim of the PMO charter is to outline what is in scope for the PMO and what services it will initially offer.

      A project charter serves several important functions. It organizes the project so you can make efficient and effective resource allocation decisions. It also communicates important details about the project purpose, scope definition, and project parameters.

      To use this template, simply modify or delete all information in grey text and convert the remaining text to black before printing or sending. Sections within the Template include:

      1. PMO Mandate
      2. Goals & Benefits
      3. Scope Definition
      4. Key PMO Stakeholders
      5. Projected Timeline for Implementation
      6. Project Roles and Responsibilities
      7. High-Level Budget
      8. High-Level Risk Assessment

      Sample of the PMO Project Charter Template.

      Download the PMO Project Charter Template

      Engage leadership to refine target-state expectations

      Stock image of a person with a megaphone. ?
      Will project managers be included in the PMO? Which projects and programs will be in the PMO’s mandate?       		?
      Will the PMO have decision-making authority? If so, how much and on what issues?       		?
      Where in the organizational structure will the PMO report?

      “Changing the perception of project management from ‘busy work’ to ‘valued efforts’ is easier when the PMO is properly aligned.” (Project Management Institute, October 2009)

      Don’t assume your PMO is merely tactical

      It can help drive strategy instead of just being a technical arm.

      Strategic

      		 Stock image of a business person.

      Tactical
      Strategic Alignment
      Leadership assumes that your presence will optimize the alignment of projects to corporate strategy.       		Process Adherence
      Leadership assumes you’re all about process.
      Portfolio Thinking
      Leadership assumes that you’re thinking about the overall throughput of projects through the portfolio.       		Project Thinking
      Leadership assumes you’re not thinking beyond the boundaries of a single project at any given time.
      Outcomes Focused
      Leadership assumes that you’re focused on the outcomes forecast by sponsors.       		Timeline Focused
      Leadership assumes you’re focused on delivering projects on time.

      Info-Tech Insight

      A key success factor for a PMO is to take part of strategic conversations; when they are left out, it creates a barrier. The PMO is the connective tissue between strategy and tactics. Don’t risk your benefits by not having the PMO Director at the table before you make decisions.

      Avoid the disconnect

      Create a strategic plan with project professionals at the table.

      • Strategic plans should guide organizations to future states, yet many don’t ever get used. This is because there is a disconnect between the people creating the strategic plan and the people being asked to implement it. Strategic planners don’t often develop their plans with the help of project managers who can ensure the plan is transferred into a working operational plan.
      • Strategic planners are broad thinkers with high-level plans whereas project professionals often work in the trenches. The disconnect between the two can often result in cost overruns, delays in implementation, low worker morale, and an overall chaotic work environment.
      • By putting strategic planners and project managers together to work on the strategic planning process, they can see what the other sees and plan accordingly.
      • Twenty-seven percent more projects are executed successfully when a company’s structure and resources align with their strategy (KPMG, 2017).

      “The failure to build a bridge between the strategic planning process and project management’s planning process is a major reason strategic plans don’t work.” (Bruce McGraw, Project/Programme Manager)

      1.2.5 Strategic planning

      1 hour

      To create a strategic plan that provides value, recognize that the strategic plan for the PMO is not the PMO charter.

      • The PMO charter is the organizational mandate for the PMO. It defines the role, purpose and functions of the PMO. It articulates who the PMO's sponsors and customers are, the services that it offers, and the staffing and support structures required to deliver those services. And, it assumes that a decision to have a PMO has already been made.
      • A strategic plan enables the PMO to play an essential role in achieving a company’s business goals, setting out clear objectives and then providing a roadmap on how to achieve them. A strategic plan maps the tools and resources necessary to achieve successful project outcomes.

      To create a results-driven strategic plan for your PMO, it is helpful to follow a top-down format:

      • Start by going through the list on the right and update the strategic plan.
      • What are the top project-related issues and opportunities you want your PMO to address and what’s the value to the business of trusting them?

      Vision: this needs to be a vivid and common image
      Mission: this is the special assignment that is given to a group
      Goals: these are broad statements of future conditions
      Objectives: these are operational statements that indicate how much and by when (e.g. deliverables or intangible objectives like productivity)
      Strategies: these are the set of actions that need to take place
      Needs: these are the things required to carry out the strategy
      Critical Success Factors: these are the key areas of activity in which favorable results are necessary to reach the goal

      Download the PMO Strategic Plan

      Prepare an Actionable Roadmap for Your PMO

      Phase 2

      Staff Your PMO for Resilience

      Phase 1

      • 1.1 Get a Common Understanding of Your PMO Options
      • 1.2 Determine Where You Are and Engage Your Leadership

      Phase 2

      • 2.1 Identify Organizational Design
      • 2.2. Build Job Descriptions
        •

      Phase 3

      • 3.1 Create Roadmap
      • 3.2 Governance and OCM

      Info-Tech’s approach

      Follow our two-step approach to successfully staff your PMO.

      1. Determine your PMO staffing needs.
        Our approach to building a PMO starts by analyzing the staffing requirements of your PMO mandate.
      2. Create purpose-built role descriptions.
        Once you have an understanding of the staff and skills you’ll need to succeed, we have job description aids you’ll need to fill the roles.

      The Info-Tech difference:

      1. Save time developing a purpose-built approach. There is no one-size-fits-all approach to PMO staffing. The advice and tools in this research will help you quickly determine your unique staffing needs and guide your next steps to get the staffing you need.
      2. Leverage insider research. We’ve worked with thousands of PMOs and have seen the good, the bad, and the ugly of PMO staffing. The approach in this research is informed by client successes and will help you avoid the common mistakes that drive PMO failure.

      IT staff allocation for project work

      Projects and Project Portfolio Management

      58.3% — 58% of respondents feel they have the appropriate staffing level to execute project management effectively. (Source: Info-Tech IT Staffing Benchmark Report)

      59.8% — 59% feel they have the appropriate staffing level to execute requirements gathering effectively. (Source: Info-Tech IT Staffing Benchmark Report)

      The GDP contributions from project-oriented industries are forecasted to reach $20.2 trillion over the next 20 years. (Source: “Project Management: Job Growth and Talent Gap” Project Management Institute, 2017)

      Info-Tech Insight

      Project work is only going to increase, and in general, people are dissatisfied with their current staffing levels.

      Step 2.1

      Identify Organizational Design

      Activities
      • 2.1.1 Right, Wrong, Missing, Confusing
      • 2.1.2 Map Your Current Structure
      • 2.1.3 Inventory Assessment
      • 2.1.4 Job Description Survey

      This step will walk you through the following activities:

      • Complete a Right, Wrong, Missing, Confusing analysis
      • Determine your current organizational/PMO structure
      • Assess your current inventory
      • Complete the job description survey

      This step involves the following participants:

      • PMO director and/or portfolio manager
      • PMO staff/stakeholders
      • Project managers

      Outcomes of this step

      • Current-state analysis
      • Job description survey results

      Staff Your PMO for Resilience

      Step 2.1 Step 2.2

      2.1.1 Right, wrong, missing, confusing

      30-45 minutes

      Input: Current PMO process, Current PMO org. chart

      Output: An assessment of current things that are being done right and wrong and what is currently missing and confusing

      Materials: Whiteboard/flip charts, Sticky notes

      Participants: PMO director and/or portfolio manager, PMO staff, Project managers

      Perform a right, wrong, missing, confusing analysis to assess the current state of your PMO and its staff.

      The purpose of this exercise is to begin to define the goals of this implementation by assessing your staffing capabilities and cultivating alignment around the most critical opportunities and challenges.

      Follow these steps to complete the analysis:

      1. Have participants discuss what is wrong, right, missing, and confusing.
      2. Spend roughly 45 minutes on this. Use a whiteboard, flip chart, or PowerPoint slide to document results of the discussion as points are made.
      3. Make sure results are recorded and saved by taking a picture of the whiteboard or flip chart.

      Organizational types

      1. Functional
        Functional organizations are structured around the functions the organization needs to be performed.
      2. Projectized
        Projectized organizations are organized around projects for maximal project management effectiveness.
      3. Matrix
        Matrix organizations have structures that blend the characteristics of functional and projectized organizations.

      Functional organization

      The traditional hierarchical organizational structure.

      A functional hierarchical structure with 'Functional Managers' highlighted and the note 'Project coordination'. 'Chief Executive' at the top, 'Functional Managers' in the middle, and 'Staff' at the bottom.
      Adapted from ProjectEngineer, 2019
      1. Employees are organized by specialties like human resources, information technology, sales, marketing, administration, etc.
      2. The project management role will be performed by a team member of a functional area under the management of a functional manager.
      3. Resources for the project will need to be negotiated for with the functional managers, and the accessibility of those resources will be based on business conditions. Any escalations of issues would need to be taken to the functional manager.
      4. The project management role would act more like a project coordinator who does not usually carry the title of project manager.
      5. Project management is considered a part-time responsibility. Of all the organizational types, this one tends to be the most difficult for the project manager. The project manager lacks the authority to assign resources and must acquire people and other resources from multiple functional managers.
      6. Because the project manager has little to no authority, the project can take longer to complete than in other organizational structures, and there is generally no recognized project management methodology or best practices.

      Projectized organization

      The majority of project resources are involved in project work.

      A projectized hierarchical structure with a single project hierarchy highlighted and the note 'Project coordination'. 'Chief Executive' at the top, 'Project Managers' in the middle, and 'Staff' at the bottom.
      Adapted from ProjectEngineer, 2019
      1. The project manager has increased independence and authority and is a full-time member of a project organization. They have project resources available to them, such as project coordinators, project schedulers, business analysts, and plan administrators.
      2. The project manager is responsible to the sponsor and/or senior management. The project manager has authority and control of the budget, and any escalation of issues would be taken to the sponsor.
      3. Given that the project resources report to the project manager versus the functional area, there may be a decrease in the subject matter expertise of the team members.
      4. Team members are usually co-located within the same office or virtually co-located to maximize communication effectiveness.
      5. There can be some functional units within the organization; however, those units play a supportive role, without authority over the project manager.
      6. There is no defined hierarchy. Resources are brought together specifically for the purpose of a project. At the end of each project, resources are either reassigned to another project or returned to a resource pool.

      Matrix organization

      A combination of functional and projectized.

      A matrix hierarchical structure with the lowest row highlighted and the note 'Project coordination'. 'Chief Executive' at the top, 'Functional Managers' in the middle, mainly 'Staff' at the bottom, except one 'Project Manager' who coordinates across functions.
      Adapted from ProjectEngineer, 2019
      1. A matrix organization is a blended organizational structure. Although a functional hierarchy is still in place, the project manager is recognized as a valuable position and is given more authority to manage the project and assign resources.
      2. Matrix organizations can be classified as weak, balanced, or strong based on the relative authority of the functional manager and project manager. If the project manager is given more of a project coordinator role, then the organization is considered a weak matrix. If the project manager is given much more authority on resources and budget spending, the organization is considered a strong matrix.
      3. Matrix structures evolve in response to the rise of large-scale projects in contemporary organizations. These projects require efficient processing of large amounts of information.
      4. Working in a matrix organization is challenging and structurally complex. Employees have dual reporting relationships – generally to both a functional manager and a project and/or product manager. However, if done well, it offers the best of both worlds.
      5. The matrix organization structure usually exists in large and multi-project organizations. Here they can move employees whenever and wherever their services are needed. The matrix structure has the flexibility to transfer the organization’s talent by considering employees to be shared resources.

      The project management office

      The vast majority of PMOs are understaffed and underequipped.

      • They are often born out of necessity or desperation.
      • They have no long-terms goals; they tend to go from year to year trying to meet the organization’s needs.
      • They don’t have clear mandates, so it is difficult to determine how they are providing value.
      • Over time (and sometimes even from day one), project management offices find that other tasks fall into their area of responsibility. This often happens when the work has nowhere else to go.
      • Resource management is the challenge, both in terms of being able to allocate skilled resources to projects and within the PMO itself. Staffing gaps within the PMO are often met by individuals wearing more than one hat.

      A stock photo of a circle of chairs in a field being occupied by only two people.

      2.1.2 Map your current structure

      30 minutes to 1 hour

      Input: Current org. charts and PMO structures, Info-Tech’s PMO Function Matrix

      Output: Structure chart

      Materials: Whiteboard/flip charts

      Participants: PMO director and/or portfolio manager, PMO staff, Project managers

      1. As a group, review your current organizational and PMO structure.
      2. Map out both, or if your PMO is small, map out how it fits into the overall structure.
        • Make sure to think about your process, reporting structures, and escalation hierarchies.
        • Consider the capabilities on slide 59 as you work.
        • Use the sample structure on the next page as a guide.

      Stock image of a business hierarchy.

      Sample PMO structure

      Sample PMO structure with 'PMO Director' at the top. 'Portfolio Administrator' below, but not directly in charge of others. Then 'Program Manager', 'Change Manager', 'Resource Management Analyst', 'Business Relationship Manager', and 'Business Analyst' all report to the PMO Director. Below 'Program Manager' are two 'Project Managers' then 'Project Coordinator'. Stock photo of a hand placing a puzzle piece of a business person on it into a puzzle.

      Info-Tech’s PMO Function Matrix

      Info-Tech’s potential PMO capabilities are in the header of the table below.

      Portfolio Management Resource Management Project Management Organizational Change Management PMO Governance
      Recordkeeping and bookkeeping Strategy management Assessment of available supply of people and their time Project status reporting PM SOP
      (e.g. feed the portfolio, project planning, task managing)       		Benefits management Technology and infrastructure
      Reporting Financial management HR Security
      PMIS Intake Matching supply to demand based on time, cost, scope, and skill set requirements Procurement and vendor management Legal Financial
      CRM/RM/BRM Program management
      Tracking of utilization based on the allocations Quality Intake
      Time Accounting PM services
      (e.g. staffing project managers or coordinators)       		Quality assurance Organizational change management Project progress, visibility, and process
      Forecasting of utilization via supply-demand reconciliation Closure and lessons learned
      Administrative support PM Training

      2.1.3 Inventory assessment

      30-45 minutes

      Input: Understanding of your current situation regarding project intake and process

      Output: Survey results

      Materials: Whiteboard/flip charts

      Participants: PMO director and/or portfolio manager, PMO staff, Project managers

      When staffing your PMO, it is important to understand your current situation regarding project intake and process.

      Answer the following questions, and be as detailed as possible:

      • What is your project intake process?
      • How many projects do you currently have?
      • How many people lead projects?
      • Are those who lead projects distributed (federated) or centralized?
      • What tools do you use to manage your portfolio, projects, and resources?

      Stock image of a magnifying glass over an idea lightbulb surrounded by the six classic question words.

      2.1.4 Job description survey

      45 minutes to 1 hour

      Input: Tab 1 of the PMO Job Description Builder Workbook

      Output: List of current projects, processes, and tools

      Materials: PMO Job Description Builder Workbook

      Participants: PMO director and/or portfolio manager, PMO staff, Project managers

      On tab 1 of the PMO Job Description Builder Workbook, use the survey to help determine potential role requirements across various project portfolio management, project management, business analysis, and organizational change management activities.

      Follow these steps to complete the survey:

      1. Consider the role that you are trying to fill.
      2. Read each question carefully and use the drop-down menu to answer whether the activity in column C is a core, ancillary, or out-of-scope job duty.

      Download the PMO Job Description Builder Workbook

      2.1.4 Job description survey continued

      Sample of the Job Description Survey with questions and responses.

      Step 2.2

      Build Job Descriptions

      Activities
      • 2.2.1 Analyze Survey Results
      • 2.2.2 FTE Analysis
      • 2.2.3 Create Your Job Descriptions

      This step will walk you through the following activities:

      • Complete the PMO Job Description Builder Workbook
      • Create job descriptions

      This step involves the following participants:

      • PMO director and/or portfolio manager
      • PMO staff/stakeholders
      • Project managers

      Outcomes of this step

      • PMO org. chart
      • Completed job descriptions

      Staff Your PMO for Resilience

      Step 2.1 Step 2.2

      2.2.1 Analyze survey results

      30 minutes

      Tab 2 of the PMO Job Description Builder Workbook shows the survey results from tab 1.

      The job activities are ranked in a prioritized list. The analysis will help you determine if you require a portfolio manager, program manager, project manager, business analyst, organizational change manager, or a combination.

      Follow these steps to analyze your results:

      • Digest the prioritized ranking. The job activities are ranked in a prioritized list (from most essential to the role to least essential) in column D. The core process or capability that corresponds to each activity is listed in column C.
      • Use the drop-down menu in column F to decide if the core job duties and ancillary job duties will or will not be included in the role description. Out-of-scope activities will automatically be removed.

      Screenshot of the 'Job Description Survey Results' from the PMO Job Description Builder Workbook.

      Download the PMO Job Description Builder Workbook

      2.2.2 FTE analysis

      30 minutes

      Input: Tab 3 of the PMO Job Description Builder Workbook

      Output: Total estimated monthly time commitments, Preliminary FTE analysis

      Materials: PMO Job Description Builder Workbook

      Participants: PMO director and/or portfolio manager, PMO staff, Project managers

      Tab 3 of the PMO Job Description Builder Workbook is used to complete the FTE analysis.

      Download the PMO Job Description Builder Workbook

      2.2.2 FTE analysis continued

      Screenshot of the 'FTE analysis' on tab 3 of the PMO Job Description Builder Workbook. It has a table with columns for 'Rank', 'Process', 'Activity', and 'Est. Monthly Time Commitments (aka Column E)' with note 'Base these initial estimates on the number of projects and project teams, as well as the number of internal and external customers and stakeholders'. There is also a table of totals with a pie chart of the 'Distribution of Role Responsibilities'. The value for 'Total Estimated Monthly Timing Commitment' is in cell J5, and the note for the value of 'Preliminary FTE Analysis' is 'If your preliminary FTE analysis comes out to be more than 1 FTE, you may want to revisit your analysis on tabs 1 and 2 to further limit this role, or to further delineate it across multiple roles and FTEs'.

      On tab 3, use column E to estimate the monthly time commitments required for each activity in the role.

      Tip: Base estimates on the number of projects and project teams as well as the number of internal and external stakeholders across the portfolio(s) of projects and programs.

      Cell J5 will provide a preliminary recommended FTE count for the role.

      Job description content

      Screenshot of the 'Job Description Content' section of the PMO Job Description Builder Workbook.

      This is an output tab based on your analysis in tabs 1 and 2. Copy and paste the content and add it under the relevant heading in Info-Tech's Blank Job Description Template later in this blueprint.

      Screenshot of the 'Blank Job Description Template' section of the PMO Job Description Builder Workbook.

      For each capability you are including in your job description, there is a list of common certifications. These can also be copied and pasted into the Blank Job Description Template.

      Download the PMO Job Description Builder Workbook

      How to determine the roles in your PMO

      It’s not black and white.

      While your PMO should have someone to lead the team, aside from that it’s hard to be specific about the exact roles your PMO needs without understanding the needs of your organization.

      This is why it’s important to define your PMO first. Your team members should best support the function and capabilities of your PMO.

      For example:

      • If you want to provide a training program to project managers, you’ll need your PMO to have people with experience delivering training and with experience having done the job before.
      • If your PMO provides management information and deep portfolio analysis, you’ll need someone on the team who knows their way around data analysis tools.

      You should have a mix of skills in the PMO team, each complementing the others. You may have administrators and coordinators, data analysts and software experts, trainers, coaches, and senior managers.

      “If you want to go fast, go alone. If you want to go far, go together.” (African proverb)

      Managing projects and building PMOs are not the same thing

      Your best project manager should be running projects, and, no, they can’t do both.

      • Your new PMO needs a leader to get it off the ground, but don’t assume that the best project manager is best suited to build the PMO. The goal-oriented passion of a successful project manager may prove to be antithetical to the forward-looking finesse and political acumen needed to develop and staff the PMO as an organizational unit. Avoid the common mistake of promoting effective people into positions where they become ineffective, a concept often referred to as “The Peter Principle.”
      • You can’t determine if your best project manager fits the PMO leadership role if the PMO’s role isn’t clearly defined. Carefully define and clearly articulate the PMO’s role to understand the skill set needed to develop and lead your PMO.
      • Project managers often propose to create a PMO without considering the fit with project portfolio management and organizational change management. If the leadership doesn’t understand the magnitude of what is being requested, they may well think a project manager is best suited to run the PMO. The prestige and/or compensation is attractive, but project managers will often spin their wheels and naturally focus on what they know how to do: manage projects. Start with a PMO design to align with business expectations.

      The Peter Principle

      The Peter Principle was first introduced by Canadian sociologist Laurence Johnston Peter describing the pitfalls of bureaucratic organizations. The original principle states that "in a hierarchically structured administration, people tend to be promoted up to their level of incompetence.” The principle is based on the observation that whenever someone succeeds at their job, the organizational response is to promote them, thus people will continue to be promoted until they reach a point where they’re no longer excelling at their job. At that point, they would no longer be promoted. Followed to its logical conclusion, organizations will continue to take successful people and rotate them to new positions until they are no longer effective.

      PMO Director/Lead

      Job overviews for different kinds of PMO directors.

      The job descriptions on the next few pages are associated with the descriptive headings, but it is important to recognize that these diverse roles can all fall under the job title of PMO director.

      Portfolio Management

      As PMO director, you will oversee the throughput of IT projects using portfolio management, project management, and organizational change management disciplines.

      You and your team will directly manage the intake of new project requests, the preparation of evaluation-ready project proposals, and the handoff of approved project initiation documents to project managers in other departments. You will forecast and track the availability of people to do the project work throughout the project life cycle. You will publish monthly and annual portfolio reporting based on information collected from the project teams, and you will oversee the closure of projects with follow-up reporting to those who approved them.

      From time to time, the PMO may be required to identify projects that should be frozen or canceled based on criteria set forth by the leadership and/or industry best practices.

      While currently out of scope, successful candidates should be comfortable with the possibility that the PMO may required to develop full life cycle organizational change management in the future. As well, experienced project managers in the PMO may be required to manage high-risk, high-visibility projects from time to time.

      PMO Director/Lead

      Job overviews for different kinds of PMO directors.

      Project Management

      As PMO director, you will oversee a team of professional project managers who are responsible for the company’s high-risk, high-visibility, and strategic projects.

      You and your team will receive initiation documents and assigned resourcing for approved projects from the company’s authorized decision makers. You will manage the fulfillment of the project requirements, providing regular status updates to project and portfolio stakeholders and escalating concerns when projects are struggling to meet their commitments for scope, cost, and timelines.

      Over time, the PMO will take on an increasing role in organizational change management. The PMO will transition its focus from project delivery to business outcomes. Over time, the PMO will transition project sponsors from articulating requirements to delivering results.

      Project Policy

      As PMO director, you will oversee the establishment, support, and promotion of company-wide standards for project management.

      You and your team will modernize and maintain the company policy manuals and processes for everything related to project management. You will adapt our legacy PMBOK-based standards to cover iterative project management approaches as well as the more formal approaches required for construction projects, outsourced projects, and a wide variety of non-IT projects.

      PMO Director/Lead

      Job overviews for different kinds of PMO directors.

      Project Governance

      As PMO director, you will oversee the governance of project spending, delivery, and impact.

      You and your team will ensure that project proposals address the broad needs of the organization via strategic alignment, operational alignment, appropriateness of timing, identification and management of risk, and ability to execute. You will represent the needs and interests of the shareholder, ratepayer, or constituent by validating adherence to the organization’s published policies for project, portfolio, and organizational change management.

      The PMO is independent from the broader information technology division and will retain a mandate to ensure transparency and disclosure relative to the consumption of the organization’s scarce resources in the pursuit of high-risk IT projects.

      Stock photo of a compass pointing in the direction of leadership.

      Info-Tech sample job descriptions

      Use the sample job descriptions available with this blueprint as a guide when creating your descriptions.

      1. PMO Director
      2. Portfolio Manager
      3. Portfolio Administrator
      4. Project Manager
      5. Project Coordinator
      6. Resource Management Analyst
      1. Program Manager
      2. Change Manager
      3. Business Analyst
      4. Business Relationship Manager
      5. Product Owner
      6. Scrum Master

      Stock photo of a pen resting on a 'job duties' section of a job description.

      2.2.3 Create your job descriptions

      30 minutes

      Input: PMO Job Description Builder Workbook

      Output: Job descriptions

      Materials: Blank Job Description Template

      Participants: PMO director and/or portfolio manager, PMO staff, Project managers

      When you’ve determined the roles you need, you can start creating your job descriptions. If none of our out-of-the-box, pre-populated job description templates suit your needs, use the results of Info-Tech’s PMO Job Description Builder Workbook and the Blank Job Description Template to create your purpose-built job description.

      Follow these steps to create your job description:

      1. Copy the content from tab 4 of the PMO Job Description Builder Workbook and paste it under the relevant headings in the “Responsibilities” section of the Blank Job Description Template. Delete any unused headings if they are not relevant to your role. Additionally, use the list of common certifications on tab 4 of the Workbook to inform that section of the Blank Job Description Template.
      2. Use the sample job descriptions on the blueprint landing page as a guide for filling out the remaining sections of the document.

      Download the Blank Job Description Template

      2.2.3 Create your job descriptions continued

      Screenshot of the Blank Job Description Template.

      Prepare an Actionable Roadmap for Your PMO

      Phase 3

      Prepare an Actionable Roadmap for Your PMO

      Phase 1

      • 1.1 Get a Common Understanding of Your PMO Options
      • 1.2 Determine Where You Are and Engage Your Leadership

      Phase 2

      • 2.1 Identify Organizational Design
      • 2.2. Build Job Descriptions

      Phase 3

      • 3.1 Create Roadmap
      • 3.2 Governance and OCM
        •

      Having a strategy is essential but real value and benefits are delivered through projects

      9.9% of every dollar is wasted due to poor project performance

      52% of projects are delivered to stakeholder satisfaction

      51% of projects are likely to meet original the goal and business intent
      (Source: Project Management Institute, 2018)

      You’re always going to have troubled projects

      Have the organizational discipline to step away from the mess and develop a plan.

      • The world of modern project management has been in place for over 50 years and yet business leaders still seem to put the pressure on troubled projects instead of broken processes.
      • With higher portfolio maturity comes higher performance, warranting investment in the PMO.
      • Instead of alternative cost-reduction measures, such as stopping an individual project, we find that PMO resources (or the entire PMO) are being cut. In most cases, this demonstrates a lack of understanding of the value of portfolio management processes and related impacts.
      • Plan for a series of improvements over time so you’re not continually using your PMO resources on troubled projects. Instead, maintain an ongoing focus on improvement.

      Stock photo of an axe stuck in a piece of wood.
      “If I had six hours to chop down a tree, I’d spend the first four hours sharpening the axe.” (Anonymous woodsman)

      All improvements cannot be done at once

      • The difference in a winning PMO is determined by a roadmap or plan created at the beginning.
      • Leaders should understand the full scope of the plan before committing their teams to the project.
      • All improvements cannot be done at once. The best PMOs create an approach of overall governance and strictly adhere to it. After the approach is defined, a roadmap can be plotted, executed, and delivered effectively.
      • The exercise of creating a roadmap is less about the plan and more about raising the level of understanding for stakeholders.
      • We often find that the PMO is ahead of the business's views of how the PMO can support and add value to the business. A lot of effort is spent trying to convince businesses of the value of a PMO, usually without complete success.
      • The PMO needs to align to the strategic goals of the business, providing the business understands or accepts that alignment. By aligning your roadmap activities to business drivers, you are more likely to get ownership from the business for the initiatives.
      		 Stock image of a winding path between two map markers.

      A PMO can benefit your business and organization as a whole

      Your PMO can:

      1. Help to align the project or portfolio with a focus on the future strategy of the organization.
      2. Be a mechanism to deliver projects successfully, keep them on track, and report when scheduling, budget, and other scope issues could derail the project.
      3. Create a portfolio of projects and understand the links and dependencies between the projects. This provides you with a bird's-eye view to make better decisions based on changes as they arise.
      4. Facilitate better communications with customers and stakeholders.
      5. Enforce project management governance and ensure consistent standards throughout the organization.
      6. Strategize on how to best use shared resources and best use them productively.

      “If you run projects and the projects have a significant level of cost or have significant level of impact, then you can really benefit from a PMO. Certainly, the larger the projects, the bigger the budget, the more there are projects, then the more you can benefit from a PMO.” (Michael Fritsch, Vice President PMO, Confoe)

      “PMOs are there to ensure project and program success and that’s critical because organizations deliver value through projects and programs.” (Brian Weiss, Vice President, Practitioner Career Development, Project Management Institute)

      Step 3.1

      Create Roadmap

      Activities
      • 3.1.1 Business Goals
      • 3.1.2 Roadmap
      • 3.1.3 Resources

      This step will walk you through the following activities:

      • Determine business goals
      • Create roadmap
      • Establish resources

      This step involves the following participants:

      • PMO director and/or portfolio manager
      • PMO staff/stakeholders
      • Project managers

      Outcomes of this step

      • PMO roadmap aligned to business goals

      Prepare an Actionable Roadmap for Your PMO

      Step 3.1 Step 3.2

      3.1.1 Business goals and priorities

      30 minutes

      Input: Business strategies and goals, Current PMO org. chart

      Output: An initial short, medium, long-term roadmap of initiatives

      Materials: Whiteboard/flip charts, Sticky notes, Slide 83

      Participants: IT leaders/CIO, PMO director and/or portfolio manager, PMO staff, Project managers

      When you are determining what your PMO will provide in the future, it is important to align the ambition of the PMO with the maturity of the business. Too often, a lot of effort is spent trying to convince businesses of the value of a PMO.

      Before you develop your roadmap, try to seek out the key strategies that the business is currently driving to get the proper ownership for the proposed initiatives.

      • What does leadership want to accomplish?
      • What are the key strategies the business is currently driving?
      • What are the current pain points?

      Once you’ve established the business strategies, start mapping out your initiatives:

      • For each initiative, consider the activities you think will work best to take you from your current to future state. It’s okay to keep this high level, we will break them down later in the blueprint.
      • Don’t place activities on a roadmap with dates yet. Use the table on the next slide to record the activities against each initiative at a high level.
      Current State Business Strategies PMO Initiatives Future State Business Strategies
      Short Term Medium Term Long Term
      Portfolio Management Project Intake Process
      Triage Process
      Project Levelling
      Book of Record       		Approval
      Prioritization
      Reporting       		Resource Allocation
      Resource Management
      Project Management Standardize Project Management
      Methodologies       		PM Training
      Organizational Change Management Benefits
      Governance Project progress, visibility, and process
      Documentation

      3.1.2 Create your roadmap

      1-2 hours

      Services should be introduced gradually and your PMO roadmap should clearly highlight this and explain when key deliverables will be achieved.

      Consider the below top-level tasks and add any others that pertain to your organization:

      • Enable Transition
      • Establish Governance
      • Organizational Chart
      • Technology and Infrastructure
      • Develop Portfolio Management Capabilities and Guidelines
      • Standardize Project Management Methodology
      • Organizational Change Management
      • Strategy Management

      Download Info-Tech’s PMO MS Project Plan Sample to see a full list of top-level tasks and second-level tasks. Once done, you can visually plot the tasks on a roadmap. See the next few slides for roadmap visuals.

      Stock photo of median lines on a road with the years 2021-2023 painted between them.

      Download the PMO MS Project Plan Sample

      Screenshot of PMO MS Project Plan Sample

      Screenshot of PMO MS Project Plan Sample with notes point out the headings as 'Top-level hierarchy' and the list contents as 'Second-level-hierarchy'.

      Sample roadmap

      A sample roadmap with column headers 'Task' and 'Q1', 'Q2', 'Q3', 'Q4', and 'Q1' with 3 months beneath each quarter. Under 'Task' are 'Establish Tradition', 'Establish Governance', 'Organizational Chart', and 'Technology and Infrastructure'; these are the 'Top-level-hierarchy'. There are arrows laid out in the table cross section with different steps; these are the 'Second-level hierarchy'.

      Sample roadmap

      A sample roadmap with monthly column headers 'Jan' through 'Jun'. Rows are 'Develop Portfolio Management Capabilities and Guidelines', 'Standardize Project Management Methodology', and 'Design Resource Management Process'. There are processes laid out in the table cross section that are color-coded as 'Completed', 'In progress', and 'Planned'.

      Consider the resources you will need

      Use these Info-Tech resources to make sure your roadmap will be successful.

      Finances – Understand and be transparent about the real costs of your project.

      People – Strategize according to skill sets and availability. Use the org. chart in phase 2 of this blueprint as a starting place (slide 58).

      Assets – Determine the tangible resources you may buy like software and licenses.

      Stock photo of a thinking man.

      3.1.3 Define resources

      30 minutes

      Input: Project documentation, Current resources

      Output: List of resources for your PMO

      Materials: Whiteboard/flip charts

      Participants: IT leaders/CIO, PMO director and/or portfolio manager, PMO staff, Project managers

      Resources for your projects include staff, equipment, and materials. Resource management at the PMO level will help you manage those resources, get visibility into projects, and keep them moving forward. Be sure to consider the resources that will get your PMO off the ground.

      Determine the resources you currently have and the resources your PMO will need and add them to your strategic plan:

      1. Finances — It’s essential that you know, and are transparent about, the real cost of creating your PMO and new process. Don’t forget to consider post deployment costs as well.
      2. People — Every project depends on the skill sets that individual team members bring to the table. Strategize according to these skill sets and their availability for the duration of a project. Some team members may have other work responsibilities and limited time for the project, so you need to accommodate this.
      3. Assets — These include the tangible resources you may have to buy, lease, or arrange for, such as workspace, software and licenses, computer hardware, testing equipment, and so on.

      Step 3.2

      Governance and OCM

      Activities
      • 3.2.1 Governance
      • 3.2.2 OCM
      • 3.2.3 Perform a Change Impact Analysis
      • 3.2.4 Determine Dimensions of Change
      • 3.2.5 Determine Depth of Impact

      This step will walk you through the following activities:

      • Assess/understand governance
      • Conduct impact analysis

      This step involves the following participants:

      • PMO director and/or portfolio manager
      • PMO staff/stakeholders
      • Project managers

      Outcomes of this step

      • Governance Structures
      • Organizational Change Management Impact Analysis Tool

      Prepare an Actionable Roadmap for Your PMO

      Step 3.1 Step 3.2

      Clearly define the authority your PMO will have

      The following section includes slides from Info-Tech’s Make Governance Adaptable blueprint. Download the blueprint to dive deeper into IT governance.

      Governance is an important part of building a strong PMO. A PMO governance framework defines the authority and the support it requires to maximize portfolio and project management capabilities throughout the business. It should sit within your overall governance framework and as the PMO matures, its roles and responsibilities will also change to adapt with business demands and additional capabilities.

      Your framework can:

      • Specify PMO authority
      • Introduce and apply process standards, polices, and directives as it pertains to project and portfolio management
      • Facilitate executive and leadership involvement
      • Foster a collaborative environment between the PMO and the business

      A PMO governance framework enables PMO leaders to establish the common guidelines and manage the distribution of authority given to the PMO.

      Visit Make Your IT Governance Adaptable

      Stock photo of a group working together.

      Common causes of poor governance

      Key causes of poor or misaligned governance
      1. Governance and its value to your organization is not well understood, often being confused or integrated with more granular management activities.
      2. Business executives fail to understand that IT governance is a function of the business and not the IT department.
      3. Poor past experiences have made “governance” a bad word in the organization – a constraint and barrier that must be circumvented to get work done.
      4. There is misalignment between accountability and authority throughout the organization, and the wrong people are involved in governance practices.
      5. There is an unwillingness to change a governance approach that has served the organization well in the past, leading to challenges when the organization starts to change practices and speed of delivery.
      6. There is a lack of data and data-related capabilities required to support good decision making and the automation of governing decisions.
      7. The goals and strategy of the organization are not known or understood, leaving nothing for IT governance to orient around.
      		 Five key symptoms of ineffective governance committees
      1. No actions or decisions are generated – The committee produces no value and makes no decisions after it meets. The lack of value output makes the usefulness of the committee questionable.
      2. Overallocation of resources – There is a lack of clear understanding of capacity and value in work to be done, leading to consistent underestimation of required resources and resource overallocation.
      3. Decisions are changed outside of committee – Decisions that are made or initiatives that are approved are changed when the proper decision makers are involved or the right information becomes available.
      4. Decisions conflict with organizational direction – Governance decisions conflict with organizational needs, showing a visible lack of alignment and behavioral disconnects that work against organizational success. Often due to power that’s not accounted for within the structure.
      5. Consistently poor outcomes are produced from governance direction – Lack of business acumen in members and relevant data or understanding of organizational goals drives poor measured outcomes from the decisions made in the committee.

      IT PMO

      Chair:
      Updated:

      Mandate

      Ensure business value is achieved through information and technology (IT) investments by aligning strategic objectives and client needs with IT initiatives and their outcomes.

      Committee Goals

      • Maximize throughput of the most valuable projects
      • Ensure visibility of current and pending projects
      • Minimize resource waste and optimize of alignment of skills to assignments
      • Clarify accountability for post-project benefits attainment and facilitate the tracking/reporting of those benefits
      • Drive approval and prioritization of IT initiatives based on their alignment with business goals and strategy
      • Establish a consistent process for handling intake/demand

      Committee Metrics

      • % of approved IT initiatives that measure benefit achievement upon completion
      • % of IT initiatives with direct alignment to organizational strategic direction
      • % of initiatives approved by exception

      Decisions and responsibilities by purpose

      Responsibilities
      STRATEGIC ALIGNMENT

      Ensure initiatives align with organizational objectives
      Embed strategic goals and prioritization approach within process
      Define intake approach

      		VALUE DELIVERY
      • Ensure all IT initiatives have a defined value expectation (excepting innovation activities)
      • Approve and prioritize IT initiatives based on value
      		 RISK MANAGEMENT

      Assess risk as a factor of prioritizing and approving initiatives

      		RESOURCE MANAGEMENT

      Decide on the allocation of IT resources

      		PERFORMANCE MEASUREMENT

      Ensure process is in place to measure and validate performance of IT initiatives

      Committee Membership
      Role

      CIO, Product Owner, Service Owner, IT VPs, BRM, PMO Director, CISO/CRO

      		Individual

      IT Steering Committee

      Chair:
      Updated:

      Mandate

      Ensure business value is achieved through information and technology (IT) investments by aligning strategic objectives and client needs with IT initiatives and their outcomes.

      Committee Goals

      • Align IT initiatives with organizational goals
      • Evaluate, approve, and prioritize IT initiatives
      • Approve IT strategy
      • Reinforce (if provided) or establish risk appetite and threshold
      • Confirm value achievement of approved initiatives
      • Set target investment mix and optimize IT resource utilization

      Committee Metrics

      • % of approved IT initiatives that meet or exceed value expectation
      • % of IT initiatives with direct alignment to organizational strategic direction
      • Level of satisfaction with IT decision making
      • % of initiatives approved by exception

      Committee Overview

      Committee Name Committee Membership Mandate
      Executive Leadership Committee CEO, CFO, CTO, CDO, CISO/CRO, CIO, Enterprise Architect/Chief Architect, CPO Provide strategic and operational leadership to the company by establishing goals, developing strategy, and directing/validating strategic execution.
      Enterprise Risk Committee CISO/CRO, CPO, Enterprise Risk Manager, BU Leaders, CFO, CTO, CDO Govern enterprise risks to ensure that risk information is available and integrated to support governance decision making. Ensure the definition of the organizational risk posture and that an enterprise risk approach is in place.
      IT Steering Committee CIO, Product Owner, Service Owner, IT VPs, BRM, PMO Director, CISO/CRO Ensure business value is achieved through information and technology (IT) investments by aligning strategic objectives and client needs with IT initiatives and their outcomes.
      IT Risk Council IT Risk Manager, CISO, IT Directors Govern IT risks within the context of business strategy and objectives to align the decision-making processes towards the achievement of performance goals. It will also ensure that a risk management framework is in place and risk posture (risk appetite/threshold) is defined.
      PPM Portfolio Manager, Project Managers, BRMs Ensure the best alignment of IT initiatives and program activity to meet the goals of the business.
      Architectural Review Board Service/Product Owners, Enterprise Architects, Chief Architect, Domain Architects Ensure enterprise and related architectures are managed and applied enterprise-wise. Ensure the alignment of IT initiatives to business strategy and architecture and compliance to regulatory standards. Establish architectural standards and guidelines. Review and recommend initiatives.
      Change Advisory Board Service/Product Owner, Change Manager, IT Directors or Managers Ensure changes are assessed, prioritized, and approved to support the change management purpose of optimizing the throughput of successful changes with a minimum of disruption to business function.

      Decisions and responsibilities by purpose

      Responsibilities
      STRATEGIC ALIGNMENT
      • Ensure initiatives align with organizational objectives
      • Approve strategies and policies that ensure the organization benefits from IT
      • Propose innovative uses of IT to enable the business to compete and perform better
      • Make decisions that account for human preferences and behavior
      		VALUE DELIVERY
      • Validate the achievement of benefits from IT initiatives
      • Ensure all IT initiatives have a defined value expectation (excepting innovation activities)
      • Ensure stakeholder value and value drivers are understood
      • Prioritize IT work based on value
      • Define a prioritization approach with stakeholders
      		RISK MANAGEMENT
      • Ensure creation, maintenance, and observation of policies and procedures, ensuring conformance where needed
      • Ensure ethical behavior in IT
      • Ensure IT meets the requirements of laws, regulations, and contracts
      • Develop or reinforce the risk appetite and threshold
      • Ensure risk management framework is in place
      		RESOURCE MANAGEMENT
      • Identify the target investment mix
      • Decide on the allocation of IT resources
      • Define required IT capabilities
      		PERFORMANCE MEASUREMENT
      • Confirm that IT supports business processes with the right capabilities and capacity
      • Ensure data is up to date and secure
      • Monitor the extent to which prioritization of IT resources matches organizational objectives
      • Measure extent to which IT supports the business
      • Measure adherence to regulations
      Committee Membership
      Role

      CIO, Product Owner, Service Owner, IT VPs, BRM, PMO Director, CISO/CRO

      		Individual

      Sample Governance Model

      A sample governance model with four levels and roles dispersed throughout the levels with arrows indicating hierarchy. The levels are 'Enterprise: Defines organizational goals. Directs or regulates the performance and behavior of the enterprise, ensuring it has the structure and capabilities to achieve its goals', 'Strategic: Ensures IT initiatives, products, and services are aligned to organizational goals and strategy and provide expected value. Ensure adherence to key principles', 'Tactical: Ensures key activities and planning are in place to execute strategic initiatives', and 'Operational: Ensures effective execution of day-to-day functions and practices to meet their key objectives'. Roles in Enterprise are 'Board', 'Executive Leadership Committee', and 'Enterprise Risk Committee'. Roles in Strategic are 'IT Steering Committee', plus three half in Strategic, 'IT PMO', 'Architectural Review Board', and 'IT Risk Council'. One role is half in Strategic and half in Tactical, 'Change Advisory Board'.

      3.2.1 Governance and authority

      1-3 hours

      Input: List of key tasks

      Output: Initial Authority Map

      Materials: Whiteboard/flip charts, Sticky notes, Strategic Plan

      Participants: IT leadership, Portfolio Manager (PMO Director), PMO Admin Team, Project Managers

      Now that you’ve determined the activities on your roadmap, it’s important to determine who is going to be responsible for the following:

      • Intake Scoring
      • Project Approvals
      • Staffing and Resource Management
      • Portfolio Reporting
      • Communications and Organizational Change Management
      • Benefits Attainment
      • Formalized Project Closure
      1. For each task have participants discuss who is ultimately accountable for the decision and who has the ultimate authority to make that decision.
      2. Place the sticky notes on the swim lanes in the strategic plan to represent the area or person has authority over it.
      3. Add all initiatives to your PMO governance framework.

      Download the PMO Strategic Plan

      Governance and Authority

      Committee Name Committee Membership
      Executive Leadership Committee CEO, CFO, CTO, CDO, CISO/CRO, CIO, Enterprise Architect/Chief Architect, CPO
      Enterprise Risk Committee CISO/CRO, CPO, Enterprise Risk Manager, BU Leaders, CFO, CTO, CDO
      IT Steering Committee CIO, Product Owner, Service Owner, IT VPs, BRM, PMO Director, CISO/CRO
      IT Risk Council IT Risk Manager, CISO, IT Directors,
      PPM Portfolio Manager, Project Managers, BRMs
      Architectural Review Board Service/Product Owners, Enterprise Architects, Chief Architect, Domain Architects
      Change Advisory Board Service/Product Owner, Change Manager, IT Directors or Managers

      PMO Governance Framework

      PMO Authority
      • Resource Management
      • Customer Relationship
      • Vendor & Contractor Relationships
      • Intake and Scoring
      • Project Approvals
      • Organizational Change Management
      		 Standards and Policies
      • Portfolio Management Process
      • Project Governance
      		 Guidelines
      • Project Classification Guidelines
      		 Executive Oversight
      • Establish Steering Committees
      • Sponsorship
      • Spending Authorization
      • Execution Oversight
      • Spending Cessation
      • Benefits Attainment
      • Organizational Change Management

      Customize groupings as appropriate.

      Document key achievements governance initiatives.

      Completed projects aren’t necessarily successful projects

      The constraints that drive project management (time, scope, and budget) are insufficient for driving the overall success of project efforts.

      For instance, a project may come in on time, on budget, and in scope, but…

      • …if users and stakeholders fail to adopt…
      • …and the intended benefits are not achieved...

      …then that “successful project” represents a massive waste of the organization’s time and resources.

      Organizational change management (OCM) is a supplement to project management that is needed to ensure the intended value is realized. It is the practice through which the PMO or other body can improve user adoption rates and maximize project benefits. Without it, IT might finish the project but the business might fail to recognize the intended benefits.

      Start with next step and refer to Info-Tech research on OCM for a deeper dive. Impact analysis is the cornerstone of any OCM strategy. By shining a light on considerations that might have otherwise escaped project planners and decision makers, an impact analysis is an essential component to change management and project success.

      Change Impact Analysis

      1. It is important to establish a process for analyzing how the change of your PMO roadmap processes will impact different areas of the business and how to manage these impacts. Analyze change impacts across multiple dimensions to ensure nothing is overlooked.
      2. A thorough analysis of change impacts will help the PMO processes:
        • Bypass avoidable problems.
        • Remove non-fixed barriers to success.
        • Acknowledge and minimize the impacts of unavoidable barriers.
        • Identify and leverage potential benefits.
        • Measure the success of the change.

      3.2.2 Perform a change impact analysis to make your planning more complete

      Use Info-Tech’s Organizational Change Impact Analysis Tool to weigh all the factors involved in the change.

      Info-Tech’s Organizational Change Impact Analysis Tool helps to document the change impact across multiple dimensions, enabling you to review the analysis with others to ensure that the most important impacts are captured. The tool also helps to effectively monitor each impact throughout project execution.

      • Change impact considerations can include products, services, states, provinces, cultures, time zones, legal jurisdictions, languages, colors, brands, subsidiaries, competitors, departments, jobs, stores, locations, etc.
      • Each of these dimensions is an MECE (Mutually Exclusive, Collectively Exhaustive) list of considerations that could be impacted by the change. For example, a North American retail chain might consider “Time Zones” as a key dimension, which could break down as Newfoundland, Atlantic, Eastern, Central, Mountain, and Pacific.

      Sample of the Organizational Change Impact Analysis Tool.

      Download the Organizational Change Impact Analysis Tool

      3.2.3 Assess the current state of your project environment

      15 minutes

      The “2. Set Up” tab of the Impact Tool is where you enter project-specific data pertaining to the change initiative.

      The inputs on this tab are used to auto-populate fields and drop-down menus on subsequent tabs of the analysis.

      Document the stakeholders (by individual or group) associated with the project who will be subject to the impacts.

      You are allowed up to 15 entries. Try to make this list comprehensive. Missing any key stakeholders will threaten the value of this activity as a whole.

      If you find that you have more than 15 individual stakeholders, you can group individuals into stakeholder groups.

      		Sample of the Impact Analysis Tool Set-Up Tab. There is a space for 'Project Name' and a list of 'Project Stakeholders'.
      Keep in mind…

      An impact analysis is not a stakeholder management exercise.

      Impact assessments cover:

      • How the change will affect the organization.
      • How individual impacts might influence the likelihood of adoption.

      Stakeholder management covers:

      • Resistance/objections handling.
      • Engagement strategies to promote adoption.

      We will cover the latter in the next step.

      3.2.4 Determine the relevant considerations for analyzing the change impacts

      15-30 minutes

      Use the survey on tab 3 of the Impact Analysis Tool to determine the dimensions of change that are relevant.

      The impact analysis is fueled by the 13-question survey on tab 3 of the tool.

      This survey addresses a comprehensive assortment of change dimensions, ranging from customer-facing considerations to employee concerns, to resourcing, logistical, and technological questions.

      Once you have determined the dimensions that are impacted by the change, you can go on to assess how individual stakeholders and stakeholder groups are affected by the change.

      		Sample of the Change Impact Survey on tab 3 of the Impact Analysis Tool.
      Screenshot of tab “3. Impact Survey,” showing the 13-question survey that drives the impact analysis.

      Ideally, the survey should be performed by a group of project stakeholders together. Use the drop-down menus in column K to record your responses.

      Impacts will be felt differently by different stakeholders and stakeholder groups

      As you assess change impacts, keep in mind that no impact will be felt the same across the organization. Depth of impact can vary depending on the frequency (will the impact be felt daily, weekly, monthly?), the actions necessitated by it (e.g. will it change the way the job is done or is it simply a minor process tweak?), and the anticipated response of the stakeholder (support, resistance, indifference?).

      Use the Organizational Change Depth Scale below to help visualize various depths of impact. The deeper the impact, the tougher the job of managing change will be.

      Procedural
      Behavioral
      Interpersonal
      Vocational
      Cultural
      Procedural change involves changes to explicit procedures, rules, policies, processes, etc. Behavioral change is similar to procedural change, but goes deeper to involve the changing tacit or unconscious habits. Interpersonal change goes beyond behavioral change to involve changing relationships, teams, locations, reporting structures, and other social interactions. Vocational change requires acquiring new knowledge and skills and accepting the loss or decline in the value or relevance of previously acquired knowledge and skills. Cultural change goes beyond interpersonal and vocational change to involve changing personal values, social norms, and assumptions about the meaning of good vs. bad or right vs. wrong.
      Example: providing sales reps with mobile access to the CRM application to let them update records from the field. Example: requiring sales reps to use tablets equipped with a custom mobile application for placing orders from the field. Example: migrating sales reps to work 100% remotely. Example: migrating technical support staff to field service and sales support roles. Example: changing the operating model to a more service-based value proposition or focus.

      3.2.5 Determine the depth of each impact for each stakeholder group

      1-3 hours

      Tab “4. Impact Analysis” of the Analysis Tool contains the meat of the impact analysis activity.

      1. The “Impact Analysis” tab is made up of 13 change impact tables (see next slide for a screenshot of one of these tables).
        • You may not need to use all 13 tables. The number of tables you use coincides with the number of “yes” responses you gave in the previous tab.
        • If you do not need all 13 impact tables (i.e. if you do not answer “yes” to all thirteen questions in tab 2) the unused/unnecessary tables will not auto-populate.
      2. Use one table per change impact. Each of your “yes” responses from tab 3 will auto-populate at the top of each change impact table. You should go through each of your “yes” responses in turn.
      3. Analyze how each impact will affect each stakeholder or stakeholder group touched by the project.
        • Column B in each table will auto-populate with the stakeholder groups from the Set-Up tab.
      4. Use the drop-down menus in columns C, D, and E to rate the frequency of each impact, the actions necessitated by each impact, and the anticipated response of each stakeholder group.
        • Each of the options in these drop-down menus is tied to a ranking table that informs the ratings on the two subsequent tabs.
      5. If warranted, you can use the “Comments” cells in column F to note the specifics of each impact for each stakeholder/group.

      See the next slide for an accompanying screenshot of a change impact table from tab 4 of the Analysis Tool.

      Screenshot of “Impact Analysis” tab

      Screenshot of the Impact analysis tab of the Analysis Tool.

      The stakeholder groups entered on the Set Up tab will auto-populate in column B of each table.

      Your “yes” responses from the survey tab will auto-populate in the cells to the right of the “Change Impact” cells.

      Use the drop-down menus in this column to select how often the impact will be felt for each group (e.g. daily, weekly, periodically, one time, or never).

      “Actions” include “change to core job duties,” “change to how time is spent,” “confirm awareness of change,” etc.

      Use the drop-down menus to hypothesize what the stakeholder response might be. For the purpose of this impact analysis, a guess is fine. A more detailed communication plan can be created later.

      Review your overall impact rating to help assess the likelihood of change adoption

      Use the “Overall Impact Rating” on tab 5 to help right-size your OCM efforts.

      Based upon your assessment of each individual impact, the Analysis Tool will provide you with an “Overall Impact Rating” in tab 5.

      • This rating is an aggregate of each of the individual change impact tables used during the analysis and the rankings assigned to each stakeholder group across the frequency, required actions, and anticipated response columns.
      Projects in the red zone should have maximum change governance, applying a full suite of OCM tools and templates as well as revisiting the impact analysis exercise regularly to help monitor progress.

      Increased communication and training efforts, as well as cross-functional partnerships, will also be key for success.

      		Projects in the yellow zone also require a high level of change governance.
      Screenshot of 'Overall Impact Rating' scale on tab 5 of the Analysis Tool.       		To free up resources for those OCM initiatives that require more discipline, projects in the green zone can ease up in their OCM efforts somewhat. With a high likelihood of adoption as is, stakeholder engagement and communication efforts can be minimized somewhat for these projects, so long as the PMO is in regular contact with key stakeholders.

      Use the other outputs on tab 5 to help structure your OCM efforts

      In addition to the overall impact rating, tab 5 has other outputs that will help you assess specific impacts and how the overall change will be received by stakeholders.

      Screenshot of the Impact Analysis Outputs on tab 5 of the Analysis Tool. There are tables ranking risk impacts and stakeholders, as well as an impact zone map.

      This table displays the highest risk impacts based on frequency and action inputs on tab 4.

      Here you’ll find the stakeholders, ranked again based on frequency and action, who will be most impacted by the proposed changes.

      These are the five stakeholders most likely to support changes, based on the Anticipated Response column on tab 4.

      The stakeholder groups entered on the Set Up tab will auto-populate in column B of each table.

      In addition to these outputs, this tab also lists top five change resistors and has an impact register and list of potential impacts to watch out for (i.e. your “maybe” responses from tab 3).

      Establish Baseline Metrics

      Baseline metrics will be improved through:

      • A strong PMO is one than can link performance to the overall goals of the organization.
      • Use these examples of KPIs to measure success.
      Metric KPI
      Portfolio Performance Return on Investment (ROI) for projects and programs
      Alignment of spend with objectives
      Resource Utilization Rate (hours allocated to projects actual vs. allocation)
      Customer/Stakeholder Satisfaction
      # of strategic projects approved vs. completed
      Project/Program Performance % of completed projects (planned vs. actual)
      % of projects completed on time (based on original due date)
      % of projects completed on budget
      % of projects delivering their expected business outcomes
      Actual delivery of benefits vs. planned benefits
      % of customer satisfaction
      Project manager satisfaction rating
      PMO % of approved IT initiatives that measure benefit achievement upon completion
      % of IT initiatives with direct alignment to organizational strategic direction

      Summary of Accomplishment

      Problem Solved

      Knowledge Gained
      • PMO Options and “Best Practices”
      • PMO Types
      • Key PMO Functions/Services

      The PMO staffing model that you use will depend on many different factors. It is in your hands to create and define what your staffing needs are for your organization.

      The success of your PMO is linked to the plan you create before executing on it.

      Processes Optimized
      • Establishing organizational need.
      • Getting situational awareness to build a solid foundation for the PMO.
      • Identifying organizational design and establishing PMO structure and staffing needs.
      • Creating an actionable roadmap.

      If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

      Contact your account representative for more information.

      workshops@infotech.com 1-888-670-8889

      Summary of Accomplishment

      Problem Solved

      Deliverables Completed
      • PMO Role Development Tool
      • Initial PMO Mandate
      • PMO Job Description Builder Workbook
      • PMO job descriptions
      • PMO Strategic Plan
      • Organizational Change Impact Analysis Tool

      If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

      Contact your account representative for more information.

      workshops@infotech.com 1-888-670-8889

      Additional Support

      If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

      Photo of Ugbad Farah.

      Contact your account representative for more information.

      workshops@infotech.com 1-888-670-8889

      To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.

      Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.

      The following are sample activities that will be conducted by Info-Tech analysts with your team:

      Sample of the Job Description Survey activity.
      Job Description Survey
      Use the survey to help determine potential role requirements across various project portfolio management, project management, business analysis, and organizational change management activities.       		Sample of the Job Descriptions builder activity.
      Create Your Job Descriptions
      Use the job descriptions as a guide when creating your own job descriptions based on the outputs from the tool.

      Related Info-Tech Research

      Stock photo of two people looking over their finances. Develop a Project Portfolio Management Strategy
      Time is money; spend it wisely.
      Stock photo of a hand with a pen resting on paper. Establish Realistic IT Resource Management Practices
      Holistically balance IT supply and demand to avoid overallocation.
      Stock photo of light bending through a tunnel. Tailor Project Management Processes to Fit Your Projects
      Spend less time managing processes and more time delivering results.

      Related Info-Tech Research

      Stock photo of a group working on a project. Optimize IT Project Intake, Approval, and Prioritization
      Decide which IT projects to approve and when to start them.
      Stock photo of a round table silhouetted in front of a window. Master Organizational Change Management Practices
      PMOs, if you don’t know who is responsible for org change, it’s you.
      Stock photo of the nose of a fighter jet. Set a Strategic Course of Action for the PMO in 100 Days
      Use your first 100 days as PMO leader to define a mandate for long-term success.

      Bibliography

      Alexander, Moira. “How to Develop a PMO Strategic Plan.” CIO, 11 July 2018. Web.

      Barlow, Gina, Andrew Tubb, and Grant Riley. “Driving Business Performance. Project Management Survey 2017.” KPMG, 2017. Accessed 11 Jan. 2022.

      Brennan, M. V., and G. Heerkens. “How we went from zero project management to PMO implementation—a real life story.” Paper presented at PMI® Global Congress 2009—North America, Orlando, FL. Project Management Institute, 13 October 2009. Web.

      Casey, W., and W. Peck. “Choosing the right PMO setup.” PM Network, vol. 15, no. 2, 2001, pp. 40-47. Web.

      “COBIT 2019 Framework Governance and Management Objectives.” ISACA, 2019. PDF.

      Crawford, J. K. “Staffing your strategic project office: seven keys to success.” Paper presented at Project Management Institute Annual Seminars & Symposium, San Antonio, TX. Project Management Institute, 2002. Web.

      Davis, Stanley M., and Paul R. Lawrence. “Problems of Matrix Organizations.” Harvard Business Review, May 1978. Web.

      Dow, William D. “Chapter 6: The Tactical Guide for Building a PMO.” Dow Publishing, 2012. PDF.

      Giraudo, L., and E. Monaldi. “PMO evolution: from the origin to the future.” Paper presented at PMI® Global Congress 2015—EMEA, London, England. Project Management Institute, 11 May 2015. Web.

      Greengard, S. “No PMO? Know when you need one.” PM Network, vol. 27, no. 12, 2013, pp. 44-49. Web.

      Hobbs, J. B., and M. Aubry. “What research is telling us about PMOs.” Paper presented at PMI® Global Congress 2009—EMEA, Amsterdam, North Holland, The Netherlands. Project Management Institute, May 2009. Web.

      Jordan, Andy. “Staffing the Strategic PMO.” ProjectManagement.com, 24 October 2016. Web.

      Lang, Greg. “5 Questions to Answer When Building a Roadmap.” LinkedIn, 2 October 2016. Accessed 15 Apr. 2021.

      Manello, Carl. “Establish a PMO Roadmap.” LinkedIn, 10 February 2021. Accessed 29 Mar. 2021.

      Martin, Ken. “5 Steps to Set Up a Successful Project Management Office.” BrightWork, 9 July 2018. Accessed 29 Mar. 2021.

      Miller, Jen A. “What Is a Project Management Office (PMO) and Do You Need One?” CIO, 19 October 2017. Accessed 16 Apr. 2021.

      Needs, Ian. “Why PMOs Fail: 5 Shocking PMO Statistics.” KeyedIn, 6 January 2014. Web.

      Ovans, Andrea. “Overcoming the Peter Principle.” Harvard Business Review, 22 December 2014. Web.

      PMI®. “A Guide to the Project Management Body of Knowledge.” 6th Ed. Project Management Institute, 2017.

      PMI®. “Ahead of the Curve: Forging a Future-Focused Culture.” Pulse of the Profession. Project Management Institute, 11 February 2020. Accessed 21 April 2021.

      PMI®. “Project Management: Job Growth and Talent Gap.” Project Management Institute, 2017. Web.

      PMI®. “Pulse of the Profession: Success in Disruptive Times.” Project Management Institute, 2018. Web.

      PMI®.“The Project Management Office: In Sync with Strategy.” Project Management Institute, March 2012. Web.

      “Project Management Organizational Structures.” PM4Dev, 2016. Web.

      Rincon, I. “Building a PMO from the ground up: Three stories, one result.” Paper presented at PMI® Global Congress 2014—North America, Phoenix, AZ. Project Management Institute, 26 October 2014. Web.

      Roseke, Bernie. “The 4 Types of Project Organizational Structure.” ProjectEngineer, 16 August 2019. Web.

      Sexton, Peter. “Project Delivery Performance: AIPM and KPMG Project Management Survey 2020 - KPMG Australia.” KPMG, 9 November 2020. Web.

      The Change Management Office (CMO). Prosci, n.d. Accessed 7 July 2021.

      “The New Face of Strategic Planning.” Project Smart, 27 March 2009. Accessed 29 Mar. 2021.

      “The State of Project Management Annual Survey.” Wellington PPM Intelligence, 2018. Web.

      “The State of the Project Management Office : Enabling Strategy Execution Excellence.” PM Solutions Research, 2016. Web.

      Wagner, Rodd. “New Evidence The Peter Principle Is Real - And What To Do About It.” Forbes, 10 April 2018. Accessed 14 Apr. 2021.

      Wright, David. “Developing Your PMO Roadmap.” Paper presented at PMI® Global Congress 2012—North America, Vancouver, British Columbia, Canada. Project Management Institute, 2012. Accessed 29 March 2021.

      Recruit and Retain More Women in IT

      • Buy Link or Shortcode: {j2store}575|cart{/j2store}
      • member rating overall impact: 9.3/10 Overall Impact
      • member rating average dollars saved: $14,532 Average $ Saved
      • member rating average days saved: 4 Average Days Saved
      • Parent Category Name: Attract & Select
      • Parent Category Link: /attract-and-select
      • While the number of jobs in IT has increased dramatically, the percentage of women in IT has progressed disproportionately, with only 25% of IT jobs being held by women (CIO from IDG, 2021).
      • The challenge is not a lack of talented women with the competencies to excel within IT, but rather organizations lack an effective strategy to recruit and retain women in IT.

      Our Advice

      Critical Insight

      • Retaining and attracting top women is good business, not personal. As per McKinsey Global Institute, “$4.3 trillion of additional annual GDP in 2025 could be added to the U.S. by fully bridging the gender gap.”
      • In the war on talent, having a strategy around how you will recruit & retain of women in IT is Marketing 101. What influences whether women apply for roles and stay at organizations is different than men; traditional models won’t cut it.

      Impact and Result

      To stay competitive, IT leaders need to radically change the way they recruit and retain talent, and women in IT represent one of the largest untapped markets for IT talent. CIOs need a targeted strategy to attract and retain the best, and this requires a shift in how leaders currently manage the talent lifecycle. Info-Tech offers a targeted solution that will help IT leaders:

      1. Build a Recruitment Playbook: Leverage Info-Tech tools to effectively sell to, search for, and secure top talent.
      2. Build a Retention Strategy: Follow Info-Tech’s step-by-step process to identify initiatives and opportunities to retain your top talent.

      Recruit and Retain More Women in IT Research & Tools

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Recruit and Retain More Women in IT Deck – A step-by-step document that walks you through how to build a recruitment and retention plan for women in IT.

      Create a targeted recruitment and retention strategy for women. Increase the number of viable candidates by leveraging best practices to sell to, search for, and secure top women in IT. Take a data-driven approach to improving retention of women by using best practices to measure and improve employee engagement.

      • Recruit and Retain More Women in IT – Phases 1-2

      2. Employee Value Proposition Tools – Build and road-test your employee value proposition to ensure that it is aligned, clear, compelling, and differentiated.

      These tools tap into best practices to help you collect the information you need to build, assess, test, and adopt an employee value proposition.

      • Employee Value Proposition (EVP) Interview Guide
      • Employee Value Proposition (EVP) Scorecard
      • Employee Value Proposition (EVP) Internal Scorecard Handout

      3. IT Behavioral Interview Question Library – A complete list of sample questions aligned with core, leadership, and IT competencies.

      Don’t hire by intuition, consider leveraging behavioral interview questions to reduce bias and uncover candidates that will be able to execute on the job.

      • IT Behavioral Interview Question Library

      4. Stay Interview Guide – Use this tool to guide one-on-one conversations with your team members to monitor employee engagement between surveys.

      Stay interviews are an effective method for monitoring employee engagement. Have these informal conversations to gain insight into what your employees really think about their jobs, what causes them to stay, and what may lead them to leave.

      • Stay Interview Guide

      Infographic

      Workshop: Recruit and Retain More Women in IT

      Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

      1 Make the Case for Strategically Recruiting and Retaining Women in IT

      The Purpose

      Identify the need for a targeted strategy to recruit and retain women in IT and pinpoint your largest opportunities to drive diversity in your IT team.

      Key Benefits Achieved

      Establish goals and targets for the changes to be made to your IT recruitment and retention strategies.

      Activities

      1.1 Understand trends in IT staffing.

      1.2 Assess your talent lifecycle challenges and opportunities.

      1.3 Make the case for changes to recruitment and retention strategies.

      Outputs

      Recruitment & Retention Metrics Report

      Business Case for Recruitment and Retention Changes

      2 Develop Strategies to Sell Your Organization to Wider Candidate Pool

      The Purpose

      The way you position the organization impacts who is likely to apply to posted positions. Ensure you are putting a competitive foot forward by developing a unique, meaningful, and aspirational employee value proposition and clear job descriptions.

      Key Benefits Achieved

      Implement effective strategies to drive more applications to your job postings.

      Activities

      2.1 Develop an IT employee value proposition.

      2.2 Adopt your employee value proposition.

      2.3 Write meaningful job postings.

      Outputs

      Employee Value Proposition

      EVP Marketing Plan

      Revised Job Ads

      3 Expand Your Talent Sourcing Strategy

      The Purpose

      Sourcing shouldn’t start with an open position, it should start with identifying an anticipated need and then building and nurturing a talent pipeline.

      IT participation in this is critical to effectively promote the employee experience and foster relationships before candidates even apply.

      Key Benefits Achieved

      Develop a modern job requisition form though role analysis.

      Increase your candidate pool by expanding sourcing programs.

      Activities

      3.1 Build realistic job requisition forms.

      3.2 Identify new alternative sourcing approaches for talent.

      3.3 Build a sourcing strategy.

      Outputs

      Job requisition form for key roles

      Sourcing strategy for key roles

      4 Secure Top Talent

      The Purpose

      Work with your HR department to influence the recruitment process by taking a data-driven approach to understanding the root cause of applicant drop-off and success and take corrective actions.

      Key Benefits Achieved

      Optimize your selection process.

      Implement non-bias interview techniques in your selection process.

      Activities

      4.1 Assess key selection challenges.

      4.2 Implement behavioral interview techniques.

      Outputs

      Root-Cause Analysis of Section Challenges

      Behavioral Interview Guide

      5 Retain Top Women in IT

      The Purpose

      Employee engagement is one of the greatest predictors of intention to stay.

      To retain employees you need to understand not only engagement, but also your employee experience and the moments that matter, and actively work to create positive experience.

      Key Benefits Achieved

      Identify opportunities to drive engagement across your IT organization.

      Implement tactical programs to reduce turnover in IT.

      Activities

      5.1 Measure employee engagement and review results.

      5.2 Identify new alternative sourcing approaches for talent.

      5.3 Train managers to conduct stay interviews and drive employee engagement.

      Outputs

      Identified Employee Engagement Action Plan

      Action Plan to Execute Stay Interviews

      Further reading

      Recruit and Retain More Women in IT

      Gender diversity is directly correlated to IT performance.

      EXECUTIVE BRIEF

      Executive Summary

      Your Challenge

      Technology has never been more important to organizations, and as a result, recruiting and retaining quality IT employees is increasingly difficult.

      • IT unemployment rates continue to hover below 2% in the US.
      • The IT talent market has evolved into one where the employer is the seller and the employee is the buyer.

      Common Obstacles

      • While the number of jobs in IT has increased dramatically, the percentage of women in IT has progressed disproportionately, with only 25% of IT jobs being held by women.*
      • The challenge is not a lack of talented women with the competencies to excel within IT, but rather organizations lack an effective strategy to recruit and retain women in IT.

      Info-Tech’s Approach

      To stay competitive, IT leaders need to radically change the way they recruit and retain talent, and women in IT represent one of the largest untapped markets. CIOs need a targeted strategy to attract and retain the best, and this requires a shift in how leaders currently manage the talent lifecycle. Info-Tech offers a targeted solution to help:

      • Build a Recruitment Playbook: Leverage Info-Tech tools to effectively sell to, search for, and secure top talent.
      • Build a Retention Strategy: Follow Info-Tech’s step-by-step process to identify initiatives and opportunities to retain your top talent.

      Info-Tech Insight

      Retaining and attracting top women is good business, not personal. Companies with greater gender diversity on executive teams were 25% more likely to have above-average profitability.1 In the war on talent, having a strategy around how you will recruit and retain women in IT is Marketing 101. What influences whether women apply for roles and stay at organizations is different than men; traditional models won’t cut it.

      *– McKinsey & Company, 2020; 2 – CIO From IDG, 2021
      The image contains a screenshot of a thought model titled: Recruit and Retain More Women in IT. Its subheading is: Gender Diversity is Directly Correlated to IT Performance. The thought model lists critical methods to recruit and retain, and also a traditional method to compare.

      Diversity & inclusion – it’s good business, not personal

      Why should organizations care about diversity?

      1. The war for talent is real. Every CIO needs a plan of attack. Unemployment rates are dropping and 54% of CIOs report that the skills shortage is holding them up from meeting their strategic objectives.
        2. Source: Harvey Nash and KPMG, 2020
      2. Diversity has clear ROI – both in terms of recruitment and retention. Eighty percent of technology managers experienced increased turnover in 2021. Not only are employee tenures decreasing, the competition for talent is fierce and the average cost of turnover is 150% of an IT worker’s salary.
        3. Source: Robert Half, 2021
      3. Inability to recruit and retain talent will reduce business satisfaction. Organizations who are continuously losing talent will be unable to meet corporate objectives due to lost productivity, keeping them in firefighting mode. An engaged workforce is a requirement for driving innovation and project success.

      ISACA’s 2020 study shows a disconnect between what men and women think is being done to recruit and retain female employees

      Key findings from ISACA’s 2020 Tech Workforce survey

      65% of men think their employers have a program to encourage hiring women. But only 51% of women agree.

      71% of men believe their employers have a program to encourage the promotion or advancement of women. But only 59% of women agree.

      49% of women compared to 44% of men in the survey feel they must work harder than their peers.

      22% of women compared to 14% of men feel they are underpaid.

      66% of women compared to 72% of men feel they are receiving sufficient resources to sustain their career.

      30% of women compared to 23% of men feel they have unequal growth opportunities.

      74% of women compared to 64% of men feel they lack confidence to negotiate their salaries.

      To see ISACA’s full report click here.
      The image contains a screenshot of a multi bar graph to demonstrate the percentage of female employees in the workforce of major tech companies. The major tech companies include: Amazon, Facebook, Apple, Google, and Microsoft.
      Image: Statista, 2021, CC BY-ND 4.0

      The chart to the left, compiled by Statista, (based on self-reported company figures) shows that women held between 23% to 25% of the tech jobs at major tech companies.

      Women are also underrepresented in leadership positions: 34% at Facebook, 31% at Apple, 29% at Amazon, 28% at Google, and 26% at Microsoft.

      (Statista, 2021)

      To help support women in tech, 78% of women say companies should promote more women into leadership positions. Other solutions include:

      • Providing mentorship opportunities (72%)
      • Offering flexible scheduling (64%)
      • Conducting unconscious bias training (57%)
      • Offering equal maternity and paternity leave (55%)
        • (HRD America, 2021)

      Traditional retention initiatives target the majority – the drivers that impact the retention of women in IT are different

      Ranked correlation of impact of engagement drivers on retention

      The image contains a screenshot that demonstrates the differences in retaining men and women in IT.

      * Recent data stays consistent, but, the importance of compensation and recognition in retaining women in IT is increasing.

      Info-Tech Research Group Employee Engagement Diagnostic; N=1,856 IT employees

      The majority of organizations take a one-size-fits-all approach to retaining and engaging employees.

      However, studies show that women are leaving IT in significantly higher proportions than men and that the drivers impacting men’s and women’s retention are different. Knowing how men and women react differently to engagement drivers will help you create a targeted retention strategy.

      In particular, to increase the retention and engagement of women, organizations should develop targeted initiatives that focus on:

      • Organizational culture
      • Employee empowerment
      • Manager relationships

      Why organizations need to focus on the recruitment and retention of women in IT

      1. Women expand the talent pool. Women represent a vast, untapped talent pool that can bolster the technical workforce. Unfortunately, traditional IT recruitment processes are targeted toward a limited IT profile – the key to closing the IT skills gap is to look for agile learners and expand your search criteria to cast a larger net.
      2. Diversity increases innovation opportunities. Groups with greater diversity solve complex problems better and faster than homogenous groups, and the presence of women is more likely to increase the problem-solving and creative abilities of the group.
      3. Women increase your ROI. Research shows that companies with the highest representation of women in their management teams have a 34% higher return on investment than those with few or no women. Further, organizations who are unable to retain top women in their organization are at risk for not being able to deliver to SLAs or project expectations and lose the institutional knowledge needed for continuous improvement.
        4. Source: Bureau of Labour Statistics; Info-Tech Research Group/McLean & Company Analysis

      Improving the representation of women in your organization requires rethinking recruitment and retention strategies

      SIGNS YOU MAY NEED A TARGETED RECRUITMENT STRATEGY…

      SIGNS YOU MAY NEED A TARGETED RETENTION STRATEGY…
      • “It takes longer than 8 weeks to fill a posted IT position.”
      • “Less than 35% of applicants to posted positions are women.”
      • “In the last year the number of applicants to posted positions has decreased.”
      • “The number of female employees who have referred employees in the last year is significantly lower than men in the department.”
      • “Less than 35% of your IT workforce is made up of women.”
      • “Proportionally women decline IT roles in higher rates than men in IT.”
      • “Voluntary turnover of high performers and high potentials is above 5%.”
      • “Turnover of women in IT is disproportionate to the percentage of IT staff.”
      • “Employee rankings of the IT department on social networking sites (e.g. Glassdoor) are low.”
      • “Employees are frequently absent from their jobs.”
      • “Less than 25% of management roles in IT are filled by women.”
      • “Employee engagement scores are lower among women than men.”

      Info-Tech’s approach to improving gender diversity at your organization

      Info-Tech takes a practical, tactical approach to improving gender diversity at organizations, which starts with straightforward tactics that will help you improve the recruitment and retention of women in your organization.

      How we can help

      1. Leverage Info-Tech’s tools to define your current challenges and opportunities for gender diversity to improve your recruitment and retention issues.
      2. Employ straightforward and tested tactics to increase talent acquisition of women in IT by optimizing how you sell to, search for, and secure top female talent.
      3. Take a data-driven approach to measure and increase the retention and engagement of women within your IT organization, and know how and when to involve your staff for optimal results.

      Leverage Info-Tech’s customizable deliverables to improve the recruitment and retention of women in your organization

      RECRUIT Top Women in IT

      If you don’t have a targeted recruitment strategy for women, you are missing out on 50% of the candidate pool. Increase the number of viable candidates by leveraging best practices to sell to, search for, and secure top women in IT.

      Key metrics to track:

      • Average number of female candidates per posting
      • Average time to fill position
      • Percentage of new hires still at the organization one year later

      RETAIN Top Women in IT

      The drivers that impact the retention of men and women are different. Take a data-driven approach to improving retention of women in your organization by using best practices to measure and improve employee engagement.

      Key metrics to track:

      • Voluntary turnover rates of men and women
      • Average tenure of men and women
      • Percentage of internal promotions going to men and women
      • Employee engagement scores

      Info-Tech’s methodology for Recruit and Retain More Women in IT

      1. Enhance Your Recruitment Strategies

      2. Enhance Your Retention Strategies

      Phase Steps
      1. Sell:
      • Develop an attractive employee value proposition.
      • Understand the impact of language on applicants.
    • Search:
      • Define meaningful job requirements
      • Evaluate various sourcing pools.
    • Secure:
      • Improve the interview experience.
      • Leverage behavioral interview questions to limit bias.
      1. Drive engagement in key areas correlated with driving higher retention of women in IT.
      2. Train managers to understand key moments that matter in the employee experience.
      3. Understand what motivates key performers to stay at your organization.

      Phase Outcomes

      Recruitment Optimization Plan

      Retention Optimization Plan

      Info-Tech offers various levels of support to best suit your needs

      DIY Toolkit

      "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

      Guided Implementation

      "Our teams knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

      Workshop

      "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

      Consulting

      "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

      Diagnostics and consistent frameworks are used throughout all four options.

      Guided Implementation

      What does a typical GI on this topic look like?

      A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization. A typical GI is 6 calls over the course of 1 to 2 months.

      1. Tactics to Recruit More Women in IT

      Call #1: Develop a strategy to better sell your organization to diverse candidates.

      Call #2: Evaluate your candidate search practices to reach a wider audience.

      Call #3: Introduce best practices in your interviews to improve the candidate experience and limit bias.

      2. Tactics to Retain More Women in IT

      Call #4: Launch focus groups to improve performance of key retention drivers.

      Call #5: Measure the employee experience and identify key moments that matter to staff.

      Call #6: Conduct stay interviews and establish actions to improve retention.

      Workshop Overview

      Contact your account representative for more information.

      workshops@infotech.com 1-888-670-8889

      Day 1

      Day 2

      Day 3

      Day 4

      Day 5

      Make the Case

      Develop Strategies to Sell to a Wider Candidate Pool

      Expand Your Talent Sourcing Strategy

      Secure & Retain Top Talent

      Next Steps and Wrap-Up (offsite)

      Activities

      1.1 Understand trends in IT staffing.

      1.2 Assess your talent lifecycle.

      1.3 Make the case for changes to recruitment and retention strategies.

      2.1 Develop an IT employee value proposition (EVP).

      2.2 Adopt your employee value proposition.

      2.3 Write meaningful job postings.

      3.1 Build realistic job requisition forms.

      3.2 Identify new alternative sourcing approaches for talent.

      3.3 Build a sourcing strategy.

      4.1 Assess key selection challenges.

      4.2 Implement behavioral interview techniques.

      4.3 Measure employee engagement and review results.

      4.4 Develop programs to improve employee engagement.

      4.5 Train managers to conduct stay interviews and drive employee engagement.

      5.1 Complete in-progress deliverables from previous four days.

      5.2 Set up review time for workshop deliverables and to discuss next steps.

      Deliverables
      1. Recruitment & retention metrics report
      2. Business case for recruitment and retention changes
      1. Employee Value Proposition
      2. EVP marketing plan
      3. Revised job ads
      1. Job requisition form for key roles
      2. Sourcing strategy for key roles
      1. Root-cause analysis of section challenges
      2. Behavioral interview guide
      3. Identified employee engagement action plan
      4. Action plan to execute stay interviews
      1. Completed recruitment optimization plan
      2. Completed retention optimization plan

      Phase 1

      Enhance Your Recruitment Strategies

      Phase 1

      • 1.1 Sell
      • 1.2 Search
      • 1.3 Secure

      Phase 2

      • 2.1 Engagement
      • 2.2 Employee Experience
      • 2.3 Stay Interviews

      Consider key factors within the recruitment process

      Key Talent Pipeline Opportunities:

      • In today’s talent landscape IT leaders need to be highly strategic about how they recruit new talent to the organization.
      • IT professionals have a huge number of options to choose from when considering their next career.
      • IT leaders need to actively market and expand their search to attract top talent. The “where” and “how” to recruit men and women in IT are different and your strategy should reflect this.
      • Partnering with your HR department to help you improve the number of applicants, expand your search criteria, and optimize the interview experience will all directly impact your talent pipeline.
      1. Sell

        2. How do you position the value of working for your organization and roles in a meaningful way?

      2. Search

        3. How can you expand your key search criteria and sourcing strategies to reach more candidates?

      3. Secure

        4. How can you reduce bias in your interview process and create positive candidate experiences?

      Info-Tech’s Sell-Search-Secure recruitment model

      Follow these steps to increase your pool of female candidates.

      1. Sell Tactics:

        2. 1. Develop an employee value proposition that will attract female candidates.

        2. Understand how your job postings may be deterring female candidates.

      2. Search Tactics:

        3. 3. Identify opportunities to expand your role analysis for job requisitions.

        4. Increase your candidate pool by expanding sourcing programs.

      3. Secure Tactics:

        4. 5. Identify tactics to improve women’s interview experience.

        6. Leverage behavioral interview questions to limit bias in interviews.

      Please note, this section is not a replacement or a full talent strategy. Rather, this blueprint will highlight key tactics within talent acquisition practices that the IT leadership team can help to influence to drive greater diversity in recruitment.

      Understand where leaks exist in your talent pipeline

      Start your recruitment enhancement here.

      Work with your HR department to track critical metrics around where you need to make improvements and where you can partner with your recruitment team to improve your recruitment process and build a more diverse pipeline. Identify where you have significant drops or variation in diversity or overall need and select where you’d like to focus your recruitment improvement efforts.

      Selection Process Step

      Sample Metrics to Track
      Sell

      Average time to fill a vacant position

      Average number of applicants for posted positions

      Total # of Candidates; # of Male Candidates (% of total);

      # of Female Candidates (% of total); % Difference Male & Female

      Number of page visits vs. applications for posted positions

      Total # of Candidates

      # of Male Candidates

      % of total

      # of Female Candidates

      % of total

      % Difference Male & Female
      Search

      Number of applicants coming from your different sourcing channels (one line per sourcing channel: LinkedIn Group A, website, job boards, specific events, etc.)

      Number of applicants coming from referrals

      Secure

      Number of applicants meeting qualifications

      Number of applicants selected for second interview

      Number of applicants rejecting an offer

      Number of applicants accepting an offer

      Number of employees retained for one year

      Enhance your recruitment strategies

      The way you position the organization impacts who is likely to apply to posted positions. Ensure you are putting a competitive foot forward by developing a unique, meaningful, and aspirational employee value proposition and clear job descriptions.

      Sell the organization

      What is an employee value proposition?

      An employee value proposition (EVP) is a unique and clearly defined set of attributes and benefits that capture an employee’s overall work experience within an organization. An EVP is your opportunity to showcase the unique benefits and opportunities of working at your organization, allowing you to attract a wider pool of candidates.

      How is an employee value proposition used?

      Your EVP should be used internally and externally to promote the unique benefits of working within the department. As a recruiting tool, you can use it to attract candidates, highlighting the benefits of working for your organization. The EVP is often highlighted where you are most likely to reach your target audience, whether that is through social media, in-person events, or in other advertising activities.

      Why tailor this to multiple audiences?

      While your employee value proposition should remain constant in terms of the unique benefits of working for your organization, you want to ensure that the EVP appeals to multiple audiences and that it is backed up by relevant stories that support how your organization lives your EVP every day. Candidates need to be able to relate to the EVP and see it as desirable, so ensuring that it is relatable to a diverse audience is key.

      Develop a strong employee value proposition

      Three key steps

      The image contains a cycle to demonstrate the three key steps. The steps are: Build and Assess the EVP, Test the EVP, and Adopt the EVP.

      1. Build and Assess the EVP

      Assess your existing employee value proposition and/or build a forward-looking, meaningful, authentic, aspirational EVP.

      2. Test the EVP

      Gather feedback from staff to ensure the EVP is meaningful internally and externally.

      3. Adopt the EVP

      Identify how and where you will leverage the EVP internally and externally, and integrate the EVP into your candidate experience, job ads, and employee engagement initiatives.

      As you build your EVP, keep in mind that while it’s important to brand your IT organization as an inclusive workplace to help you attract diverse candidates, be honest about your current level of diversity and your intentions to improve. Otherwise, new recruits will be disappointed and leave.

      What is an employee value proposition?

      And what are the key components?

      The employee value proposition is your opportunity to showcase the unique benefits and opportunities of working at your organization, allowing you to attract a wider pool of candidates.

      AN EMPLOYEE VALUE PROPOSITION IS:

      AN EMPLOYEE VALUE PROPOSITION IS NOT:
      • An authentic representation of the employee experience
      • Aligned with organizational culture
      • Fundamental to all stages of the employee lifecycle
      • A guide to help investment in programs and policies
      • Short and succinct
      • What the employee can do for you
      • A list of programs and policies
      • An annual project

      THE FOUR KEY COMPONENTS OF AN EMPLOYEE VALUE PROPOSITION

      Rewards

      Organizational Elements

      Working Conditions

      Day-to-Day Job Elements
      • Compensation
      • Health Benefits
      • Retirement Benefits
      • Vacation
      • Culture
      • Customer Focus
      • Organization Potential
      • Department Relationships
      • Senior Management Relationships
      • Work/Life Balance
      • Working Environment
      • Employee Empowerment
      • Development
      • Rewards & Recognition
      • Co-Worker Relationships
      • Manager Relationships

      Creating a compelling EVP that presents a picture of your employee experience, with a focus on diversity, will attract females to your team. This can lead to many internal and external benefits for your organization.

      Collect relevant information

      Existing Employee Value Proposition: If your organization or IT department has an existing employee value proposition, rather than starting from scratch, we recommend leveraging that and moving to the testing phase to see if the EVP still resonates with staff and external parties.

      Employee Engagement Results: If your organization does an employee engagement survey, review the results to identify the areas in which the IT organization is performing well. Identify and document any key comment themes in the report around why employees enjoy working for the organization or what makes your IT department a great place to work.

      Social Media Sites. Prepare for the good, the bad, and the ugly. Social media websites like Glassdoor and Indeed make it easier for employees to share their experiences at an organization honestly and candidly. While postings on these sites won’t relate exclusively to the IT department, they do invite participants to identify their department in the organization. You can search these to identify any positive things people are saying about working for the organization and potentially opportunities for improvement (which you can use as a starting point in the retention section of this report).

      Step 1.1

      Sell – Assess the current state and develop your employee value proposition

      Activities

      1.1.1 Gather feedback on unique benefits

      1.1.2 Build key messages

      1.1.3 Test your EVP

      1.1.4 Adopt your EVP

      1.1.5 Review job postings for gender bias

      1.1.1 Gather feedback

      1. Hold a series of focus groups with employees to understand what about the organization attracted them to join and to stay at the organization.
      2. Start by identifying if you will interview all employees or a subset. If you are going to use a subset, ensure you have at least one male and one female participating from each team and representation of all levels within the department.
      3. Print the EVP Interview Guide to focus your conversation, and ask each individual to take 15 minutes and respond to questions 1-3 in the Guide:
      4. Draw a quadrant on the board and mark each quadrant with four categories: Day-to-Day Elements, Organizational Elements, Compensation & Benefits, and Working Conditions. Provide each participant with sticky notes and ask them to brainstorm the top five things they value most about working at the organization. Ask them to place each sticky in the appropriate category and identify any key themes.
      5. Ask participants to hand in their EVP Interview Guides and document all of the key findings.

      Input

      Output
      • Employee opinions
      • Employee responses to four EVP components
      • Content for EVP

      Materials

      Participants
      • EVP Interview Guide handout
      • Pen and paper for documenting responses
      • Male and female employees
      • Different departments
      • Different role levels

      Download the EVP Interview Guide

      1.1.2 Build key messages

      1. Collect all of the information from the various focus groups and begin to build out the employee value proposition statements.
      2. Identify the key elements that staff felt were unique and highly valued by employees and group these into common themes.
      3. Identify categories that related to one of the five key drivers* of women’s retention in IT and highlight any key elements related to these:
      • Culture: The degree to which an employee identifies with the beliefs, values, and attitudes of the organization.
      • Company Potential: An employee’s understanding, commitment, and excitement about the organization’s mission and future.
      • Employee Empowerment: The degree to which employees have accountability and control over their work within a supported environment.
      • Learning and Development: A cooperative and continuous effort to enhance an employee’s skill set and expertise and meet an employee’s career objectives.
      • Manager Relationships: The professional and personal relationship an employee has with their manager, including trust, support, and development.
    • Identify up to four key statements to focus on for the EVP, ensuring that your EVP speaks to at least one of the five categories above.
    • Integrate these into one overall statement.

      • *See Engagement Driver Handout slides for more details on these five drivers.

      Input

      Output

      • Feedback from focus groups
      • EVP and supporting statements

      Materials

      Participants

      • EVP Interview Guide handout
      • Pen and paper for documenting responses
      • IT leadership team

      Quality test your revised EVP

      Use Info-Tech’s EVP Scorecard.

      Internally and Externally

      Use the EVP Scorecard and EVP Scorecard Handout throughout this step to assess your EVP against:

      Internal Criteria:

      • Accuracy
      • Alignment
      • Aspirational
      • Differentiation

      External Criteria:

      • Clear
      • Compelling
      • Concise
      • Differentiation
      The image contains screenshots of Info-Tech's EVP Scorecard.

      Ensure your EVP resonates with employees and prospects

      Test your EVP with internal and external audiences.

      INTERNAL TEST REVOLVES AROUND THE 3A’s

      EXTERNAL TEST REVOLVES AROUND THE 3C’s

      ALIGNED: The EVP is in line with the organization’s purpose, vision, values, and processes. Ensure policies and programs are aligned with the organization’s EVP.

      CLEAR: The EVP is straightforward, simple, and easy to understand. Without a clear message in the market, even the best intentioned EVPs can be lost in confusion.

      ACCURATE: The EVP is clear and compelling, supported by proof points. It captures the true employee experience, which matches the organization’s communication and message in the market.

      COMPELLING: The EVP emphasizes the value created for employees and is a strong motivator to join this organization. A strong EVP will be effective in drawing in external candidates. The message will resonate with them and attract them to your organization.

      ASPIRATIONAL: The EVP inspires both individuals and the IT organization as a whole. Identify and invest in the areas that are sure to generate the highest returns for employees.

      COMPREHENSIVE: The EVP provides enough information for the potential employee to understand the true employee experience and to self-assess whether they are a good fit for your organization. If the EVP lacks depth, the potential employee may have a hard time understanding the benefits and rewards of working for your organization.

      1.1.3 Test your EVP

      1. Identify the internal and external individuals who you want to gather feedback from about the EVP.
      2. For internal candidates, send a copy of the EVP and ask them to complete the Internal Assessment (ensure that you have at least 50% representation of women).
      3. For external candidates, identify first how you will reach out to them; popular options are to have team members in key roles reach out to members of their LinkedIn network who are in similar roles to themselves. Request that they look for a diverse group to gather feedback from.
      4. Have the external candidates complete the External Assessment.
      5. Collect the feedback around the EVP and enter the findings into the EVP Scorecard Tool.
      6. If you are dissatisfied with the scorecard results, go back to the employees you interviewed to ask for additional feedback, focusing on the areas that scored low.
      7. Incorporate the feedback and present the revised EVP to see if the changes resonate with stakeholders.
      8. If you are satisfied with the results, present to the leadership and HR teams for agreement and proceed to adopting the EVP in your organization.

      Input

      Output

      • Internal assessment
      • External assessment
      • Finalized EVP

      Materials

      Participants

      • EVP Internal Assessmentt
      • EVP External Assessment
      • Internal staff members
      • External IT professionals

      1.1.4 Adopt your EVP

      Identify your target audience and marketing channels.

      1. Identify the internal and external individuals who you want to gather feedback from about the EVP.
      • The target audience for your employee value proposition
      • Internal and/or external
      • Local, national, international
      • Experience
      • Applicant pool (e.g. new graduates, professionals, internship)
    • For each target audience, identify where you want to reach them with your employee value proposition.
      • Internal: Town hall meetings, fireside chats
      • External: Social media, advertising, job postings
      • Global: Professional affiliations, head hunters
    • For each target audience, build the communication strategy and identify messaging, mediums, timeline, and task ownership.

      • Input

      Output

      • Employee value proposition
      • EVP plan

      Materials

      Participants

      • Pen and paper
      • EVP participants

      Case Study

      INDUSTRY: Restaurant

      SOURCE: McDonald’s Careers, Canadian Business via McLean & Company

      McDonald’s saw a divide between employee experience and its vision. McDonald’s set out to reinvent its employer image and create the reputation it wanted.

      Challenge

      • Historically, McDonald’s has had a challenging employer brand. Founded on the goal of cost effectiveness, a “McJob” was often associated with lower pay and a poor reputation.
      • McDonald’s reached out to employees using a global survey and asked, “What is it you love most about working at McDonald’s?”

      Solution

      • McDonald’s revaluated its employer brand by creating an EVP focused on the three F’s.
      1. Future – career growth and development opportunities
      2. Flexibility – flexible working hours and job variety
      3. Family & Friends – a people-centric work culture

      Results

      • As a result of developing and promoting its EVP internally, McDonald’s has experienced higher engagement and a steady decrease in turnover.
      • Externally, McDonald’s has been recognized numerous times by the Great Place to Work Institute and has been classified by Maclean’s magazine as one of Canada’s top 50 employers for 13 years running.

      Make your job descriptions more attractive to female applicants

      10 WAYS TO REMOVE GENDER BIAS FROM JOB DESCRIPTIONS – GLASSDOOR – AN EXCERPT

      1. USE GENDER-NEUTRAL TITLES: Male-oriented titles can inadvertently prevent women from clicking on your job in a list of search results. Avoid including words in your titles like “hacker,” “rockstar,” “superhero,” “guru,” and “ninja,” and use neutral, descriptive titles like “engineer,” “project manager,” or “developer.
      2. CHECK PRONOUNS: When describing the tasks of the ideal candidate, use “they” or “you.” Example: “As Product Manager for XYZ, you will be responsible for setting the product vision and strategy.
      3. AVOID (OR BALANCE) YOUR USE OF GENDER-CHARGED WORDS: Analysis from language tool Textio found that the gender language bias in your job posting predicts the gender of the person you’re going to hire. Use a tool like Textio tool or the free Gender Decoder to identify problem spots in your word choices. Examples: “Analyze” and “determine” are typically associated with male traits, while “collaborate” and “support” are considered female. Avoid aggressive language like “crush it.
      4. AVOID SUPERLATIVES: Excessive use of superlatives such as “expert,” “superior,” and “world class” can turn off female candidates who are more collaborative than competitive in nature. Research also shows that women are less likely than men to brag about their accomplishments. In addition, superlatives related to a candidate’s background can limit the pool of female applicants because there may be very few females currently in leading positions at “world-class” firms
      5. LIMIT THE NUMBER OF REQUIREMENTS: Identify which requirements are “nice to have” versus “must have,” and eliminate the “nice to haves.” Research shows that women are unlikely to apply for a position unless they meet 100 percent of the requirements, while men will apply if they meet 60 percent of the requirements.

      For the full article please click here.

      1.1.5 Review job postings

      To understand potential gender bias

      1. Select a job posting that you are looking to fill, review the descriptions, and identify if any of the following apply:
      • Are the titles gender neutral? This doesn’t mean you can’t be creative in your naming, but consider if the name really represents the role you are looking to fill.
      • Do you use pronouns? If there are instances where the posting says “he” OR “she” change this to “they” or “you.”
      • Are you overusing superlatives? Review the posting and ensure that when words like “expert” or “world class” are used that you genuinely need someone who is at that level.
      • Are all of the tasks/responsibilities listed the ones that are absolutely essential to the job? Women are less likely to apply if they don’t have direct experience with 100% of the criteria – if it’s a non-essential, consider whether it’s needed in the posting.
      • Is there any organization-specific jargon used? Where possible, avoid using organization-specific jargon in order to create an inclusive posting. Avoid using terms/acronyms that are only known to your organization.
    • Select four to six members of your staff, both male and female, and have them highlight within the job posting what elements appeal to them and what elements do not appeal to them or would concern them about the job.
    • Review the feedback from staff, and identify potential opportunities to reduce bias within the posting.

      • Input

      Output

      • Job posting
      • Updated job posting

      Materials

      Participants

      • Pen and paper
      • IT staff members

      Case Study

      INDUSTRY: Social Media

      SOURCE: Buffer Open blog

      When the social media platform Buffer replaced one word in a job posting, it noticed an increase in female candidates.

      Challenge

      For the social media platform Buffer, all employees were called “hackers.” It had front-end hackers, back-end hackers, Android hackers, iOS hackers, and traction hackers.

      As the company began to grow and ramp up hiring, the Chief Technology Officer, Sunil Sadasivan, noticed that Buffer was seeing a very low percentage of female candidates for these “hacker” jobs.

      In researching the challenge in lack of female candidates, the Buffer team discovered that the word “hacker” may be just the reason why.

      Solution

      Understanding that wording has a strong impact on the type of candidates applying to work for Buffer started a great and important conversation on the Buffer team.

      Buffer wanted to be as inviting as possible in job listings, especially because it hires for culture fit over technical skill.

      Buffer went through a number of wording choices that could replace “hacker,” and ended on the term “developer.” All external roles were updated to reflect this wording change.

      Results

      By making this slight change to the wording used in their jobs, Buffer went from seeing a less than 2% female representation of applicants for developer jobs to around 12% female representation for the same job.

      Step 1.2

      Search – Reach more candidates by expanding key search criteria and sourcing strategies

      Activities

      1.2.1 Complete role analysis

      1.2.2 Expand your sourcing pools

      Enhance your recruitment strategies

      Sourcing shouldn’t start with an open position; it should start with identifying an anticipated need and building and nurturing a talent pipeline. IT participation in this is critical to effectively promote the employee experience and foster relationships before candidates even apply.

      Expand your search

      What is a candidate sourcing program?

      A candidate sourcing program is one element of the overall HR sourcing approach, which consists of the overall process (steps to source talent), the people responsible for sourcing, and the programs (internal talent mobility, social media, employee referral, alumni network, campus recruitment, etc.).

      What is a sourcing role analysis?

      Part of the sourcing plan will outline how to identify talent for a role, which includes both the role analysis and the market assessment. The market assessment is normally completed by the HR department and consists of analyzing the market conditions as they relate to specific talent needs. The role analysis looks at what is necessary to be successful in a role, including competencies, education, background experience, etc.

      How will this enable you to attract female candidates?

      Expanding your sourcing programs and supporting deeper role analysis will allow your HR department to reach a larger candidate pool and better understand the type of talent that will be successful in roles within your organization. By expanding from traditional pools and criteria you will open the organization up to a wider variety of talent options.

      Minimize bias in sourcing to hire the right talent and protect against risk

      Failure to take an inclusive approach to sourcing will limit your talent pool by sidelining entire groups or discouraging applicants from diverse backgrounds. Address bias in sourcing so that diverse candidates are not excluded from the start. Solutions such as removing biographical data from CVs prior to interviews may reduce bias, but they may come too late to impact diversity.

      Potential areas of bias in sourcing:

      Modifications to reduce bias:

      Intake Session

      • Describing a specific employee when identifying what it takes to be successful in the role. This may include attributes that do not actually promote success (e.g. school or program) but will decrease diversity of thought.
      • Hiring managers display a “like me” bias where they describe a successful candidate as similar to themselves.
      • Focus on competencies for the role rather than attributes of current employees or skills. Technology is changing rapidly – look for people who have demonstrated a capability over a specific skill.

      Sourcing Pools

      • Blindly hunting or sourcing individuals from a few sources, assuming that these sources are always better than others (e.g. Ivy League schools always produce the best candidates).
      • Expand sources. Don’t exclude diverse sources because they’re not popular.
      • Objectively measure source effectiveness to address underlying assumptions.

      1.2.1 Role analysis

      Customize a sourcing plan for key roles to guide talent pipeline creation.

      1. Complete a role analysis to understand key role requirements. If you are hiring for an existing role, start by taking an inventory of who your top and low performers are within the role today.
      2. Consider your top performers and identify what a successful employee can do better than a less successful one. Start by considering their alignment with job requirements, and identify the education, designations/certifications, and experiences that are necessary for this job. Do not limit yourself; carefully consider if the requirements you are including are actually necessary or just nice to have.

        3. Required Entry Criteria

        Preferred Entry Criteria

        Education
        • University Degree – Bachelors
        • University Degree – Masters

        Experience
        • 5+) years design, or related, experience
        • Experience leading a team
        • External consulting experience
        • Healthcare industry experience

        Designations/Certifications
        • ITIL Foundations
      3. Review Info-Tech’s Job Competency Library in the Workforce Planning Workbook, identify the key competencies that are ideal for this anticipated role, and write a description of how this would manifest in your organization.

        4. Competency

        Level of Proficiency

        Behavioral Descriptions

        Business Analysis

        Level 2: Capable
        • Demonstrates a basic understanding of business roles, processes, planning, and requirements in the organization.
        • Demonstrates a basic understanding of how technologies assist in business processes.
        • Develop basic business cases using internal environment analysis for the business unit level.
      4. Hold a meeting with your HR team or recruiter to highlight the types of experience and competencies you are looking for in a hire to expand the search criteria.

      Target diverse talent pools through different sources

      When looking to diversify your workforce, it’s critical that you look to attract and recruit talent from a variety of different talent pools.

      SOURCING APPROACH

      INTERNAL MOBILITY PROGRAM

      Positioning the right talent in the right place, at the right time, for the right reasons, and supporting them appropriately. Often tied to succession or workforce planning, mentorship, and learning and development.

      SOCIAL MEDIA PROGRAM

      The widely accessible electronic tools that enable anyone to publish and access information, collaborate on common efforts, and build relationships. Think beyond the traditional and consider niche social media platforms.

      EMPLOYEE REFERRAL PROGRAM

      Employees recommend qualified candidates. If the referral is hired, the referring employee typically receives some sort of reward.

      ALUMNI PROGRAM

      An alumni referral program is a formalized way to maintain ongoing relationships with former employees of the organization.

      CAMPUS RECRUITING PROGRAM

      A formalized means of attracting and hiring individuals who are about to graduate from schools, colleges, or universities.

      EVENTS & ASSOCIATION PROGRAM

      A targeted approach for participation in non-profit associations and industry events to build brand awareness of your organization and create a forward-looking talent pipeline.

      1.2.2 Expand your sourcing pools

      Increase the number of female applicants.

      1. Identify where your employees are currently being sourced from and identify how many female candidates you have gotten from each channel as a percentage of applicants.

        2. # of Candidates From Approach

        % of Female Candidates From Approach

        Target # of Female Candidates

        Internal Talent Mobility

        Social Media Program

        Employee Referral Program

        Alumni Program

        Campus Recruiting Program

        Events & Non-Profit Affiliations

        Other (job databases, corporate website, etc.)
      2. Work with your HR partner or organization’s recruiter to identify three recruitment channels from the list that you will work on expanding.
      3. Review the following two slides and identify key success factors for the implementation. Identify what role IT will play and what role HR will play in implementing the approach.
      4. Following implementation, monitor the impact of the tactics on the number of women candidates and determine whether to add additional tactics.

      Different talent sources

      Benefits and success factors of using different talent sources

      Benefits

      Keys to Success

      Internal Mobility Program

      • Drives retention by providing opportunities to develop professionally
      • Provides a ready pipeline for rapid changes
      • Reduces time and cost of recruitment
      • Identify career pathing opportunities
      • Identify potential successors for succession planning
      • Build learning and development and mentorship

      Social Media Program

      • Access to candidates
      • Taps extended networks
      • Facilitates consistent communication with candidates and talent in pipelines
      • Personalizes the candidate experience
      • Identify platforms – common and niche
      • Talk to your top performers and IT network and identify which sites they use
      • Identify how people use that platform – nature of posts and engagement
      • Define what content to share and who from IT should be engaging
      • Be timely with participation and responses

      Employee Referral Program

      • Higher applicant-to-hire rate
      • Decreased time to fill positions
      • Decreased turner
      • Increased quality of hire
      • Expands your network – women in IT often know other qualified women in IT and in project delivery
      • Educate employees (particularly female employees) to participate
      • Send reminders, incorporate into onboarding, and ask leaders to share job openings
      • Make it easy to share jobs by providing templates and shortened URLs
      • Where possible, simplify the process by avoiding paper forms, reaching out quickly
      • Select metrics that will identify areas of strength and gaps in the referral program

      Alumni Program

      • A formalized way to maintain ongoing relationship with former employees
      • Positive branding as alumni are regarded as a credible source of information
      • Source of talent – boomerang employees are doubly as valuable as they understand the organization
      • Increased referral potential provides access to a larger network and alumni know what is required to be successful in the organization
      • Identify the purpose of the network and set clear goals
      • Identify what the network will do: Will the network be virtual or in person? Who will chair? Who should participate? etc.
      • Create a simple process for alumni to share information about vacancies and refer people
      • Measure progress

      Campus Recruiting Program

      • Increases employer brand awareness among talent entering the workforce
      • Provides the opportunity to interact with large groups of potential candidates at one time
      • Offers access to a highly diverse audience
      • Identify key competencies and select programs based on relevant curriculum for building those competencies
      • Select targeted schools keeping in mind programs and existing relationships
      • Work with HR to get involved

      Events & Non-Profit Affiliations

      • Create a strong talent pipeline for future positions
      • Build relationships based on shared values in a comfortable environment for participants
      • Ability to expand diversity by targeting different types of events or by leveraging women-focused, specifically women in technology, groups
      • Look for events that attract similar participants to the skills or roles you are looking to attract, e.g. Women Who Code if you’re looking for developers
      • Actively engage and participate in the event
      • Couple this with learning and development activities, and invite female top performers to participate

      Enhance your recruitment strategies

      Work with your HR department to influence the recruitment process by taking a data-driven approach to understand the root cause of applicant drop-off and success and take corrective actions.

      Secure top candidates

      Why does the candidate experience matter?

      Until recently it was an employer’s market, so recruiters and hiring managers were able to get good talent without courting top candidates. Today, that’s not the case. You need to treat your IT candidates like customers and be mindful that this is often one of the first experiences future staff will have with the organization. It will give them their first real sense of the culture of the organization and whether they want to work for the organization.

      What can IT leaders do if they have limited influence over the interview process?

      Work with your HR department to evaluate the existing recruitment process, share challenges you’ve experienced, and offer additional support in the process. Identify where you can influence the process and if there are opportunities to build service-level agreements around the candidate experience.

      Take a data-driven approach

      Understand opportunities to enhance the talent selection process.

      While your HR department likely owns the candidate experience and processes, if you have identified challenges in diversity we recommend partnering with your HR department or recruitment team to identify opportunities for improvement within the process. If you are attracting a good amount of candidates through your sell and search tactics but aren’t finding that this is translating into more women selected, it’s time to take a look at your selection processes.

      SIMPLIFIED CANDIDATE SELECTION PROCESS STEPS

      1. Application Received
      2. Candidate Selected for Interview
      3. Offer Extended
      4. Offer Accepted
      5. Onboarding of Staff

      To understand the challenges within your selection process, start by baselining your drop-off rates throughout selection and comparing the differences in male and female candidates. Use this to pin point the issues within the process and complete a root-cause analysis to identify where to improve.

      Step 1.3

      Secure – reduce bias in your interview process and create positive candidate experiences

      Activities

      1.3.1 Identify selection challenges

      1.3.1 Identify your selection challenges

      Review your candidate data.

      1. Hold a meeting with your HR partner to identify trends in your selection data. If you have an applicant tracking system, pull all relevant information for analysis.
      2. Start by identifying the total number of candidates that move forward in each stage of the process. Record the overall number of applicants for positions (should have this number from your sourcing analysis), overall number of candidates selected for interviews, overall number of offers extended, overall number of offers rejected, and overall number of employees still employed after one year.
      3. Identify the number of female and male candidates in each of those categories and as a percentage of the total number of applicants.

        4. Selection Process Step

        Total # of Candidates

        Male Candidates

        Female Candidates

        % Difference Male & Female

        #

        #

        % of total

        #

        % of total

        Applicants for Posted Position

        150

        115

        76.7%

        35

        23.3%

        70% fewer females

        Selected for Interview

        (Selected for Second Interview)

        (Selected for Final Interview)

        Offer Extended

        Offer Rejected

        Employees Retained for One Year
      4. Identify where there are differences in the percentages of male and female candidates and where there are significant drop-off rates between steps in the process.

      Note: For larger organizations, we highly recommend analyzing differences in specific teams/roles and/or at different seniority levels. If you have that data available, repeat the analysis, controlling for those factors.

      Root-cause analysis can be conducted in a variety of ways

      Align your root-cause analysis technique with the problem that needs to be solved and leverage the skills of the root-cause analysis team.

      Brainstorming/Process of Elimination

      After brainstorming, identify which possible causes are not the issue’s root cause by removing unlikely causes.

      The Five Whys

      Use reverse engineering to delve deeper into a recruitment issue to identify the root cause.

      Ishikawa/Fishbone Diagram

      Use an Ishikawa/fishbone diagram to identify and narrow down possible causes by categories.

      Process of elimination

      Leveraging root-cause analysis techniques.

      Using the process of elimination can be a powerful tool to determine root causes.

      • To use the process of elimination to determine root cause, gather the participants from within your hiring team together once you have identified where your issues are within the recruitment process and brainstorm a list of potential causes.
      • Like all brainstorming exercises, remember that the purpose is to gather the widest possible variety of perspectives, so be sure not to eliminate any suggested causes out of hand.
      • Once you have an exhaustive list of potential causes, you can begin the process of eliminating unlikely causes to arrive at a list of likely potential causes.

      Example

      Problem: Women candidates are rejecting job offers more consistently

      Potential Causes

      • The process took too long to complete
      • Lack of information about the team and culture
      • Candidates aren’t finding benefits/salary compelling
      • Lack of clarity on role expectations
      • Lack of fit between candidate and interviewers
      • Candidates offered other positions
      • Interview tactics were negatively perceived

      As you brainstorm, ensure that you are identifying differentiators between male and female candidate experiences and rationale. If you ask candidates their rationale for turning down roles, ensure that these are included in the discussion.

      The five whys

      Leveraging root-cause analysis techniques

      Repeatedly asking “why” might seem overly simplistic, but it has the potential to be useful.

      • It can be useful, when confronting a problem, to start with the end result and work backwards.
      • According to Olivier Serrat, a knowledge management specialist at the Asian Development Bank, there are three key components that define successful use of the five whys: “(i) accurate and complete statements of problems, (ii) complete honesty in answering the questions, and (iii) the determination to get to the bottom of problems and resolve them.”
      • As a group, develop a consensus around the problem statement. Go around the room and have each person suggest a potential reason for its occurrence. Repeat the process for each potential reason (ask “why?”) until there are no more potential causes to explore.
      • Note: The total number of “whys” may be more or less than five.

      Example

      The image contains an example of the five whys activity as described in the text above.

      Ishikawa/fishbone diagram

      Leveraging root-cause analysis techniques.

      Use this technique to sort potential causes by category and match them to the problem.

      • The first step in creating a fishbone diagram is agreeing on a problem statement and populating a box on the right side of a whiteboard or a piece of chart paper.
      • Draw a horizontal line left from the box and draw several ribs on either side that will represent the categories of causes you will explore.
      • Label each rib with relevant categories. In the recruitment context, consider cause categories like technology, interview, process, etc. Go around the room and ask, “What causes this problem to happen?” Every result produced should fit into one of the identified categories. Place it there, and continue to brainstorm sub-causes.

      The image contains a screenshot example of the Ishikawa/fishbone diagram.

      Info-Tech Best Practice

      Avoid naming individuals in the fishbone diagram. The goal of the root-cause exercise is not to lay blame or zero in on a guilty party but rather to identify how you can rectify any challenges.

      Leverage behavioral interviews

      Use Info-Tech’s Behavioral Interview Questions Library.

      Reduce bias in your interviews.

      In the past, companies were pushing the boundaries of the conventional interview, using unconventional questions to find top talent, e.g. “what color is your personality?” The logic was that the best people are the ones who don’t necessarily show perfectly on a resume, and they were intent on finding the best.

      However, many companies have stopped using these questions after extensive statistical analysis revealed there was no correlation between candidates’ ability to answer them and their future performance on the job. Hiring by intuition – or “gut” – is usually dependent on an interpersonal connection being developed over a very short period of time. This means that people who were naturally likeable would be given preferential treatment in hiring decisions whether they were capable of doing the job.

      Asking behavioral interview questions based on the competency needs of the role is the best way to uncover if the candidates will be able to execute on the job.

      For more information see Info-Tech’s Behavioral Interview Question Library.

      The image contains screenshots of Info-Tech's Behavioral Interview Questions Library.

      Improve the level of diversity in your organization by considering inclusive candidate selection practices

      Key action items to create inclusivity in your candidate selection practices:

      1. Managers must be aware of how bias can influence hiring. Encourage your HR department to provide diversity training for recruiters and hiring managers. Ensure those responsible for recruitment are using best practices, are aware of the impact of unconscious bias, and are making decisions in alignment with your DEI strategy.
      2. Use a variety of interviewers to leverage multiple/diverse perspectives. Hiring decisions made by a group can offer a more balanced perspective. Include interviewers from multiple levels in the organization and both men and women.
      3. Hire for distinguished excellence. Be careful not to simply choose the same kind of people over and over, in the name of cultural fit (Source: Recruiter.com, 2015).

        4. Broaden the notion of fit:

      • Hire for skill fit: you might still hire certain types for a specific job (e.g. analytical types for analysis positions), but these candidates can still be diverse.
      • Hire for fit with your organization’s DEI values, regardless of whether the candidate is from a diverse background or not.
      • It can be tempting for hiring managers to hire individuals who are similar to themselves. However, doing so limits the amount of diversity entering your organization, and as a result, limits your organization’s ability to innovate.
    • Deliberately hire for cognitive diversity. Diverse thought processes, perspectives, and problem-solving abilities are positively correlated with firm performance (Source: Journal of Diversity Management, 2014).

      • Leverage a third-party tool

      Ensure recruiting and onboarding programs are effective by surveying your new hires.

      For a deeper analysis of your new hire processes Info-Tech’s sister company, McLean & Company, is an HR research and advisory firm that offers powerful diagnostics to measure HR processes effectiveness. If you are finding diversity issues to be systemic within the organization, leveraging a diagnostic can greatly improve your processes.

      Use this diagnostic to get vital feedback on:

      • Recruiting efforts. Find out if your job marketing efforts are successful, which paths your candidates took to find you, and whether your company is maintaining an attractive profile.
      • Interviewing process. Ensure candidates experience an organized, professional, and ethical process that accurately sets their expectations for the job.
      • Onboarding process. Make sure your new hires are being trained and integrated into their team effectively.
      • Organizational culture. Is your culture welcoming and inclusive? You need to know if top talent enjoy the environment you have to offer.
      The image contains a screenshot of the New Hire Survey.

      For more information on the New Hire Survey click here. If you are interested in referring your HR partner please contact your account manager.

      Phase 2

      Enhance Your Retention Strategies

      Phase 1

      • 1.1 Sell
      • 1.2 Search
      • 1.3 Secure

      Phase 2

      • 2.1 Engagement
      • 2.2 Employee Experience
      • 2.3 Stay Interviews

      Actively engage female staff to retain them

      Employee engagement: the measurement of effective management practices that create a positive emotional connection between the employee and the organization.

      Engaged employees do what’s best for the organization: they come up with product/service improvements, provide exceptional service to customers, consistently exceed performance expectations, and make efficient use of their time and resources. The result is happy customers, better products/services, and saved costs.

      Today, what we find is that 54% of women in IT are not engaged,* but…

      …engaged employees are: 39% more likely to stay at an organization than employees who are not engaged.*

      Additionally, engaging your female staff also has the additional benefit of increasing willingness to innovate by 30% and performance by 28%. The good news is that increasing employee engagement is not difficult, it just requires dedication and an effective toolkit to monitor, analyze, and implement tactics.*

      * Info-Tech and McLean & Company Diagnostics; N=1,308 IT employees

      Don’t seek to satisfy; drive IT success through engagement

      The image contains a screenshot of a diagram that highlights the differences between satisfied and engaged employees.

      Engagement drivers that impact retention for men and women are different – tailor your strategy to your audience

      Ranked correlation of impact of engagement drivers on retention

      The image contains a screenshot that demonstrates the differences in retaining men and women in IT.

      * Recent data stays consistent, but the importance of compensation and recognition in retaining women in IT is increasing.

      Info-Tech Research Group Employee Engagement Diagnostic; N=1,856 IT employees.

      An analysis of the differences between men and women in IT’s drivers indicates that women in IT are significantly less likely than men in IT to agree with the following statements:

      Culture:

      • They identify well with the organization’s values.
      • The organization has a very friendly atmosphere.

      Employee Empowerment:

      • They are given the chance to fully leverage their talents through their job.

      Manager Relationships:

      • They can trust their manager.
      • Their manager cares about them as a person

      Working Environment:

      • They have not seen incidents of discrimination at their organization based on age, gender, sexual orientation, religion, or ethnicity.

      Enhance your retention strategies

      Employee engagement is one of the greatest predictors of intention to stay. To retain you need to understand not only engagement but also your employee experience – the moments that matter – and actively work to create a positive experience.

      Improve employee engagement

      What differentiates an engaged employee?

      Engaged employees do what’s best for the organization: they come up with product/service improvements, provide exceptional service to customers, consistently exceed performance expectations, and make efficient use of their time and resources. The result is happy customers, better products/services, and saved costs.

      Why measure engagement when looking at retention?

      Engaged employees report 39%1 higher intention to stay at the organization than disengaged employees. The cost of losing an employee is estimated to be 150% to 200% of their annual salary.2 Can you afford to not engage your staff?

      Why should IT leadership be responsible for their staff engagement?

      Engagement happens every day, through every interaction, and needs to be tailored to individual team members to be successful. When engagement is owned by IT leadership, engagement initiatives are incorporated into daily experiences and personalized to their employees based on what is happening in real time. It is this active, dynamic leadership that inspires ongoing employee engagement and differentiates those who talk about engagement from those who succeed in engaging their teams.

      Sources: 1 - McLean & Company Employee Engagement Survey, 2 - Gallup, 2019

      Step 2.1

      Improve employee engagement

      Activities

      2.1.1 Review employee engagement results and trends

      2.1.2 Focus on areas that impact retention of women

      Take a data-driven approach

      Info-Tech’s employee engagement diagnostics are low-effort, high-impact programs that will give you detailed report cards on the organization’s engagement levels. Use these insights to understand your employees’ engagement levels by a variety of core demographics.

      FULL ENGAGEMENT DIAGNOSTIC

      EMPLOYEE EXPERIENCE MONITOR

      The full engagement diagnostic provides a comprehensive view of your organization’s engagement levels, informing you of what motivates employees and providing a detailed view of what engagement drivers to focus on for optimal results.

      Info-Tech & McLean & Company’s Full Engagement Diagnostic Survey has 81 questions in total.

      The survey should be completed annually and typically takes 15-20 minutes to complete.

      The EXM Dashboard is designed to give organizations a real-time view of employee engagement while being minimally intrusive.

      This monthly one-question survey allows organizations to track the impact of events and initiatives on employee engagement as they happen, creating a culture of engagement.

      The survey takes less than 30 seconds to complete and is fully automated.

      For the purpose of improving retention of women in IT, we encourage you to leverage the EXM tool, which will allow you to track how this demographic group’s engagement changes as you implement new initiatives.

      Engagement survey

      For a detailed breakdown of staff overall engagement priorities.

      Overall Engagement Results

      • A clear breakdown of employee engagement results by demographic, gender, and team.
      • Detailed engagement breakdown and benchmarking.
      The image contains a screenshot of the overall engagement results.

      Priority Matrix and Driver Scores

      • A priority matrix specific to your organization.
      • A breakdown of question scores by priority matrix quadrant.
      • Know what not to focus your effort on – not all engagement drivers will have a high impact on engagement.
      The image contains a screenshot of the priority matrix and driver scores.

      EXM dashboard

      Reporting to track engagement in real time.

      EXM Dashboard

      • Leverage Info-Tech’s real-time Employee Experience Monitor dashboard to track your team’s engagement levels over time.
      • Track changes in the number of supporters and detractors and slice the data by roles, teams, and gender.
      The image contains a screenshot of the EXM dashboard.

      Time Series Trends

      • As you implement new initiatives to improve the engagement and retention of staff, track their impact and continuously course correct.
      • Empower your leaders to actively manage their team culture to drive innovation, retention, and productivity.
      The image contains a screenshot of the time series trends.

      Start your diagnostic now

      Leverage your Info-Tech membership to seamlessly launch your employee engagement survey.

      Info-Tech’s dedicated team of program managers will facilitate this diagnostic program remotely, providing you with a convenient, low-effort, high-impact experience.

      We will guide you through the process with your goals in mind to deliver deep insight into your successes and areas to improve.

      What You Need to Do:

      Info-Tech’s Program Manager Will:
      1. Contact Info-Tech to launch the program.
      2. Review the two survey options to select the right survey for your organization.
      3. Work with an Info-Tech analyst to set up your personal diagnostic.
      4. Identify who you would like to take the survey.
      5. Customize Info-Tech’s email templates.
      6. Participate in a one-hour results call with an Info-Tech executive advisor.
      1. Work with you to define your engagement strategy and goals.
      2. Launch, maintain, and support the diagnostic in the field.
      3. Provide you with response rates throughout the process.
      4. Explore your results in a one-hour call with an executive advisor to fully understand key insights from the data.
      5. Provide quarterly updates and training materials for your leadership team.

      Start Now

      2.1.1 Review employee engagement results

      Identify trends

      1. In a call with one of Info-Tech’s executive advisors, review the results of your employee engagement survey.
      2. Identify which departments are most and least engaged and brainstorm some high-level reasons.
      3. Review the demographic information and highlight any inconsistencies or areas with high levels of variance. Document which demographics have the most and least engaged, disengaged, and indifferent employees.
      4. With help from the Info-Tech executive advisor, identify and document any dramatic differences in the demographic data, particularly around gender.
      5. Identify if the majority of issues effecting engagement are at an organization or department level and which stakeholders you need to engage to support the process moving forward.
      6. Identify next steps.
      Input
      • Employee engagement results
      Participants
      • CIO
      • Info-Tech Advisor

      2.1.2 Focus on areas that impact retention of women

      Hold focus groups with IT staff and focus on the five areas with the greatest impact on women’s retention.

      1. Review the handout slides on the following pages to get a better understanding of the definition of each of the top five drivers impacting women’s retention. Depending on your team’s size, pick one to three drivers to focus on for your first focus group.
      2. Divide the participants into teams and on flip chart paper or using sticky notes have the teams brainstorm what you can stop/start/continue doing to help you improve on your assigned driver.
      • Continue: actions that work for the team related to this driver and should proceed.
      • Start: actions/initiatives that the team would like to begin.
      • Stop: actions/initiatives that the team would like to stop.
    • Prioritize the initiatives by considering: Is this initiative something you feel will make an impact on the engagement driver? Eliminate any initiatives that would not make an impact.
    • Have the groups present back and vote on two to three initiatives to implement to drive improvements within that area.

      • Culture

      Engagement driver handout

      Culture: The degree to which an employee identifies with the beliefs, values, and attitudes of the organization.

      Questions:

      • I identify well with the organization’s values.
      • This organization has a collaborative work environment.
      • This organization has a very friendly atmosphere.
      • I am a fit for the organizational culture.

      Ranked Correlation of Impact of Engagement Driver on Retention:

      • Women in IT: #1
      • Men in IT: #2

      Company Potential

      Engagement driver handout

      Company Potential: An employee’s understanding of and commitment to the organization’s mission, and the employee’s excitement about the organization’s mission and future.

      Questions:

      • This organization has a bright future.
      • I am impressed with the quality of people at this organization.
      • People in this organization are committed to doing high-quality work.
      • I believe in the organization’s overall business strategy.
      • This organization encourages innovation.

      Ranked Correlation of Impact of Engagement Driver on Retention:

      • Women in IT: #2
      • Men in IT: #1

      Employee Empowerment

      Engagement driver handout

      Employee Empowerment: The degree to which employees have accountability and control over their work within a supported environment.

      Questions:

      • I am not afraid of trying out new ideas in my job.
      • If I make a suggestion to improve something in my department I believe it will be taken seriously.
      • I am empowered to make decisions about how I do my work.
      • I clearly understand what is expected of me on the job.
      • I have all the tools I need to do a great job.
      • I am given the chance to fully leverage my talents through my job.

      Ranked Correlation of Impact of Engagement Driver on Retention:

      • Women in IT: #3
      • Men in IT: #6

      Learning and Development

      Engagement driver handout

      Learning and Development: A cooperative and continuous effort between an employee and the organization to enhance an employee’s skill set and expertise and meet an employee’s career objectives and the organization’s needs.

      Questions:

      • I can advance my career in this organization.
      • I am encouraged to pursue career development activities.
      • In the last year, I have received an adequate amount of training.
      • In the last year, the training I have received has helped me do my job better.

      Ranked Correlation of Impact of Engagement Driver on Retention:

      • Women in IT: #4
      • Men in IT: #5

      Manager Relationships

      Engagement driver handout

      Manager Relationships: The professional and personal relationship an employee has with their manager. Manager relationships depend on the trust that exists between these two individuals and the extent that a manager supports and develops the employee.

      Questions:

      • My manager inspires me to improve.
      • My manager provides me with high-quality feedback.
      • My manager helps me achieve better results.
      • I trust my manager.
      • My manager cares about me as a person.
      • My manager keeps me well informed about decisions that affect me.

      Ranked Correlation of Impact of Engagement Driver on Retention:

      • Women in IT: #5
      • Men in IT: #11

      Step 2.2

      Examine employee experience

      Activities

      2.2.1 Identify moments that matter

      Understand why and when employees plan to depart

      Leverage “psychology of quitting” expertise.

      Train your managers to provide them with the skills and expertise to recognize the warning signs of an employee’s departure and know how to re-engage and retain them.

      • The majority of resignations are not spur of the moment. They are the result of a compilation of events over a period of time. Normally, these instances are magnified by a stimulant. The final straw or the breaking point drives the employee to make a change. In fact, it has been estimated that a shock jumpstarts 65% of departures.*
        • These shocks could be a lack of promotion, loss of privilege or development opportunity, or a quarrel with a manager.
      • Employees rarely leave right away. Most wait until they have confirmed a new job opportunity before leaving. This creates a window in which you can reengage and retain them.
      • The majority of employees show signs that they are beginning to think of leaving. Whether that is leaving immediately, putting in the bare minimum of effort, or job searching online at work. Train your managers to know the signs and to keep an eye out for potentially dissatisfied and searching employees.*
      • It is easier and less costly to reengage an employee than to start the hiring process from the beginning.
      *Source: The Career Café, 2017

      Examine employee experience (EX)

      Look beyond engagement drivers to drive retention.

      Employee experience (EX) is the employee’s perception of their cumulative lived experiences with the organization. It is gauged by how well the employee’s expectations are met within the parameters of the workplace, especially by the “moments that matter” to them. Individual employee engagement is the outcome of a strong overall EX.

      The image contains a diagram as an example of examining employee experience.

      Drive a positive employee experience

      Identify moments that matter.

      Moments that matter are defining pieces or periods in an employee’s experience that create a critical turning point or memory that is of significant importance to them.

      These are moments that dramatically change the path of the emotional journey, influence the quality of the final outcome, or end the journey prematurely.

      To identify the moment that matters look for significant drops in the emotional journey that your organization needs to improve or significant bumps that your organization can capitalize on. Look for these drops or bumps in the journey and take stock of everything you have recorded at that point in the process. To improve the experience, analyze the hidden needs and how they are or aren’t being met.

      The image contains a screenshot of an example graph to demonstrate opportunities and issues to help drive a positive employee experience.

      Info-Tech Insight

      The moment that matters is key and it could be completely separate from organizational life, like the death of a family member. Leaders can more proactively address these moments that matter by identifying them and determining how to make the touchpoint at that moment more impactful.

      2.2.1 Identify moments that matter

      1. Review your Employee Experience Monitor weekly trends by logging into your dashboard and clicking on “Time Series Trends.”
      2. With your management team, identify any weekly trends where your Employee Experience Score has seen changes in the number of detractor, passive, or promoter responses.
      3. For each significant change identify:
      • Increase in promoters or decrease in detractors:
        • What can we do to duplicate positive moments that occurred this week?
        • What did I do as a leader to create positive employee experiences?
        • What happened in the organization that created a positive employee experience?
      • Increase in detractors or decrease in promoters:
        • What difficult change was delivered this week?
        • What about this change was negatively perceived?
        • During the difficult situation how did we as a leadership team support our staff?
        • Who did we engage and recognize during the difficult situation?
        • Was this situation a one-off issue or is this likely to occur again?
    • Consider your interactions with employees and identify how you made moments matter during those times related to four key engagement drivers impacting women in IT:
      • How did you promote a positive culture and friendly atmosphere?
      • How did you empower female staff to leverage their talents?
      • How did you interact with staff?
      • How did you promote a positive work environment? Where did you see bias in decisions?
    • Independently as manager, document three to five lessons learned from the changes in your detractors and promoters, and determine what action you will take.

      • Measured benefits of positive employee experience

      Positive employee experiences lead to engaged employees, and engaged employees are eight times more likely to recommend the organization (McLean & Company Employee Engagement Database, 2017; N=74,671).

      Retention

      Employees who indicate they are having a positive experience at work have a 52% higher level of intent to stay (Great Place To Work Institute, 2021)

      The bottom line

      Organizations that make employee experience a focus have: 23% higher profitability 10% higher customer loyalty (Achievers, 2021)

      Case Study

      INDUSTRY: Post-Secondary Education

      SOURCE: Adam Grant, “Impact and the Art of Motivation Maintenance: The Effects of Contact with Beneficiaries on Persistence Behavior”

      The future is here! Is your data architecture practice ready?

      Challenge

      A university call center, tasked with raising scholarship money from potential donors, had high employee turnover and low morale.

      Solution

      A study led by Grant arranged for a test group of employees to meet and interact with a scholarship recipient. In the five-minute meeting, employees learned what the student was studying.

      Results

      Demonstrating the purpose behind their work had significant returns. Employees who had met with the student demonstrated:

      More than two times longer “talk time” with potential donors.

      A productivity increase of 400%: the weekly average in donations went from $185.94 to $503.22 for test-group employees.

      Enhance your retention strategies

      Do not wait until employees leave to find out what they were unhappy with or why they liked the organization. Instead, perform stay interviews with top and core talent to create a holistic understanding of what they are perceiving and feeling.

      Conduct stay interviews

      What is a stay interview?

      A stay interview is a conversation with current employees. It should be performed on a yearly basis and is an informal discussion to generate deeper insight into the employee’s opinions, perspectives, concerns, and complaints. Stay interviews can have a multitude of uses. In this project they will be used to understand why top and core talent chose to stay with the organization to ensure that organizations understand and build upon their current strengths.

      When should you do stay interviews?

      We recommend completing stay interviews at least on an annual, if not quarterly, basis to truly understand how staff are feeling about the organization and their job, why they stay at the organization, and what would cause them to leave. Couple the outcomes of these interviews with employee engagement action planning to ensure that you are able to address talent needs.

      Step 2.3

      Conduct stay interviews and learn why employees stay

      Activities

      2.3.1 Conduct stay interviews

      Conduct regular “stay” or “retention” interviews

      Build stay interviews into the regular routine. By incorporating stay interviews into your schedule, they are more likely to stick. This regularity provides several advantages:

      1. Ensures that retention issues do not take you by surprise. With a finger on the pulse of the organization you will be aware of potential issues.
      2. Acts as a supplement to the engagement survey by providing additional information and context for the current level of emotion within the organization.
      3. Begins to build a wealth of information that can be analyzed to identify themes and trends. This can be used to track whether the reasons why individuals stay are consistent or if are they changing. This will ensure that the retention strategy remains up to date.

      Stay interview best practices:

      • Ideally is performed by managers, but can be performed by HR.
        • Ideally completed by managers as they are more familiar with their employees, have a greater reach, can hold meetings in a more informal setting, and will receive information first hand.
        • If conducted by managers, it’s a best practice to ensure that there is a central repository of themes so that you can identify if there are any trends in the responses, that consistent questions are asked, and that all of the information is in one place
      • Should be an informal conversation.
      • Should be conducted in a non-critical time in the business year.
      • Ask three types of questions:
        • What do you enjoy about working here?
        • What would you change about your working environment?
        • What would encourage or force you to leave the organization?
      • Interview a diverse employee base:
        • Demographics
        • Role
        • Performance level
        • Location
      Source: Talent Management & HT, 2013

      Leverage stay interviews

      Use Info-Tech’s Stay Interview Guide.

      Proactively identify opportunities to drive retention.

      The Stay Interview Guide helps managers conduct interviews with current employees, enabling the manager to understand:

      • The employee's current engagement level.
      • The employee's satisfaction with current role and responsibilities.
      • Suggestions for potential improvements.
      • An employee's intent to stay with the organization.

      Use this template to help you understand how you can best engage your employees and identify any challenges, in terms of moments that mattered, that negatively impacted their intention to stay at the organization.

      The image contains a screenshot of Info-Tech's Stay Interview Guide.

      2.3.1 Conduct stay interviews

      1. If you are using the Employee Experience Monitor, prepare for your stay interviews by reviewing your results and identifying if there have been any changes in the results over the previous six weeks. Identify which demographics have the highest and lowest engagement levels – and identify any changes in experience between different demographics.
      2. Identify a meeting schedule and cadence that seems appropriate for your stay interviews. For example, you likely will not do all staff at the same time and it may be beneficial to space out your meetings throughout the year. Select a candidate for your first stay interview and invite them for a one-on-one meeting. If it’s unusual for you to meet with this employee, we recommend providing some light context around the rationale, such as that you are looking for opportunities to strengthen the organizational culture and better understand how you can improve retention and engagement at the organization.
      3. Download the Stay Interview Template, review all of the questions beforehand, and identify the key questions that you want to ask in the meeting.
      • TIP: Even though this is called a “stay interview,” really it should be more of a conversation, and certainly not an interrogation. Know the questions you want to ask, and ask your staff member if it’s ok if you jot down some notes. It may even be beneficial to have the meeting outside of the office, over lunch, or out for coffee.
    • Hold your meeting with the employee and thank them for their time.
    • Following the meeting, send them a thank-you email to thank them for providing feedback, summarize your top three to five key takeaways from the meeting, verify with them that this aligns with their perspective, and see if they have anything else to add to the conversation. Identify any initiatives or changes that you will make as a result of the information – set a date for execution and follow-up.
    • If you are in the process of recruiting new employees to the organization, don’t forget to remind them of your referral program and ask if they might know of any candidates that would be a good fit for the organization.

      • Download the Stay Interview Guide

      Ten tips for best managing stay interviews

      Although stay interviews are meant to be informal, you should schedule them as you would any other meeting. Simply invite the employee for a chat.

      1. Step out of the office if possible. Opt for your local coffee shop, a casual lunch destination, or another public but informal location.
      2. Keep the conversation short, no more than 15 to 20 minutes. If there are any areas of concern that you think warrant action, ask the employee if they would like to discuss them another time. Suggest another meeting to delve deeper into specific issues.
      3. Be clear about the purpose of the conversation. Stay interviews are not performance reviews.
      4. Focus on what you can do for them. Ask about the employee’s preferences when it comes to feedback and communication (frequency, method, etc.) as well as development (preferences around methods, e.g. coaching or rotations, and personal goals).
      5. Be positive. Ask your employee what they like about their job and use positively framed questions.
      6. Ask about what they like doing. People enjoy talking about what they like to do. Ask employees about the talents and skills they would like to incorporate into their work duties.
      7. Show that you’re listening – paraphrase, ask for clarification, and use appropriate gestures.
      8. Refrain from taking notes during the meeting to preserve a conversational atmosphere.
      9. Pay attention to the employee’s body language and tone. If it appears that they are uncomfortable talking to you, stop the interview or pause to let them collect themselves.
      10. Be open to suggestions, but remember that you can’t control everything. If the employee brings up issues that are beyond your control, tell them that you will do all you can to improve the situation but can’t guarantee anything.

      Related Info-Tech Research

      Recruit and Retain People of Color in IT

      • To stay competitive, IT leaders need to be more involved and commit to a plan to recruit and retain people of color in their departments and organizations. A diverse team is an answer to innovation that can differentiate your company.
      • Treat recruiting and retaining a diverse team as a business challenge that requires full engagement. Info-Tech offers a targeted solution that will help IT leaders build a plan to attract, recruit, engage, and retain people of color.

      Recruit Top IT Talent

      • Changing workforce dynamics and increased transparency have shifted the power from employers to job seekers, stiffening the competition for talent.
      • Candidate expectations match high consumer expectations and affect the employer brand, the consumer brand, and overall organizational reputation. Delivering a positive candidate experience (CX2) is no longer optional.

      Acquire the Right Hires with Effective Interviewing

      • Talk is cheap. Hiring isn’t.
      • Gain insight into and understand the need for a strong interview process.
      • Strategize and plan your interview process.
      • Understand various hiring scenarios and how an interview process may be modified to reflect your organization’s scenario.

      Bibliography

      “4 Hiring Trends Technology Managers Need to Know.” Robert Half Talent Solutions, 4 Oct. 2021. Accessed 4 Feb. 2022.

      “89% of CIOs are concerned about Talent Retention: SOTD CIO.” 2016 Harvey Nash/KPMG CIO Survey, CIO From IDG, 12 Aug. 2016. Web.

      Angier, Michelle, and Beth Axelrod. “Realizing the power of talented women.” McKinsey Insights, Sept. 2014. Web.

      Beansontoast23. “Not being trained on my first dev job.” Reddit, 29 July 2016. Web.

      Birt, Martin. “How to develop a successful mentorship program: 8 steps.” Financial Post, 5 Dec. 2014. Web.

      Bort, Julie. “The 25 Best Tech Employers For Women [Ranked].” Business Insider, 18 Nov. 2014. Web.

      Bradford, Laurence. “15 of the Most Powerful Women in Tech.” The Balance Careers, Updated 4 Feb. 2018. Web.

      “Building A Stronger, Better, More Diverse eBay.” eBay Inc., 31 July 2014. Web.

      “Canada’s Best Employers 2015: The Top 50 Large Companies.” Canadian Business, 2014. Article.

      Cao, Jing, and Wei Xue. “What are the Best practices to Promote High-Ranking Female Employees Within Organizations?” Cornell University ILR School, Spring 2013. Web.

      Cheng, Roger. “Women in Tech: The Numbers Don't Add Up.” CNET, 6 May 2015. Web.

      “CIO Survey 2020: Everything Changed. Or Did It?” Harvey Nash and KPMG, 2020. Accessed 24 Feb. 2022.

      Daley, Sam. “Women in Tech Statistics Show the Industry Has a Long Way to Go.” Built In, 5 May 2021. Accessed 1 March 2022.

      Dixon-Fyle, Sundiatu, et al. “Diversity wins: How inclusion matters.” McKinsey & Company, 19 May 2020. Accessed 24 Feb. 2022.

      Donovan, Julia. “How to Quantify the Benefits of Enhancing Your Employee Experience.” Achievers Solution Inc., 21 Sept. 2021. Web.

      “Engage Me! Employee Engagement Explored.” SoftSolutions, 12 Jan. 2016. Web.

      Erb, Marcus. Global Employee Engagement Benchmark Study. Great Place to Work Institute, 29 Nov. 2021. Accessed 15 Feb. 2022.

      Garner, Mandy. “How to attract and recruit a more gender diverse team.” Working Mums, 4 March 2016. Web.

      Gaur, Shubhra. “Women in IT: Their path to the top is like a maze.” Firstpost, 28 Aug. 2015. Web.

      “Girls Gone Wired Subreddit.” Reddit, n.d. Web.

      Glassdoor Team. “10 Ways to Remove Gender Bias from Job Descriptions.” Glassdoor for Employers Blog, 9 May 2017. Web.

      Grant, Adam. “Impact and the Art of Motivation Maintenance: The Effects of Contact with Beneficiaries on Persistence Behavior.” Organizational Behavior and Human Decision Processes, vol. 103, no. 1, 2007, pp. 53-67. Accessed on ScienceDirect.

      IBM Smarter Workforce Institute. The Employee Experience Index. IBM Corporation, 2016. Web.

      ISACA. “Tech Workforce 2020: The Age and Gender Perception Gap.” An ISACA Global Survey Report, 2019. Accessed 17 Feb. 2022.

      Johnson, Stephanie K., David R. Hekman, and Elsa T. Chan. “If There’s Only One Woman in Your Candidate Pool, There’s Statistically No Chance She’ll Be Hired.” Harvard Business Review, 26 April 2016. Web.

      Kessler, Sarah. “Tech's Big Gender Diversity Push One Year In.” Fast Company, 19 Nov. 2015. Web.

      Kosinski, M. “Why You Might Want to Focus a Little Less on Hiring for Cultural Fit.” Recruiter.com, 11 Aug. 2015. Web.

      Krome, M. A. “Knowledge Transformation: A Case for Workforce Diversity.” Journal of Diversity Management (JDM), vol. 9, no. 2, Nov. 2014, pp. 103-110.

      Ladimeij, Kazim. “Why Staff Resign; the Psychology of Quitting.” The Career Café, 31 March 2017. Updated 9 Jan. 2018. Web.

      Loehr, Anne. “Why You Need a New Strategy For Retaining Female Talent.” ReWork, 10 Aug. 2015. Web.

      Lucas, Suzanne. “How Much Employee Turnover Really Costs You.” Inc., 30 Aug. 2013. Web.

      Marttila, Paula. “5 Step Action Plan To Attract Women Join Tech Startups.” LinkedIn, 10 March 2016. Web.

      Mayor, Tracy. “Women in IT: How deep is the bench?” Computerworld, 19 Nov. 2012. Web.

      McCracken, Douglas M. “Winning the Talent War for Women: Sometimes It Takes a Revolution.” Harvard Business Review, Nov.-Dec. 2000. Web.

      McDonald’s Careers. McDonald’s, n.d. Web.

      McFeely, Shane, and Ben Wigert. “This Fixable Problem Costs U.S. Businesses $1 Trillion.” Gallup, Inc., 31 March 2019. Accessed 4 March 2022.

      Morgan, Jacob. The Employee Experience Advantage: How to Win the War for Talent by Giving Employees the Workspaces they Want, the Tools they Need, and a Culture They Can Celebrate. John Wiley & Sons, Inc., 2017. Print.

      Napolitano, Amy. “How to Build a Successful Mentoring Program.” Training Industry, 20 April 2015. Web.

      Peck, Emily. “The Stats On Women In Tech Are Actually Getting Worse.” Huffington Post. 27 March 2015. Updated 6 Dec. 2017. Web. 20

      Porter, Jane. “Why Are Women Leaving Science, Engineering, And Tech Jobs?” Fast Company, 15 Oct. 2014. Web.

      Pratt, Siofra. “Emma Watson: Your New Recruitment Guru - How to: Attract, Source and Recruit Women.” SocialTalent, 25 Sept. 2014. Web.

      “RBC Diversity Blueprint 2012-2015.” 2012-2015 Report Card, RBC, 2015. Web.

      Richter, Felix. “Infographic: Women’s Representation in Big Tech.” Statista Infographics, 1 July 2021. Web.

      Rogers, Rikki. “5 Ways Companies Can Attract More Women (Aside From Offering to Freeze Their Eggs).” The Muse, n.d. Web.

      Sazzoid. “HOWTO recruit and retain women in tech workplaces.” Geek Feminism Wiki, 10 Jan. 2012. Updated 18 Aug. 2016. Web.

      Seiter, Courtney. “Why We Removed the Word ‘Hacker’ From Buffer Job Descriptions.” Buffer Open blog, 13 March 2015. Updated 31 Aug. 2018. Web.

      Serebrin, Jacob. “With tech giants like Google going after female talent, how can startups compete?” The Globe and Mail, 18 Jan. 2016. Updated 16 May 2018. Web.

      Snyder, Kieran. “Why women leave tech: It's the culture, not because 'math is hard'.” Fortune, 2 Oct. 2014. Web.

      Stackpole, Beth. “5 ways to attract and retain female technologists.” Computerworld, 7 March 2016. Web.

      Sullivan, John. “4 Stay Interview Formats You Really Should Consider.” Talent Management & HT, 5 Dec. 2013. Web.

      Syed, Nurhuda. “IWD 2021: Why Are Women Underrepresented in the C-Suite?” HRD America, 5 March 2021. Web.

      Sylvester, Cheryl. “How to empower women in IT (and beyond) on #InternationalWomenDay.” ITBUSINESS.CA, 31 March 2016. Web.

      “The Power of Parity: Advancing Women’s Equality in the United States.” McKinsey Global Institute, April 2016. Web.

      White, Cindy. “How to Promote Gender Equality in the Workplace.” Chron, 8 Aug. 2018. Web.

      White, Sarah. “Women in Tech Statistics: The Hard Truths of an Uphill Battle.” CIO From IDG Communication, Inc., 8 March 2021. Accessed 24 Feb. 2022.

      ChatGPT Beyond the hype. What can it do for you?

      ChatGPT Beyond The Hype Tymans Group

      Summary of the deck.

      ChatGPT is a generative AI tool developed by OpenAI, a non-profit founded by Silicon Valley titans, including Elon Musk and Sam Altman. It is designed to interact with users in a way that mimics human dialogue. The tool became available via a research release on November 30, 2022, and was an immediate hit – within a week; it attracted more than a million users. Functionally, ChatGPT is designed to answer questions, but it is not the first one. The concept has existed for decades. While it is very powerful, it has also attracted criticism. 

      IT Operations, strategy

      Register to read more …

      Improve IT Operations With AI and ML

      • Buy Link or Shortcode: {j2store}454|cart{/j2store}
      • member rating overall impact: 10.0/10 Overall Impact
      • member rating average dollars saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
      • member rating average days saved: Read what our members are saying
      • Parent Category Name: Operations Management
      • Parent Category Link: /i-and-o-process-management
      • Many IT departments experience difficulty with meeting the business' expectations for service delivery on a regular basis.
      • Despite significant investment in improving various areas of IT operations, you still feel like you’re constantly firefighting.
      • To tackle these issues, businesses tend to invest in purchasing multiple solutions. This not only complicates their IT operations, but also, in some cases, deteriorates functionality.

      Our Advice

      Critical Insight

      • To leverage AI capabilities, you first need to assess the current state of your IT operations and know what your priorities are.
      • Contemplate use cases that will get the most benefit from automation and start with processes that you are relatively comfortable handling.
      • Analyze your initial plan to identify easy wins, then expand your AIOps.

      Impact and Result

      • Perform a current state assessment to spot which areas within your operations management are the least mature and causing you the most grief. Identify which functional areas within operations management need to be prioritized for improvement.
      • Make a shortlist of use cases that will get the most benefit from AI-based technology.
      • Prepare a plan to deploy AI capabilities to improve your IT operations.

      Improve IT Operations With AI and ML Research & Tools

      Start here – read the Executive Brief

      Read our concise Executive Brief to find out about the latest improvements in AIOps and how these can help you improve your IT operations. Review Info-Tech’s methodology and understand the four ways we can support you in completing this project.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Assess the current state of IT operations management

      Identify where your organization currently stands in its operations management practices.

      • AIOps Project Summary Template
      • AIOps Prerequisites Assessment Tool

      2. Identify initiatives that align with operations requirements

      Recognize the benefits of AI and ML for your business. Determine the necessary roles and responsibilities for potential initiatives, then develop and assess your shortlist.

      • AIOps RACI Template
      • AIOps Shortlisting Tool

      3. Develop the AI roadmap

      Analyze your ROI for AIOps and create an action plan. Communicate your AI and ML initiatives to stakeholders to obtain their support.

      • AIOps ROI Calculator
      • AIOps Roadmap Tool
      • AIOps Communications Plan Template
      [infographic]

      Build a Value Measurement Framework

      • Buy Link or Shortcode: {j2store}182|cart{/j2store}
      • member rating overall impact: 9.2/10 Overall Impact
      • member rating average dollars saved: $82,374 Average $ Saved
      • member rating average days saved: 35 Average Days Saved
      • Parent Category Name: Architecture & Strategy
      • Parent Category Link: /architecture-and-strategy
      • Rapid changes in today’s market require rapid, value-based decisions, and organizations that lack a shared definition of value fail to maintain their competitive advantage.
      • Different parts of an organization have different value drivers that must be given balanced consideration.
      • Focusing solely on revenue ignores the full extent of value creation in your organization and does not necessarily result in the right outcomes.

      Our Advice

      Critical Insight

      • Business is the authority on business value. While IT can identify some sources of value, business stakeholders must participate in the creation of a definition that is meaningful to the whole organization.
      • It’s about more than profit. Organizations must have a definition that encompasses all of the sources of value or they risk making short-term decisions with long-term negative impacts.
      • Technology creates business value. Treating IT as a cost center makes for short-sighted decisions in a world where every business process is enabled by technology.

      Impact and Result

      • Standardize your definition of business value. Work with your business partners to define the different sources of business value that are created through technology-enabled products and services.
      • Weigh your value drivers. Ensure that business and IT understand the relative weight and priority of the different sources of business value you have identified.
      • Use a balanced scorecard to understand value. Use the different value drivers to understand and prioritize different products, applications, projects, initiatives, and enhancements.

      Build a Value Measurement Framework Research & Tools

      Start here – read the Executive Brief

      Read this Executive Brief to understand why building a consistent and aligned framework to measure the value of your products and services is vital for setting priorities and getting the business on board.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Define your value drivers

      This phase will help you define and weigh value drivers based on overarching organizational priorities and goals.

      • Build a Value Measurement Framework – Phase 1: Define Your Value Drivers
      • Value Calculator

      2. Measure value

      This phase will help you analyze the value sources of your products and services and their alignment to value drivers to produce a value score that you can use for prioritization.

      • Build a Value Measurement Framework – Phase 2: Measure Value
      [infographic]

      Further reading

      Build a Value Measurement Framework

      Focus product delivery on business value–driven outcomes.

      ANALYST PERSPECTIVE

      "A meaningful measurable definition of value is the key to effectively managing the intake, prioritization, and delivery of technology-enabled products and services."

      Cole Cioran,

      Senior Director, Research – Application Development and Portfolio Management

      Info-Tech Research Group

      Our understanding of the problem

      This Research Is Designed For:

      • CIOs who need to understand the value IT creates
      • Application leaders who need to make good decisions on what work to prioritize and deliver
      • Application and project portfolio managers who need to ensure the portfolio creates business value
      • Product owners who are accountable for delivering value

      This Research Will Help You:

      • Define quality in your organization’s context from both business and IT perspectives.
      • Define a repeatable process to understand the value of a product, application, project, initiative, or enhancement.
      • Define value sources and metrics.
      • Create a tool to make it easier to balance different sources of value.

      This Research Will Also Assist:

      • Product and application delivery teams who want to make better decisions about what they deliver
      • Business analysts who need to make better decisions about how to prioritize their requirements

      This Research Will Help Them:

      • Create a meaningful relationship with business partners around what creates value for the organization.
      • Enable better understanding of your customers and their needs.

      Executive summary

      Situation

      • Measuring the business value provided by IT is critical for improving the relationship between business and IT.
      • Rapid changes in today’s market require rapid, value-based decisions.
      • Every organization has unique drivers that make it difficult to see the benefits based on time and impact approaches to prioritization.

      Complication

      • An organization’s lack of a shared definition of value leads to politics and decision making that does not have a firm, quantitative basis.
      • Different parts of an organization have different value drivers that must be given balanced consideration.
      • Focusing solely on revenue does not necessarily result in the right outcomes.

      Resolution

      • Standardize your definition of business value. Work with your business partners to define the different sources of business value that are created through technology-enabled products and services.
      • Weigh your value drivers. Ensure business and IT understand the relative weight and priority of the different sources of business value you have identified.
      • Use a balanced scorecard to understand value. Use the different value drivers to understand and prioritize different products, applications, projects, initiatives, and enhancements.

      Info-Tech Insight

      1. Business is the authority on business value. While IT can identify some sources of value, business stakeholders must participate in the creation of a definition that is meaningful to the whole organization.
      2. It’s about more than profit. Organizations must have a definition that encompasses all of the sources of value, or they risk making short-term decisions with long-term negative impacts.
      3. Technology creates business value. Treating IT as a cost center makes for short-sighted decisions in a world where every business process is enabled by technology.

      Software is not currently creating the right outcomes

      Software products are taking more and more out of IT budgets.

      38% of spend on IT employees goes to software roles.

      Source: Info-Tech’s Staffing Survey

      18% of opex is spent on software licenses.

      Source: SoftwareReviews.com

      33% of capex is spent on new software.

      However, the reception and value of software products do not justify the money invested.

      Only 34% of software is rated as both important and effective by users.

      Source: Info-Tech’s CIO Business Vision

      IT benchmarks do not help or matter to the business. Focus on the metrics that represent business outcomes.

      A pie chart is shown as an example to show how benchmarks do not help the business.

      IT departments have a tendency to measure only their own role-based activities and deliverables, which only prove useful for selling practice improvement services. Technology doesn’t exist for technology's sake. It’s in place to generate specific outcomes. IT and the business need to be aligned toward a common goal of enabling business outcomes, and that’s the important measurement.

      "In today’s connected world, IT and business must not speak different languages. "

      – Cognizant, 2017

      CxOs stress the importance of value as the most critical area for IT to improve reporting

      A bar graph is shown to demonstrate the CxOs importance of value. Business value metrics are 32% of significant improvement necessary, and 51% where some improvement is necessary.

      N=469 CxOs from Info-Tech’s CEO/CIO Alignment Diagnostic

      Key stakeholders want to know how you and your products or services help them realize their goals.

      While the basics of value are clear, few take the time to reach a common definition and means to measure and apply value

      Often, IT misses the opportunity to become a strategic partner because it doesn’t understand how to communicate and measure its value to the business.

      "Price is what you pay. Value is what you get."

      – Warren Buffett

      Being able to understand the value context will allow IT to articulate where IT spend supports business value and how it enables business goal achievement.

      Value is...

      Derived from business context

    • What is our business context?

      • Enabled through governance and strategy

    • Who sees the strategy through?

      • The underlying context for decision making

    • How is value applied to support decisions?

      • A measure of achievement

    • How do I measure?

      • Determine your business context by assessing the goals and defining the unique value drivers in your organization

      Competent organizations know that value cannot always be represented by revenue or reduced expenses. However, it is not always apparent how to envision the full spectrum of sources of value. Dissecting value by the benefit type and the value source’s orientation allows you to see the many ways in which a product or service brings value to the organization.

      A business value matrix is shown. It shows the relationship between reading customers, increase revenue, reduce costs, and enhance services.

      Financial Benefits vs. Improved Capabilities

      Financial Benefits refers to the degree to which the value source can be measured through monetary metrics and is often quite tangible. Human Benefits refers to how a product or service can deliver value through a user’s experience.

      Inward vs. Outward Orientation

      Inward refers to value sources that have an internal impact and improve your organization’s effectiveness and efficiency in performing its operations.Outward refers to value sources that come from your interaction with external factors, such as the market or your customers.

      Increase Revenue

      Reduce Costs

      Enhance Services

      Reach Customers

      Product or service functions that are specifically related to the impact on your organization’s ability to generate revenue.

      Reduction of overhead. They typically are less related to broad strategic vision or goals and more simply limit expenses that would occur had the product or service not been put in place.

      Functions that enable business capabilities that improve the organization’s ability to perform its internal operations.

      Application functions that enable and improve the interaction with customers or produce market information and insights.

      See your strategy through by involving both IT and the business

      Buy-in for your IT strategy comes from the ability to showcase value. IT needs to ensure it has an aligned understanding of what is valuable to the organization.

      Business value needs to first be established by the business. After that, IT can build a partnership with the business to determine what that value means in the context of IT products and services.

      The Business

      What the Business and IT have in common

      IT

      Keepers of the organization’s mission, vision, and value statements that define IT success. The business maintains the overall ownership and evaluation of the products along with those most familiar with the capabilities or processes enabled by technology.

      Business Value of Products and Services

      Technical subject matter experts of the products and services they deliver and maintain. Each IT function works together to ensure quality products and services are delivered up to stakeholder expectations.

      Measure your product or services with Info-Tech’s Value Measurement Framework (VMF) and value scores

      The VMF provides a consistent and less subjective approach to generating a value score for an application, product, service, or individual feature, by using business-defined value drivers and product-specific value metrics.

      Info-Tech's Value Measurement Framework is shown.

      A consistent set of established value drivers, sources, and metrics gives more accurate comparisons of relative value

      Value Drivers

      Value Sources

      Value Fulfillment Metrics

      Broad categories of values, weighed and prioritized based on overarching goals

      Instances of created value expressed as a “business outcome” of a particular function

      Units of measurement and estimated targets linked to a value source

      Reach Customers

      Customer Satisfaction

      Net Promoter Score

      Customer Loyalty

      # of Repeat Visits

      Create Revenue Streams

      Data Monetization

      Dollars Derived From Data Sales

      Leads Generation

      Leads Conversation Rate

      Operational Efficiency

      Operational Efficiency

      Number of Interactions

      Workflow Management

      Cycle Time

      Adhere to regulations & compliance

      Number of Policy Exceptions

      A balanced and weighted scorecard allows you to measure the various ways products generate value to the business

      The Info-Tech approach to measuring value applies the balanced value scorecard approach.

      Importance of value source

      X

      Impact of value source

      = Value Score

      Which is based on…

      Which is based on…

      Alignment to value driver

      Realistic targets for the KPI

      Which is weighed by…

      Which is estimated by…

      A 1-5 scale of the relative importance of the value driver to the organization

      A 1-5 scale of the application or feature’s ability to fulfill that value source

      +

      Importance of Value Source

      X

      Impact of Value Source

      +

      Importance of Value Source

      +

      Impact of Value Source

      +

      Importance of Value Source

      +

      Impact of Value Source

      +

      Importance of Value Source

      +

      Impact of Value Source

      =

      Balanced Business Value Score

      Value Score1 + VS2 + … + VSN = Overall Balance Value Score

      Value scores help support decisions. This blueprint looks specifically at four use cases for value scores.

      A value score is an input to the following activities:

      1. Prioritize Your Product Backlog

        2. Estimate the relative value of different product backlog items (i.e. epics, features, etc.) to ensure the highest value items are completed first.

        This blueprint can be used as an input into Info-Tech’s Build a Better Backlog.

      2. Prioritize Your Project Backlog

        3. Estimate the relative value of proposed new applications or major changes or enhancements to existing applications to ensure the right projects are selected and completed first.

        This blueprint can be used as an input into Info-Tech’s Optimize Project Intake, Approval, and Prioritization.

      3. Rationalize Your Applications

        4. Gauge the relative value from the current use of your applications to support strategic decision making such as retirement, consolidation, and further investments.

        This blueprint can be used as an input into Info-Tech’s Visualize Your Application Portfolio Strategy With a Business Value-Driven Roadmap.

      4. Categorize Application Tiers

        5. Gauge the relative value of your existing applications to distinguish your most to least important systems and build tailored support structures that limit the downtime of key value sources.

        This blueprint can be used as an input into Info-Tech’s Streamline Application Maintenance.

      The priorities, metrics, and a common understanding of value in your VMF carry over to many other Info-Tech blueprints

      Transition to Product Delivery

      Build a Product Roadmap

      Modernize Your SDLC

      Build a Strong Foundation for Quality

      Implement Agile Practices That Work

      Use Info-Tech’s Value Calculator

      The Value Calculator facilitates the activities surrounding defining and measuring the business value of your products and services.

      Use this tool to:

      • Weigh the importance of each Value Driver based on established organizational priorities.
      • Create a repository for Value Sources to provide consistency throughout each measurement.
      • Produce an Overall Balanced Value Score for a specific item.

      Info-Tech Deliverable

      A screenshot of Info-Tech's Value Calculator is shown.

      Populate the Value Calculator as you complete the activities and steps on the following slides.

      Limitations of the Value Measurement Framework

      "All models are wrong, but some are useful."

      – George E.P. Box, 1979

      Value is tricky: Value can be intangible, ambiguous, and cause all sorts of confusion, with the multiple, and often conflicting, priorities any organization is sure to have. You won’t likely come to a unified understanding of value or an agreement on whether one thing is more valuable than something else. However, this doesn’t mean you shouldn’t try. The VMF provides a means to organize various priorities in a meaningful way and to assess the relative value of a product or service to guide managers and decision makers on the right track and keep alignment with the rest of the organization.

      Relative value vs. ROI: This assessment produces a score to determine the value of a product or service relative to other products or services. Its primary function is to prioritize similar items (projects, epics, requirements, etc.) as opposed to producing a monetary value that can directly justify cost and make the case for a positive ROI.

      Apply caution with metrics: We live in a metric-crazed era, where everything is believed to be measurable. While there is little debate over recent advances in data, analytics, and our ability to trace business activity, some goals are still quite intangible, and managers stumble trying to link these goals to a quantifiable data source.

      In applying the VMF Info-Tech urges you to remember that metrics are not a magical solution. They should be treated as a tool in your toolbox and are sometimes no more than a rough gauge of performance. Carefully assign metrics to your products and services and do not disregard the informed subjective perspective when SMART metrics are unavailable.

      "One of the deadly diseases of management is running a company on visible figures alone."

      – William Edwards Deming, 1982

      Info-Tech’s Build a Value Measurement Framework glossary of terms

      This blueprint discusses value in a variety of ways. Use our glossary of terms to understand our specific focus.

      Value Measurement Framework (VMF)

      A method of measuring relative value for a product or service, or the various components within a product or service, through the use of metrics and weighted organizational priorities.

      Value Driver

      A board organizational goal that acts as a category for many value sources.

      Value Source

      A specific business goal or outcome that business and product or service capabilities are designed to fulfill.

      Value Fulfillment

      The degree to which a product or service impacts a business outcome, ideally linked to a metric.

      Value Score

      A measurement of the value fulfillment factored by the weight of the corresponding value driver.

      Overall Balanced Value Score

      The combined value scores of all value sources linked to a product or service.

      Relative Value

      A comparison of value between two similar items (i.e. applications to applications, projects to projects, feature to feature).

      Info-Tech offers various levels of support to best suit your needs

      DIY Toolkit

      “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

      Guided Implementation

      “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

      Workshop

      “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

      Consulting

      “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

      Diagnostics and consistent frameworks used throughout all four options

      Build a Value Measurement Framework – project overview

      1. Define Your Value Drivers

      2. Measure Value

      Best-Practice Toolkit

      1.1 Identify your business value authorities.

      2.1 Define your value drivers.

      2.2 Weigh your value drivers.

      • Identify your product or service SMEs.
      • List your products or services items and components.
      • Identify your value sources.
      • Align to a value driver.
      • Assign metrics and gauge value fulfillment.

      Guided Implementations

      Identify the stakeholders who should be the authority on business value.

      Identify, define, and weigh the value drivers that will be used in your VMF and all proceeding value measurements.

      Identify the stakeholders who are the subject matter experts for your products or services.

      Measure the value of your products and services with value sources, fulfillment, and drivers.

      Outcome:

      • Value drivers and weights

      Outcome:

      • An initial list of reusable value sources and metrics
      • Value scores for your products or services

      Phase 1

      Define Your Value Drivers

      First determine your value drivers and add them to your VMF

      One of the main aspects of the VMF is to apply consistent and business-aligned weights to the products or services you will evaluate.

      This is why we establish your value drivers first:

      • Get the right executive-level “value authorities” to establish the overarching weights.
      • Build these into the backbone of the VMF to consistently apply to all your future measurements.
      An image of the Value Measure Framework is shown.

      Step 1.1: Identify Value Authorities

      Phase 1

      1.1: Identify Value Authorities

      1.2: Define Value Drivers

      Phase 2

      2.1: Identify Product or Service SMEs

      2.2: Measure Value

      This step will walk you through the following activities:

      • Identify your authorities on business value.

      This step involves the following participants:

      • Owners of your value measurement framework

      Outcomes of this step

      • Your list of targeted individuals to include in Step 2.1

      Business value is best defined and measured by the combined effort and perspective of both IT and the business

      Buy-in for your IT strategy comes from the ability to showcase value. IT needs to ensure it has an aligned understanding of what is valuable to the organization. First, priorities need to be established by the business. Second, IT can build a partnership with the business to determine what that value means in the context of IT products and services.

      The Business

      What the Business and IT have in common

      IT

      Keepers of the organization’s mission, vision, and value statements that define IT success. The business maintains the overall ownership and evaluation of the products along with those most familiar with the capabilities or processes enabled by technology.

      Business Value of Products and Services

      Technical subject matter experts of the products and services they deliver and maintain. Each IT function works together to ensure quality products and services are delivered up to stakeholder expectations.

      Engage key stakeholders to reach a consensus on organizational priorities and value drivers

      Engage these key players to create your value drivers:

      CEO: Who better holds the vision or mandate of the organization than its leader? Ideally, they are front and center for this discussion.

      CIO: IT must ensure that technical/practical considerations are taken into account when determining value.

      CFO: The CFO or designated representative will ensure that estimated costs and benefits can be used to manage the budgets.

      VPs: Application delivery and mgmt. is designed to generate value for the business. Senior management from business units must help define what that value is.

      Evaluators (PMO, PO, APM, etc.): Those primarily responsible for applying the VMF should be present and active in identifying and carefully defining your organization’s value drivers.

      Steering Committee: This established body, responsible for the strategic direction of the organization, is really the primary audience.

      Identify your authorities of business value to identify, define, and weigh value drivers

      1.1 Estimated Time: 15 minutes

      The objective of this exercise is to identify key business stakeholders involved in strategic decision making at an organizational level.

      1. Review your organization’s governance structure and any related materials.
      2. Identify your key business stakeholders. These individuals are the critical business strategic partners.
        1. Target those who represent the business at an organizational level and often comprise the organization’s governing bodies.
        2. Prioritize a product backlog – include product owners and product managers who are in tune with the specific value drivers of the product in question.

      INFO-TECH TIP

      If your organization does not have a formal governance structure, your stakeholders would be the key players in devising business strategy. For example:

      • CEO
      • CFO
      • BRMs
      • VPs

      Leverage your organizational chart, governing charter, and senior management knowledge to better identify key stakeholders.

      INPUT

      • Key decision maker roles

      OUTPUT

      • Targeted individuals to define and weigh value drivers

      Materials

      • N/A

      Participants

      • Owner of the value measurement framework

      Step 1.2: Define Value Drivers

      Phase 1

      1.1: Identify Value Authorities

      1.2: Define Value Drivers

      Phase 2

      2.1: Identify Product or Service SMEs

      2.2: Measure Value

      This step will walk you through the following activities:

      • Define your value drivers.
      • Weigh your value drivers.

      This step involves the following participants:

      • Owners of your value measurement framework
      • Authorities of business value

      Outcomes of this step

      • A list of your defined and weighted value drivers

      Value is based on business needs and vision

      Value is subjective. It is defined through the organization’s past achievement and its future objectives.

      Purpose & Mission

      Past Achievement & Current State

      Vision & Future State

      Culture & Leadership

      There must be a consensus view of what is valuable within the organization, and these values need to be shared across the enterprise. Instead of maintaining siloed views and fighting for priorities, all departments must have the same value and purpose in mind. These factors – purpose and mission, past achievement and current state, vision and future state, and culture and leadership – impact what is valuable to the organization.

      Value derives from the mission and vision of an organization; therefore, value is unique to each organization

      Business value represents what the business needs to do to achieve its target state. Establishing the mission and vision helps identify that target state.

      Mission

      Vision

      Business Value

      Why does the company exist?

      • Specify the company’s purpose, or reason for being, and use it to guide each day’s activities and decisions.

      What does the organization see itself becoming?

      • Identify the desired future state of the organization. The vision articulates the role the organization strives to play and the way it wants to be perceived by the customer.
      • State the ends, rather than the means, to get to the future state.

      What critical factors fulfill the mission and vision?

      • Articulate the important capabilities the business should have in order to achieve its objectives. All business activities must enable business value.
      • Communicate the means to achieve the mission and vision.

      Understand the many types of value your products or services produce

      Competent organizations know that value cannot always be represented by revenue or reduced expenses. However, it is not always apparent how to envision the full spectrum of value sources. Dissecting value by the benefit type and the value source’s orientation allows you to see the many ways in which a product or service brings value to the organization.

      A business value matrix is shown. It shows the relationship between reading customers, increase revenue, reduce costs, and enhance services.

      Financial Benefits vs. Improved Capabilities

      Financial Benefits refers to the degree to which the value source can be measured through monetary metrics and is often quite tangible. Human Benefits refers to how a product or service can deliver value through a user’s experience.

      Inward vs. Outward Orientation

      Inward refers to value sources that have an internal impact and improve your organization’s effectiveness and efficiency in performing its operations. Outward refers to value sources that come from your interaction with external factors, such as the market or your customers.

      Increase Revenue

      Reduce Costs

      Enhance Services

      Reach Customers

      Product or service functions that are specifically related to the impact on your organization’s ability to generate revenue.

      Reduction of overhead. They typically are less related to broad strategic vision or goals and more simply limit expenses that would occur had the product or service not been put in place.

      Functions that enable business capabilities that improve the organization’s ability to perform its internal operations.

      Application functions that enable and improve the interaction with customers or produce market information and insights.

      Expand past Info-Tech’s high-level value quadrants and identify the value drivers specific to your organization

      Different industries have a wide range of value drivers. Consider the difference between public and private entities with respect to generating revenue or reaching their customers or other external stakeholders. Even organizations in the same industry may have different values. For example, a mature, well-established manufacturer may view reputation and innovation as its highest-priority values, whereas a struggling manufacturer will see revenue or market share growth as its main drivers.

      Value Drivers

      Increase Revenue

      Reduce Costs

      Enhance Services

      Reach Customers

      • Revenue growth
      • Data monetization
      • Cost optimization
      • Labor reduction
      • Collaboration
      • Risk and compliance
      • Customer experience
      • Trust and reputation

      You do not need to dissect each quadrant into an exhaustive list of value drivers. Info-Tech recommends defining distinct value drivers only for the areas you’ve identified as critical to your organization’s core goals and objectives.

      Understand value drivers that enable revenue growth

      Direct Revenue

      This value driver is the ability of a product or service to directly produce revenue through core revenue streams.

      Can be derived from:

      • Creating revenue
      • Improving the revenue generation of an existing service
      • Preventing the loss of a revenue stream

      Be aware of the differences between your products and services that enable a revenue source and those that facilitate the flow of capital.

      Funding

      This value driver is the ability of a product or service to enable other types of funding unrelated to core revenue streams.

      Can be derived from:

      • Tax revenue
      • Fees, fines, and ticketing programs
      • Participating in government subsidy or grant programs

      Be aware of the difference between your products and services that enable a revenue source and those that facilitate the flow of capital.

      Scale & Growth

      In essence, this driver can be viewed as the potential for growth in market share or new developing revenue sources.

      Does the product or service:

      • Increase your market share
      • Help you maintain your market share

      Be cautious of which items you identify here, as many innovative activities may have some potential to generate future revenue. Stick to those with a strong connection to future revenue and don’t qualify for other value driver categories.

      Monetization of Assets

      This value driver is the ability of your products and services to generate additional assets.

      Can be derived from:

      • Sale of data
      • Sale of market or customer reports or analysis
      • Sale of IP

      This value source is often overlooked. If given the right attention, it can lead to a big win for IT’s role in the business.

      Understand value drivers that reduce costs

      Cost Reduction

      A cost reduction is a “hard” cost saving that is reflected as a tangible decrease to the bottom line.

      This can be derived from reduction of expenses such as:

      • Salaries and wages
      • Hardware/software maintenance
      • Infrastructure

      Cost reduction plays a critical role in an application’s ability to increase efficiency.

      Cost Avoidance

      A cost avoidance is a “soft” cost saving, typically achieved by preventing a cost from occurring in the first place (i.e. risk mitigation). Cost avoidance indirectly impacts the bottom line.

      This can be derived from prevention of expenses by:

      • Mitigating a business outage
      • Mitigating another risk event
      • Delaying a price increase

      Understand the value drivers that enhance your services

      Enable Core Operations

      Some applications are in place to facilitate and support the structure of the organization. These vary depending on the capabilities of your organization but should be assessed in relation to the organization’s culture and structure.

      • Enables a foundational capability
      • Enables a niche capability

      This example is intentionally broad, as “core operations” should be further dissected to define different capabilities with ranging priority.

      Compliance

      A product or service may be required in order to meet a regulatory requirement. In these cases, you need to be aware of the organizational risk of NOT implementing or maintaining a service in relation to those risks.

      In this case, the product or service is required in order to:

      • Prevent fines
      • Allow the organization to operate within a specific jurisdiction
      • Remediate audit gaps
      • Provide information required to validate compliance

      Internal Improvement

      An application’s ability to create value outside of its core operations and facilitate the transfer of information, insights, and knowledge.

      Value can be derived by:

      • Data analytics
      • Collaboration
      • Knowledge transfer
      • Organizational learning

      Innovation

      Innovation is typically an ill-defined value driver, as it refers to the ability of your products and services to explore new value streams.

      Consider:

      • Exploration into new markets and products
      • New methods of organizing resources and processes

      Innovation is one of the more divisive value drivers, as some organizations will strive to be cutting edge and others will want no part in taking such risks.

      Understand business value drivers that connect the business to your customers

      Policy

      Products and services can also be assessed in relation to whether they enable and support policies of the organization. Policies identify and reinforce required processes, organizational culture, and core values.

      Policy value can be derived from:

      • The service or initiative will produce outcomes in line with our core organizational values.
      • Products that enable sustainability and corporate social responsibility

      Experience

      Applications are often designed to improve the interaction between customer and product. This value type is most closely linked to product quality and user experience. Customers, in this sense, can also include any stakeholders who consume core offerings.

      Customer experience value can be derived from:

      • Improving customer satisfaction
      • Ease of use
      • Resolving a customer issue or identified pain point
      • Providing a competitive advantage for your customers

      Customer Information

      Understanding demand and customer trends is a core driver for all organizations. Data provided through understanding the ways, times, and reasons that consumers use your services is a key driver for growth and stability.

      Customer information value can be achieved when an app:

      • Addresses strategic opportunities or threats identified through analyzing trends
      • Prevents failures due to lack of capacity to meet demand
      • Connects resources to external sources to enable learning and growth within the organization

      Trust & Reputation

      Products and services are designed to enable goals of digital ethics and are highly linked to your organization’s brand strategy.

      Trust and reputation can also be described as:

      • Customer loyalty and sustainability
      • Customer privacy and digital ethics

      Prioritizing this value source is critical, as traditional priorities can often come at the expense of trust and reputation.

      Define your value drivers

      1.2 Estimated Time: 1.5 hours

      The objective of this exercise is to establish a common understanding of the different values of the organization.

      1. Place your business value authorities at the center of this exercise.
      2. Collect all the documents your organization has on the mission and vision, strategy, governance, and target state, which may be defined by enterprise architecture.
      3. Identify the company mission and vision. Simply transfer the information from the mission and vision document into the appropriate spaces in the business value statement.
      4. Determine the organization’s business value drivers. Use the mission and vision, as well as the information from the collected documents, to formulate your own idea of business values.
      5. Use value driver template on the next slide to define the value driver, including:
      • Value Driver Name
      • Description
      • Related Business Capabilities – If available, review business architecture materials, such as business capability maps.
      • Established KPI and Targets – If available, include any organization-wide established KPIs related to your value driver. These KPIs will likely be used or influence the metrics eventually assigned to your applications.

      INPUT

      • Mission, vision, value statements

      OUTPUT

      • List and description of value drivers

      Materials

      • Whiteboard
      • Markers

      Participants

      • Business value authorities
      • Owner of value measurement framework

      Example Value Driver

      Value Driver Name

      Reach Customers

      Value Driver Description

      Our organization’s ability to provide quality products and experience to our core customers

      Value Driver Weight

      10/10

      Related Business Capabilities

      • Customer Services
      • Marketing
        • Customer Segmentation
        • Customer Journey Mapping
      • Product Delivery
        • User Experience Design
        • User Acceptance Testing

      Key Business Outcomes, KPIs, and Targets

      • Improved Customer Satisfaction
        • Net Promotor Score: 80%
      • Improved Loyalty
        • Repeat Sales: 30%
        • Customer Retention: 25%
        • Customer Lifetime Value: $2,500
      • Improved Interaction
        • Repeat Visits: 50%
        • Account Conversation Rates: 40%

      Weigh your value drivers

      1.3 Estimated Time: 30 minutes

      The objective of this exercise is to prioritize your value drivers based on their relative importance to the business.

      1. Again, place the business value authorities at the center of this exercise.
      2. In order to determine priority, divide 100% among your value drivers, allocating a percentage to each based on its relative importance to the organization.
      3. Normalize those percentages on to a scale of 1 to 10, which will act as the weights for your value drivers.

      INPUT

      • Mission, vision, value statements

      OUTPUT

      • Weights for value drivers

      Materials

      • Whiteboard
      • Markers

      Participants

      • Business value authorities
      • Owner of value measurement framework

      Weigh your value drivers

      1.3 Estimated Time: 30 minutes

      Value Driver

      Percentage Allocation

      1 to 10 Weight

      Revenue and other funding

      24%

      9

      Cost reduction

      8%

      3

      Compliance

      5%

      2

      Customer value

      30%

      10

      Operations

      13%

      7

      Innovation

      5%

      2

      Sustainability and social responsibility

      2%

      1

      Internal learning and development

      3%

      1

      Future growth

      10%

      5

      Total

      100%

      Carry results over to the Value Calculator

      1.3

      Document results of this activity in the “Value Drivers” tab of the Value Calculator.

      A screenshot of Info-Tech's Value Calculator is shown.

      List your value drivers.

      Define or describe your value drivers.

      Use this tool to create a repository for value sources to reuse and maintain consistency across your measurements.

      Enter the weight of each value driver in terms of importance to the organization.

      Phase 2

      Measure Value

      Step 2.1: Identify Product or Service SMEs

      Phase 1

      1.1: Identify Value Authorities

      1.2: Define Value Drivers

      Phase 2

      2.1: Identify Product or Service SMEs

      2.2: Measure Value

      This step will walk you through the following activities:

      • Identify your product or service SMEs.
      • List your product or services items and components.

      This step involves the following participants:

      • Owners of your value measurement framework
      • Product or service SMEs

      Outcomes of this step

      • Your list of targeted individuals to include in Step 2.2

      Identify the products and services you are evaluating and break down their various components for the VMF

      In order to get a full evaluation of a product or service you need to understand its multiple facets, functions, features capabilities, requirements, or any language you use to describe its various components.

      An image of the value measure framework is shown.

      Decompose a product or service:

      • Get the right subject matter experts in place who know the business and technical aspects of the product or service.
      • Decompose the product or service to capture all necessary components.

      Before beginning, consider how your use case will impact your value measurement approach

      This table looks at how the different use cases of the VMF call for variations of this analysis, is directed at different roles, and relies on participation from different subject matter experts to provide business context.

      Use Case (uses of the VMF applied in this blueprint)

      Value (current vs. future value)

      Item (the singular entity you are producing a value score for)

      Components (the various facets of that entity that need to be considered)

      Scope (# of systems undergoing analysis)

      Evaluator (typical role responsible for applying the VMF)

      Cadence (when and why do you apply the VMF)

      Information Sources (what documents, tools, etc., do you need to leverage)

      SMEs (who needs to participate to define and measure value)

      1. Prioritize Your Product Backlog

      You are estimating future value of proposed changes to an application.

      Product backlog items (epic, feature, etc.) in your product backlog

      • Features
      • User stories
      • Enablers

      A product

      Product owner

      Continuously apply the VMF to prioritize new and changing product backlog items.

      • Epic hypothesis, documentation
      • Lean business case

      Product manager

      ????

      2. Prioritize Your Project Backlog

      Proposed projects in your project backlog

      • Benefits
      • Outcomes
      • Requirements

      Multiple existing and/or new applications

      Project portfolio manager

      Apply the VMF during your project intake process as new projects are proposed.

      • Completed project request forms
      • Completed business case forms
      • Project charters
      • Business requirements documents

      Project manager

      Product owners

      Business analysts

      3. Application Rationalization

      You are measuring current value of existing applications and their features.

      An application in your portfolio

      The uses of the application (features, function, capabilities)

      A subset of applications or the full portfolio

      Application portfolio manager

      During an application rationalization initiative:

      • Iteratively collect information and perform value measurements.
      • Structure your iterations based on functional areas to target the specific SMEs who can speak to a particular subset of applications.
      • Business capability maps

      Business process owners

      Business unit representatives

      Business architects

      Application architects

      Application SMEs

      4. Application Categorization

      The full portfolio

      Application maintenance or operations manager

      • SLAs
      • Business capability maps

      Identify your product or service SMEs

      2.1 Estimated Time: 15 minutes

      The objective of this exercise is to identify specific business stakeholders who can speak to the business outcomes of your applications at a functional level.

      1. Review your related materials that reference the stakeholders for the scoped products and services (i.e. capability maps, org charts, stakeholder maps).
      2. Identify your specific business stakeholders and application SMEs. These individuals represent the business at a functional level and are in tune with the business outcomes of their operations and the applications that support their operations.
        1. Use Case 1 – Product Owner, Product Manager
        2. Use Case 2 – Project Portfolio Manager, Project Manager, Product Owners, Business Process Owners, Appropriate Business Unit Representatives
        3. Use Case 3 – Application Portfolio Manager, Product Owners, Business Analysts, Application SMEs, Business Process Owners, Appropriate Business Unit Representatives
        4. Use Case 4 – Application Maintenance Manager, Operations Managers, Application Portfolio Manager, Product Owners, Application SMEs, Business Process Owners, Appropriate Business Unit Representatives

      INPUT

      • Specific product or service knowledge

      OUTPUT

      • Targeted individuals to measure specific products or services

      Materials

      • Whiteboard
      • Markers

      Participants

      • Owner of value measurement framework

      Use Case 1: Collect and review all of the product backlog items

      Prioritizing your product backlog (epics, features, etc.) requires a consistent method of measuring the value of your product backlog items (PBIs) to continuously compare their value relative to one another. This should be treated as an ongoing initiative as new items are added and existing items change, but an initial introduction of the VMF will require you to collect and analyze all of the items in your backlog.

      Regardless of producing a value score for an epic, feature, or user story, your focus should be on identifying their various value sources. Review your product’s artifact documentation, toolsets, or other information sources to extract the business outcomes, impact, benefits, KPIs, or any other description of a value source.

      High

      Epics

      Carefully valuated with input from multiple stakeholders, using metrics and consistent scoring

      Level of valuation effort per PBI

      User Stories

      Collaboratively valuated by the product owner and teams based on alignment and traceability to corresponding epic or feature

      Low

      Raw Ideas

      Intuitively valuated by the product owner based on alignment to product vision and organization value drivers

      What’s in your backlog?

      You may need to create standards for defining and measuring your different PBIs. Traceability can be critical here, as defined business outcomes for features or user stories may be documented at an epic level.

      Additional Research

      Build a Better Backlog helps you define and organize your product backlog items.

      Use Case 2: Review the scope and requirements of the project to determine all of the business outcomes

      Depending on where your project is in your intake process, there should be some degree of stated business outcomes or benefits. This may be a less refined description in the form of a project request or business case document, or it could be more defined in a project charter, business requirements document/toolset, or work breakdown structure (WBS). Regardless of the information source, to make proper use of the VMF you need a clear understanding of the various business outcomes to establish the new or improved value sources for the proposed project.

      Project

      User Requirements

      Business Requirements

      System Requirements

      1

      1

      1

      2

      2

      2

      3

      3

      4

      Set Metrics Early

      Good project intake documentation begins the discussion of KPIs early on. This alerts teams to the intended value and gives your PMO the ability to integrate it into the workload of other proposed or approved projects.

      Additional Research

      Optimize Project Intake, Approval, and Prioritization provides templates to define proposed project benefits and outcomes.

      Use Cases 3 & 4: Ensure you’ve listed all of each application’s uses (functions, features, capabilities, etc.) and user groups

      An application can enable multiple capabilities, perform a variety of functions, and have a range of different user groups. Therefore, a single application can produce multiple value sources, which range in type, impact, and significance to the business’ overarching priorities. In order to effectively measure the overall value of an application you need to determine all of the ways in which that application is used and apply a business-downward view of your applications.

      Business Capability

      • Sub-capability
      • Process
      • Task

      Application

      • Module
      • Feature
      • Function

      Aim for Business Use

      Simply listing the business capabilities of an app can be too high level. Regardless of your organization’s terminology, you need to establish all of the different uses and users of an application to properly measure all of the facets of its value.

      Additional Research

      Discover Your Applications helps you identify and define the business use and features of your applications.

      List your product or services items and components

      2.2 Estimated Time: 15 minutes

      The objective of this exercise is to produce a list of the different items that you are scoring and ensure you have considered all relevant components.

      1. List each item you intend to produce a value score for:
        1. Use Case 1 – This may be the epics in your product backlog.
        2. Use Case 2 – This may be the projects in your project backlog.
        3. Use Cases 3 & 4 – This may be the applications in your portfolio. For this approach Info-Tech strongly recommends iteratively assessing the portfolio to produce a list of a subset of applications.
      2. For each item list its various components:
        1. Use Case 1 – This may be the features or user stories of an epic.
        2. Use Case 2 – This may be the business requirements of a project.
        3. Use Cases 3 & 4 – This may be the modules, features, functions, capabilities, or subsystems of an application.

      Item

      Components

      Add Customer Portal (Epic)

      User story #1: As a sales team member I need to process customer info.

      User story #2: As a customer I want access to…

      Transition to the Cloud (Project)

      Requirement #1: Build Checkout Cart

      NFR – Build integration with data store

      CRM (Application)

      Order Processing (module), Returns & Claims (module), Analytics & Reporting (Feature)

      INPUT

      • Product or service knowledge

      OUTPUT

      • Detailed list of items and components

      Materials

      • Whiteboard
      • Markers

      Participants

      • Owner of value measurement framework
      • Product or service SMEs

      Use Cases 3 & 4: Create a functional view of your applications (optional)

      2.3 Estimated Time: 1 hour

      The objective of this exercise is to establish the different use cases of an application.

      1. Recall the functional requirements and business capabilities for your applications.
      2. List the various actors who will be interacting with your applications and list the consumers who will be receiving the information from the applications.
      3. Based on your functional requirements, list the use cases that the actors will perform to deliver the necessary information to consumers. Each use case serves as a core function of the application. See the diagram below for an example.
      4. Sometimes several use cases are completed before information is sent to consumers. Use arrows to demonstrate the flow of information from one use case to another.

      Example: Ordering Products Online

      Actors

      Order Customer

      Order Online

      Search Products

      		Consumers

      Submit Delivery Information

      Order Customer

      Pay Order

      Bank

      INPUT

      • Product or service knowledge

      OUTPUT

      • Product or service function

      Materials

      • Whiteboard
      • Markers

      Participants

      • Application architect
      • Enterprise architect
      • Business and IT stakeholders
      • Business analyst
      • Development teams

      Use Cases 3 & 4: Create a functional view of your applications (optional) (cont’d.)

      2.3 Estimated Time: 1 hour

      5. Align your application’s use cases to the appropriate business capabilities and stakeholder objectives.

      Example:

      Stakeholder Objective: Automate Client Creation Processes

      Business Capability: Account Management

      Function: Create Client Profile

      Function: Search Client Profiles

      Business Capability: Sales Transaction Management

      Function: Order Online

      Function: Search Products Function: Search Products

      Function: Submit Delivery Information

      Function: Pay Order

      Step 2.2: Measure Value

      Phase 1

      1.1: Identify Value Authorities

      1.2: Define Value Drivers

      Phase 2

      2.1: Identify Product or Service SMEs

      2.2: Measure Value

      This step will walk you through the following activities:

      • Identify your value sources.
      • Align to a value driver.
      • Assign metrics and gauge value fulfillment.

      This step involves the following participants:

      • Owners of your value measurement framework
      • Product or service SMEs

      Outcomes of this step

      • An initial list of reusable value sources and metrics
      • Value scores for your products or services

      Use your VMF and a repeatable process to produce value scores for all of your items

      With your products or services broken down, you can then determine a list of value sources, as well as their alignment to a value driver and a gauge of their value fulfillment, which in turn indicate the importance and impact of a value source respectively.

      A image of the value measure framework is shown.

      Lastly, we produce a value score for all items:

      • Determine business outcomes and value sources.
      • Align to the appropriate value driver.
      • Use metrics as the gauge of value fulfillment.
      • Collect your score.
      • Repeat.

      The business outcome is the impact the product or service has on the intended business activity

      Business outcomes are the business-oriented results produced by organization’s capabilities and the applications that support those capabilities. The value source is, in essence, “How does the application impact the outcome?” and this can be either qualitative or quantitative.

      Quantitative

      Qualitative

      Key Words

      Examples

      Key Words

      Examples

      Faster, cheaper

      Deliver faster

      Better

      Better user experience

      More, less

      More registrations per week

      Private

      Enhanced privacy

      Increase, decrease

      Decrease clerical errors

      Easier

      Easier to input data

      Can, cannot

      Can access their own records

      Improved

      Improved screen flow

      Do not have to

      Do not have to print form

      Enjoyable

      Enjoyable user experience

      Compliant

      Complies with regulation 12

      Transparent

      Transparent progress

      Consistent

      Standardized information gathered

      Richer

      Richer data availability

      Adapted from Agile Coach Journal.

      Measure value – Identify your value sources

      2.4 Estimated Time: 30 minutes

      The objective of this exercise is to establish the different value sources of a product or service.

      1. List the items you are producing an overall balance value score for. These can be products, services, projects, applications, product backlog items, epics, etc.
      2. For each item, list its various business outcomes in the form of a description that includes:
        1. The item being measured
        2. Business capability or activity
        3. How the item impacts said capability or activity

      Consider applying the user story format for future value sources or a variation for current value sources.

      As a (user), I want to (activity) so that I get (impact)

      INPUT

      • Product or service knowledge
      • Business process knowledge

      OUTPUT

      • List of value sources

      Materials

      • Whiteboard
      • Markers

      Participants

      • Owner of value measurement framework
      • Product or service SMEs

      Measure value – Align to a value driver

      2.5 Estimated Time: 30 minutes

      The objective of this exercise is to determine the value driver for each value source.

      1. Align each value source to a value driver. Choose between options A and B.
        1. Using a whiteboard, draw out a 2 x 2 business value matrix or an adapted version based on your own organizational value drivers. Place each value source in the appropriate quadrant.
          1. Increase Revenue
          2. Reduce Costs
          3. Enhance Services
          4. Reach Customers
        2. Using a whiteboard or large sticky pads, create a section for each value driver. Place each value source with the appropriate value driver.

      INPUT

      • Product or service knowledge
      • Business process knowledge

      OUTPUT

      • Value driver weight

      Materials

      • Whiteboard
      • Markers

      Participants

      • Owner of value measurement framework
      • Product or service SMEs

      Brainstorm the different sources of business value (cont’d.)

      2.5

      Example:

      An example of activity 2.5 is shown.

      Carry results over to the Value Calculator

      2.5

      Document results of this activity in the Value Calculator in the Item {#} tab.

      A screenshot of the Value Calculator is shown.

      List your Value Sources

      Your Value Driver weights will auto-populate

      Aim, but do not reach, for SMART metrics

      Creating meaningful metrics

      S pecific

      M easureable

      A chievable

      R ealisitic

      T ime-based

      Follow the SMART framework when adding metrics to the VMF.

      The intention of SMART goals and metrics is to make sure you have chosen a gauge that will:

      • Reflect the actual business outcome or value source you are measuring.
      • Ensure all relevant stakeholders understand the goals or value you are driving towards.
      • Ensure you actually have the means to capture the performance.

      Info-Tech Insight

      Metrics are NOT a magical solution. They should be treated as a tool in your toolbox and are sometimes no more than a rough gauge of performance. Carefully assign metrics to your products and services and do not disregard the informed subjective perspective when SMART metrics are unavailable.

      Info-Tech Best Practice

      One last critical consideration here is the degree of effort required to collect the metric compared to the value of the analysis you are performing. Assessing whether or not to invest in a project should apply the rigor of carefully selecting and measuring value. However, performing a rationalization of the full app portfolio will likely lead to analysis paralysis. Taking an informed subjective perspective may be the better route.

      Measure value – Assign metrics and gauge value fulfillment

      2.6 30-60 minutes

      The objective of this exercise is to determine an appropriate metric for each value source.

      1. For each value source assign a metric that will be the unit of measurement to gauge the value fulfilment of the application.
      2. Review the product or services performance with the metric
        1. Use case 1&2 (Proposed Applications and/or Features) - You will need to estimate the degree of impact the product or services will have on your selected metric.
        2. Use case 3&4 (Existing Applications and/or Features) – You can review historically how the product or service has performed with your selected metric
      3. Determine a value fulfillment on a scale of 1 – 10.

        4. 10 = The product or service far exceeds expectations and targets on the metric.

        5 = the product or service meets expectations on this metric.

        1 = the product or service underperforms on this metric.

      INPUT

      • Product or service knowledge
      • Business process knowledge

      OUTPUT

      • Value driver weight

      Materials

      • Whiteboard
      • Markers

      Participants

      • Owner of value measurement framework
      • Product or service SMEs

      Carry results over to the Value Calculator

      2.6

      Document results of this activity in the Value Calculator in the Item {#} tab.

      A screenshot of Info-Tech's Value Calculator is shown.

      Assign Metrics.

      Consider using current or estimated performance and targets.

      Assess the impact on the value source with the value fulfillment.

      Collect your Overall Balanced Value Score

      Appendix

      Bibliography

      Brown, Alex. “Calculating Business Value.” Agile 2014 Orlando – July 13, 2014. Scrum Inc. 2014. Web. 20 Nov. 2017.

      Brown, Roger. “Defining Business Value.” Scrum Gathering San Diego 2017. Agile Coach Journal. Web.

      Curtis, Bill. “The Business Value of Application Internal Quality.” CAST. 6 April 2009. Web. 20 Nov. 2017.

      Fleet, Neville, Joan Lasselle, and Paul Zimmerman. “Using a Balance Scorecard to Measure the Productivity and Value of Technical Documentation Organizations.” CIDM. April 2008. Web. 20 Nov. 2017.

      Harris, Michael. “Measuring the Business Value of IT.” David Consulting Group. 20 Nov. 2017.

      Intrafocus. “What is a Balanced Scorecard?” Intrafocus. Web. 20 Nov. 2017

      Kerzner, Harold. Project Management: A Systems Approach to Planning, Scheduling, and Controlling. 12th ed., Wiley, 2017.

      Lankhorst, Marc., et al. “Architecture-Based IT Valuation.” Via Nova Architectura. 31 March 2010. Web. 20 Nov. 2017.

      Rachlin, Sue, and John Marshall. “Value Measuring Methodology.” Federal CIO Council, Best Practices Committee. October 2002. Web. April 2019.

      Thiagarajan, Srinivasan. “Bridging the Gap: Enabling IT to Deliver Better Business Outcomes.” Cognizant. July 2017. Web. April 2019.

      Customer Service Management Software Selection Guide

      • Buy Link or Shortcode: {j2store}530|cart{/j2store}
      • member rating overall impact: N/A
      • member rating average dollars saved: N/A
      • member rating average days saved: N/A
      • Parent Category Name: Customer Relationship Management
      • Parent Category Link: /customer-relationship-management
      • The business is unaware of cross-selling opportunities across multiple product lines.
      • Customer service staff attrition rates continue to be high, creating longer response delays for voice channels.
      • Customer service responses are reactive in nature, reinforcing a poor culture for customer experience.

      Our Advice

      Critical Insight

      • After-sales customer service is critical for creating, maintaining, and growing customer relationships. Organizations that fail to provide adequate service will be ill positioned for future customer service and sales efforts.
      • Shift left toward delivering predictive service instead of reactive service to enhance customer experiences.
      • Ensure your key performance indicators accurately reflect the incentives you want to give your customer support staff for delivering appropriate customer service.

      Impact and Result

      • Determine your organization’s customer service maturity (and thus if a standalone CSM tool is relevant).
      • Understand key trends and differentiating features in the CSM marketspace.
      • Evaluate major vendors in the CSM marketspace to discover the best-fitting provider.

      Customer Service Management Software Selection Guide Research & Tools

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Customer Service Management Software Selection Guide – A guide to walk you through the process of selecting CSM software.

      This trends and buyer’s guide will help you:

      • Customer Service Management Software Selection Guide Storyboard

      2. CSM Platform RFP Template – A template to provide vendors with a detailed account of the requirements and the expected capabilities of the desired suite.

      Create your own request for proposal (RFP) for your customer service management suite procurement process by customizing Info-Tech's RFP template.

      • CSM Platform RFP Template

      3. CSM Platform Opportunity Assessment Tool – A tool to assess whether a CSM solution is right for your organization.

      Use this tool to assess your maturity and fit for a CSM solution. It will help identify your current CSM state and assist with the decision to move forward with a new solution or augment certain features.

      • CSM Platform Opportunity Assessment Tool

      4. Software Selection Workbook – A workbook to document your progress as your select software.

      Keep stakeholders engaged with simple and friction-free templates to document your progress for Rapid Application Selection.

      • The Software Selection Workbook

      5. Vendor Evaluation Workbook – A workbook to assess vendor capabilities and compare vendors.

      Leverage a traceable and straightforward Vendor Evaluation Workbook to narrow the field of potential vendors and accelerate the application selection process.

      • The Vendor Evaluation Workbook

      6. CSM Platform RFP Scoring Tool – A tool to support your business in objectively evaluating the CSM vendors being considered for procurement.

      Create an objective and fair scoring process to evaluate the RFPs and demonstrations provided by shortlisted vendors. Within this framework, provide a multidimensional evaluation that analyzes the solution's functional capabilities, architecture, costs, service support, and overall suitability in comparison to the organization's expressed requirements.

      • CSM Platform RFP Scoring Tool

      7. CSM Platform Vendor Demo Script Template – A template to support your business’ evaluation of vendors and their solutions with an effective demonstration.

      Create an organized and streamlined vendor demonstration process by clearly outlining your expectations for the demo. Use the demo as an opportunity to ensure that capabilities expressed by vendors are actually present within the considered solution.

      • CSM Platform Vendor Demo Script Template
      [infographic]

      Further reading

      Customer Service Management Software Selection

      Market trends and buyer’s guide

      Analyst Perspective

      The pandemic and growing younger demographic have shifted the terrain of customer service delivery. Customer service management (CSM) tools ensure organizations enhance customer acquisition, customer retention, and overall revenues into the future.

      It is one thing to research customer service best practices; it is another to experience such service. Whether being put on hold for an hour with a telecommunications company, encountering voice biometric security with a bank, or receiving automated FAQs from a chatbot, we all perform our own primary research in customer service by going about our daily lives. Yet while the pandemic required a shift to this multichannel and digital assistant environment (to account for ongoing agent attrition), this trend was actually just accelerated. A growing younger demographic now prefers online communication channels to voice. Social media (whichever the platform) is a fundamental part of this demographic’s online presence and has instigated the need for customer service delivery to meet customers where they are – for both damage control and enhancing customer relationships.

      Organizations delivering customer service across multiple product lines need to examine what delivery channels they need to satisfy customers, alongside assessing how customer loyalty and cross-selling can increase revenues and company reputation. Customer service management tools can assist and enable the future state.

      Thomas Randall, Ph.D., Research Director

      Thomas Randall, Ph.D.
      Research Director, Info-Tech Research Group

      Executive Summary

      Your Challenge Common Obstacles Info-Tech’s Solution
      • The business is unaware of cross-selling opportunities across multiple product lines.
      • Customer service staff attrition rates continue to be high, creating longer response delays for voice channels.
      • Customer service responses are reactive in nature, reinforcing a poor culture for customer experience.
      • It is not clear if a CSM tool would resolve the business’ challenges or if a better-fitting technology solution is preferable (such as a customer relationship management add-on).
      • The business does not know its customer service maturity well enough to assess the feasibility of adopting a CSM tool.
      		 This trends and buyer’s guide will help you:
      1. Determine your organization’s customer service maturity (and thus if a standalone CSM tool is relevant).
      2. Understand key trends and differentiating features in the CSM marketspace.
      3. Evaluate major vendors in the CSM marketspace to discover the best-fitting provider.

      The objective at the end of the day is to have a single interface that the front-line staff interacts with. I think that is the holy grail when we look at CSM technology. The objective that everyone has in mind is we'd all like to get to one screen and one window. Ultimately, the end game really hasn't changed: How can we make it easy for the agents and how can we minimize their errors? How can we streamline the process so they can work?
      Colin Taylor, CEO, The Taylor Reach Group

      Customer service management tools form an integral part of your CXM technology portfolio

      Customer service management tools are an integral part of CXM

      Info-Tech’s methodology for selecting the right CSM platform

      1. Contextualize the CSM Landscape 2. Select the Right CSM Vendor
      Phase Steps
      1. Define CSM tools.
      2. Explore CSM trends.
      3. Understand if CSM tools are a good fit for your organization.
      1. Build the business case.
      2. Streamline requirements elicitation for CSM.
      3. Construct the request for proposal (RFP)/vendor evaluation workbook.
      Phase Outcomes
      1. Consensus on scope of CSM and key CSM capabilities
      2. Identify your customer service maturity and use for CSM tools
      1. CSM business case
      2. High-value use cases and requirements
      3. CSM RFP/vendor evaluation workbook

      Info-Tech Insight
      Need help constructing your RFP? Use Info-Tech’s CSM Platform RFP Template!

      Guided Implementation

      What does a typical GI on this topic look like?

      Phase 1 Phase 2

      Call #1: Discover if CSM tools are right for your organization. Understand what a CSM platform is and discover the “art of the possible.”

      Call #2: Identify right-sized vendors and build the business case to select a CSM platform.

      Call #3: Define your key CSM requirements.

      Call #4: Build procurement items, such as an RFP and demo script.

      Call #5: Evaluate vendors and perform final due diligence.

      A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

      The CSM selection process should be broken into segments:

      1. CSM vendor shortlisting with this buyer’s guide
      2. Structured approach to selection
      3. Contract review

      Info-Tech offers various levels of support to best suit your needs

      DIY Toolkit Guided Implementation Workshop Consulting
      "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to his the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

      Diagnostics and consistent frameworks are used throughout all four options

      Software Selection Engagement

      Five Advisory Calls Over a Five-Week Period to Accelerate Your Selection Process

      Expert analyst guidance over five weeks on average to select and negotiate software

      Save money, align stakeholders, speed up the process, and make better decisions

      Use a repeatable, formal methodology to improve your application selection process

      Better, faster results, guaranteed, included in membership

      Five advisory calls over a five week period to accelerate your selection process

      Book Your Selection Engagement

      Software Selection Workshops

      40 Hours of Advisory Assistance Delivered Online

      Select Better Software, Faster

      40 hours of expert analyst guidance

      Project & stakeholder management assistance

      Save money, align stakeholders, speed up the process, and make better decisions

      Better, faster results, guaranteed, $25,000 standard engagement fee

      Software selection workshops

      Book Your Workshop Engagement

      Customer Service Management (CSM) Software

      Phase 1: Contextualize the CSM Landscape

      Receive and resolve after-sales requests within a unified CSM platform

      MULTIPLE CHANNELS
      Customers may resolve their issues via a variety of channels, including voice, SMS, email, social media, and live webchat.       		KNOWLEDGE BASE
      Provide a knowledge base for FAQs that is both customer facing (via customer portal) and agent facing (for live resolutions).
      ANALYTICS
      Track customer satisfaction, agent performances, ticket resolutions, backlogs, traffic analysis, and other key performance indicators (KPIs).       		COLLABORATION
      Enable agents to escalate and collaborate within a unified platform (e.g. tagging colleagues to flag a relevant customer query).

      Info-Tech Insight
      After-sales customer service is critical for creating, maintaining, and growing customer relationships. Organizations that fail to provide adequate service will be poorly positioned for future customer service and sales efforts.

      Identify your differentiating CSM requirements that align to your use cases

      INTEGRATIONS
      Note what integrations are available for your contact center, CRM, or industry-specific solutions (e.g. inventory management) to get the most out of CSM.

      SENTIMENT ANALYSIS
      Reads, contextualizes, and categorizes tickets by sentiment (e.g. “positive”) before escalating to an appropriate agent.

      AUTO-RESPONSE EDITOR
      Built-in AI provides prewritten responses or auto-pulls the relevant knowledge article, assisting agents with speed to resolution.

      ATTRIBUTES-BASED ROUTING
      Learns over time how best to route tickets to appropriate agents based on skills, availability, or proximity of an agent (e.g. multilingual, local, or specialist agents).

      AUTOMATED WORKFLOWS
      CSM tool providers have varying usability for workflow building and enablement. Ensure your use cases align.

      TICKET PRIORITIZATION
      Adapts and prioritizes customer issues by service-level agreement (SLA), priority, and severity according to inputted KPIs.

      Good technology will not fix a bad process. I don't care how good the technology is. If the use case is wrong and the process is wrong, it's not going to work.
      Colin Taylor, CEO
      The Taylor Reach Group

      Leverage CSM tools to shift left toward predictive customer service

      Real-time Pre-event Post-event
      Channel example: Notifications via SMS or social media. Channel example: Notifications via SMS or social media. Channel example: Working with an agent or live chatbot. Channel example: Working with an agent or live chatbot.
      “Your car may need a check-up for faulty parts.” “Here is a local garage to fix your tire pressure.” “I see you have poor tire pressure. Here is a local garage.” “Thank you for your patience, how can we help?”
      Predictive Service
      The CSM recommends mitigation options to the customer before the issue occurs and before the customer knows they need it.       		Proactive Service
      The issue occurs but the CSM recommends mitigation options to the customer before the customer contacts the organization.       		Real-Time Service
      The organization offers real-time mitigation options while working with the customer to resolve the issue.       		Reactive Service
      The customer approaches the organization after the issue occurs, but the organization has no insight into the event.

      Selecting a CSM tool should form part of your broader CXM strategy

      Organizations should ask whether they need a standalone CSM solution or a CSM as part of a broader suite of CXM tools. The latter is especially relevant if your organization already invests in a CXM platform.

      Matrix of CMS tools as part of CXM strategy

      CSM tools are best-suited for organizations with high product and service complexity

      Customer Service Complexity

      Low complexity refers to primarily transactional inquiries. High complexity refers to service workflows for symptom analysis, problem identification, and solution delivery.

      Product Complexity

      High complexity refers to having a large number of brands and individual SKUs, technologically complex products, and products with many add-ons.

      A matrix showing that a standalone CSM tool is best where customer service complexity and product complexity are both high.

      Info-Tech Insight
      Use Info-Tech’s CSM Platform Opportunity Assessment Tool to discover your organization’s customer service maturity.

      Activity: Discover your customer service maturity

      30 minutes

      1. Complete the CSM Platform Opportunity Assessment Tool.
      2. Evaluate your result and document whether a CSM business case is warranted (or if a separate technology selection process is needed).
      Input Output
      • Understanding of the current state and how complex the organization’s product line and help desk support are
      • Ranking of the importance of each decision point
      • Assessment results that provide a high-level view of whether your organization’s product and customer service complexity warrant a standalone CSM tool
      Materials Participants
      • CSM Platform Opportunity Assessment Tool
      • Shared screen or projection
      • Customer support analyst(s)
      • Infrastructure and Operations lead(s)
      • Representative customer support staff
      • Product management analyst(s)

      Download the CSM Platform Opportunity Assessment Tool

      Finalize whether your organization is well positioned to leverage CSM tools

      Bypass Adopt
      Monochannel approach
      You do not participate in multichannel campaigns or your customer personas are typically limited to one or two channels (e.g. voice or SMS).       		Multichannel approach
      You are pursuing multifaceted, customer-specific campaigns across a multitude of channels.
      Small to mid-sized business with small CX team
      Do not buy what you do not need. Focus on the foundations of customer experience (CX) first before extending into a full-fledged CSM tool.       		Maturing CX department
      Customer service needs are extending into managing budgets, generating and segmenting leads, and measuring channel effectiveness.
      Limited product range
      CSM tools typically gain return on investment (ROI) if the organization has a complex product range and is looking to increase cross-sell opportunities across different customer personas.       		Multiple product lines
      Customer base and product lines are large enough to engage in opportunities for cross- and up-selling.

      Case Study

      AkzoNobel

      INDUSTRY
      Retail

      SOURCE
      Sprinklr (2021)

      Use CSM tools to unify the multichannel experience and reduce response time.

      Challenge Solution Results
      AzkoNobel is a leading global paints and coatings company. AzkoNobel had 60+ fragmented customer service accounts on social media for multiple brands. There was little consistency in customer experience and agent responses. Moreover, the customer journey was not being tracked, resulting in lost opportunities for cross-selling across brands. The result: slow response times (up to one week) and unsatisfied customers, leaving the AzkoNobel brand in a vulnerable state.

      AkzoNobel leveraged Sprinklr, a customer experience software provider, to unify six social channels, 19 accounts, and six brands. Sprinklr aligned governance across social media channels with AzkoNobel’s strategic business goals, emphasizing the need for process, increasing revenue, and streamlining customer service.

      AzkoNobel was able to use keywords from customers’ inbound messaging to put an escalation process in place.

      Since bringing on Sprinklr in 2015-2016, unifying customer service channels under one multichannel platform resulted in:

      • 172% increase in customer engagement.
      • 133% increase in post comments.
      • 80% reduced response times.
      • 47% of inquiries answered within five minutes.
      • $18,500 added revenues via social media responses.

      How it got here: The birth of CSM tools

      CSM developed alongside the telephone and call center, rather than customer relationship management platforms.

      1920s 1950s 1967-1973 1980-1990s 2000-2010s
      The introduction of lines of credit and growth of household appliance innovations meant households were buying products at an unprecedented rate. Department stores would set up customer service sections to assist with live fixes or returns. Following the Great Depression and World War II, process, efficiency, and computational technology became defining features of customer service. These features were played out in call centers as automatic call distribution (ACD) technology began to scale. With the development of private automatic branch exchange (PABX), AT&T introduced the toll-free telephone number. Companies began training staff and departments for customer service and building loyalty. With the development of interactive voice response (IVR) in 1973, call centers became increasingly more efficient at routing. Analog technology shifted to digital and the term “contact center” was coined. These centers began being outsourced internationally. With the advent of the internet, CSM technology (in the early guise of a “help desk”) became equipped with computer telephony integration (CTI). Software as a service (SaaS) and CRM maturation strengthened the retention and organization of customer data. Social media also enhanced consumer power as companies rushed to prevent online embarrassment. This prompted investment in multichannel customer service.

      Where it’s going: The future of CSM tools lies in predictive analytics

      The capabilities below are available today but will mature over the next few years. Use the roadmap as a guide for your year of implementation.

      2023
      Go mobile first
      85% of customers believe a company’s mobile website should be just as good as its desktop website. Enabling user-friendly mobile websites provides an effective channel to keep inbound calls down.

      2024
      Shift from multichannel to omnichannel
      Integrating CSM tools with your broader CXM suite enables customer data to seamlessly travel between channels for an omnichannel experience.

      2025
      Enable predictive service
      CSM tools integrate with Internet of Things (IoT) systems to provide automated notifications that alert staff of issues and mitigate issues with customers before the issue even occurs.

      2026
      Leverage predictive analytics for ML use cases
      Use customers’ historic data and preferences to perform better automated customer service over time (e.g. providing personalized resolutions based on previous customer engagements).

      Context and scenario play a huge role in measuring good customer service. Ensure your KPIs accurately reflect the incentives you want to give your customer support staff for delivering appropriate customer service.
      David Thomas, Customer Service Specialist
      Freedom Mobile
      (Reve Chat, 2022)

      Key trends in CSM technology

      As predictive analytics matures, organizations are making use of CSM tools’ ability to enhance personalization, improve their social media response times, and enable self-service.

      BIOMETRICS
      65% of customers say they would accept voice recognition to authorize their identity when calling a customer support line (GetApp, 2021).

      PERSONALIZATION
      51% of marketers, advocating for personalization across multiple touchpoints saw 300% ROI (KoMarketing, 2020).

      SOCIAL MEDIA
      29% of customers aged 18 to 39 prefer online chat communication before and after purchase (RingCentral, 2020).

      SELF-SERVICE
      92% of customers say they would use a knowledge base for self-service support if it was available (Vanilla, 2020).

      Customer Service Management (CSM) Software

      Phase 2: Select the Right CSM Vendor

      Conduct a business impact assessment to document the case for CSM tool selection

      Business Opportunity
      Determine high-level understanding of the need that must be addressed, along with the project goals and affiliated key metrics. Establish KPIs to measure project success.

      System Diagram
      Determine the impact on the application portfolio and where integration is necessary.

      Risks
      Identify potential blockers and risk factors that will impede selection.

      High-Level Requirements
      Consider the business functions and processes affected.

      People Impact
      Confirm who will be affected by the output of the technology selection.

      Overall Business Case
      Calculate the ROI and the financial implications of the application selection. Highlight the overarching value.

      Activity: Build the business case

      2 hours

      1. Access the Business Impact Assessment within the Software Selection Workbook (linked below). Store the assessment in a shared folder (such as in SharePoint, OneDrive, or Google Drive).
      2. Set aside two hours (does not need to be all at once) to ensure the selection team aligns with the unifying rationale for selection.
      3. Complete the six steps to arrive at a high-level business case. This case can then be shared and communicated with interested parties (e.g. impacted stakeholders).
      InputOutput
      • Drivers for the business opportunity to adopt CSM tools
      • Understanding of key stakeholders
      • Overview of application portfolio
      • Budgetary information
      • Business Impact Assessment, which captures your high-level business case
      MaterialsParticipants
      • Software Selection Workbook
      • Screen sharing or projector
      • Whiteboard and drawing materials
      • Customer support analyst(s)
      • Infrastructure and Operations lead(s)
      • Representative customer support staff
      • Product management analyst(s)

      Download the Software Selection Workbook

      Elicit and prioritize granular requirements for your CSM platform

      Understanding business needs through requirements gathering is key to defining everything about what is being purchased, yet it is an area where people often make critical mistakes.

      Signs of poorly scoped requirements Best practices
      • Requirements focus on how the solution should work instead of what it must accomplish.
      • Multiple levels of detail exist within the requirements, which are inconsistent and confusing.
      • Requirements drill all the way down into system-level detail.
      • Language is technical and dense, leaving some stakeholder groups confused on what they are actually looking for in a solution.
      • Requirements are copied from a market analysis of the art of the possible, abstract from organization’s own customer persona analysis.
      • Get a clear understanding of what the system needs to do and what it is expected to produce. Build customer personas to assist with identifying high-value use cases.
      • Test against the principle of MECE – requirements should be “mutually exclusive and collectively exhaustive.”
      • Use language that is consistent with that of the market and focus on key differentiators – not table stakes.
      • Include the appropriate level of detail, which should be suitable for procurement and sufficient for differentiating vendors.

      Info-Tech Insight
      Review Info-Tech’s requirements gathering methodology to improve your requirements gathering process.

      Choose your route: RFP or otherwise?

      As you gather requirements, decide which procurement route best suits your context.

      RFI (Request for Information) RFQ (Request for Quotation) RFP (Request for Proposal)
      Purpose and Usage

      Gather information about products/services when you know little about what’s available.

      Often followed by an RFP.

      		Solicit pricing and delivery information for products/services with clearly defined requirements.

      Best for standard or commodity products/services.

      Solicit formal proposals from vendors to conduct an evaluation and selection process.

      Formal and fair process; identical for each participating vendor.

      Level of Intent

      Fact-finding there is no commitment to engage the vendor.

      Vendors are often reluctant to provide quotes.

      		Committed to procure a specific product/service at the lowest price.

      Intent to buy the products/services in the RFP.

      Business case/approval to spend is already obtained.

      Level of Detail High-level requirements and business goals.

      Detailed specifications of what products/services are needed.

      Detailed contract and delivery terms.

      Detailed business requirements and objectives.

      Standard questions and contract term requests for all vendors.

      Response

      Generalized response with high-level product/services.

      Sometimes standard pricing quote.

      		Price quote and confirmation of ability to fulfill desired terms.

      Detailed solution description, delivery approach, customized price quote, and additional requested information.

      Product demo and/or hands-on trial.

      Info-Tech Insight
      If you are in a hurry, consider instead issuing Info-Tech’s Vendor Evaluation Workbook. This workbook speeds up the typical procurement process by adding RFP-like requirements (such as operational and technical requirements) while driving the procurement process via emphasis on high-value use cases.

      Download the Vendor Evaluation Workbook

      Activity: Document requirements

      2 hours

      1. Review each tab of Info-Tech’s CSM Platform RFP Scoring Tool to generate use cases and ideas for your requirements building.
      2. Modify and include additional features you may need, using Info-Tech’s CSM Platform RFP Template to assist with structure (if pursuing an RFP process) or Vendor Evaluation Workbook (if an RFP process is not needed). Pay attention to any nonfunctional requirements (such as security or integrations), alongside future trends of CSM. Vendors must be able to scale with your organization’s growth.
      3. You can use the CSM Platform RFP Scoring Tool again when assessing vendor responses.
      Input Output
      • Key use cases that capture your most important customer service support processes
      • Discussion of CSM future trends and differentiating features
      • Confirmation on organization’s significant nonfunctional requirements (e.g. security or integrations)
      • Either a Requirements Workbook to go straight to shortlisted vendor(s) or an RFP document to solicit a broader market response
      Materials Participants
      • CSM Platform RFP Scoring Tool
      • CSM Platform RFP Template
      • Vendor Evaluation Workbook
      • Customer support analyst(s)
      • Infrastructure and Operations lead(s)
      • Other major stakeholders (for requirements elicitation)

      Download the CSM Platform RFP Scoring Tool

      Download the CSM Platform RFP Template

      Once vendor responses are in, turn product demos into investigative interviews

      Avoid vendor glitz and glamour shows by ensuring vendors are concretely applying their solution to your high-value use cases.

      1 Minimize the number of vendors to four to keep up the pace of the selection process.
      2 Provide a demo script that captures your high-value use cases and differentiating requirements.
      3 Ensure demos are booked close together and the selection committee attends all demos.

      Conduct a day of rapid-fire vendor demos

      Zoom in on high-value use cases and answers to targeted questions

      Rapid-fire vendor investigative interview

      Invite vendors to come onsite (or join you via videoconference) to demonstrate the product and answer questions. Use a highly targeted demo script to help identify how a vendor’s solution will fit your organization’s particular business capability needs.

      Give each vendor 90 to 120 minutes to give a rapid-fire presentation. We suggest the following structure:

      • 30 minutes: Company introduction and vision
      • 60 minutes: Walkthrough of two or three high-value demo scenarios
      • 30 minutes: Targeted Q&A from the business stakeholders and procurement team

      To ensure a consistent evaluation, vendors should be asked analogous questions and answers should be tabulated.

      How to challenge the vendors in the investigative interview

      • Change the visualization/presentation.
      • Change the underlying data.
      • Add additional data sets to the artifacts.
      • Test voice quality (if the vendor offers a native telephony channel).
      • Test collaboration capabilities.

      To kick-start scripting your demo scenarios, leverage our CSM Platform Vendor Demo Script Template.

      A vendor scoring model provides a clear anchor point for your evaluation of CRM vendors based on a variety of inputs

      A vendor scoring model is a systematic method for effectively assessing competing vendors. A weighted-average scoring model is an approach that strikes a strong balance between rigor and evaluation speed.

      How do I build a scoring model? What are some of the best practices?
      • Start by shortlisting the key criteria you will use to evaluate your vendors. Functional capabilities should always be a critical category, but you’ll also want to look at criteria such as affordability, architectural fit, and vendor viability.
      • Depending on the complexity of the project, you may break down some criteria into subcategories to assist with evaluation (for example, breaking down functional capabilities into constituent use cases so you can score each one).
      • Once you’ve developed the key criteria for your project, the next step is weighting each criterion. Your weightings should reflect the priorities for the project at hand. For example, some projects may put more emphasis on affordability, others on vendor partnership.
      • Using the information collected in the subsequent phases of this blueprint, score each criterion from 1 to 100, then multiply by the weighting factor. Add up the weighted scores to arrive at the aggregate evaluation score for each vendor on your shortlist.
      • While the criteria for each project may vary, it’s helpful to have an inventory of repeatable criteria that can be used across application selection projects. The next slide contains an example that you can add to or subtract from.
      • Don’t go overboard on the number of criteria: five to ten weighted criteria should be the norm for most projects. The more criteria (and subcriteria) you must score against, the longer it will take to conduct your evaluation. Always remember, link the level of rigor to the size and complexity of your project! It’s possible to create a convoluted scoring model that takes significant time to fill out but yields little additional value.
      • Creation of the scoring model should be a consensus-driven activity among IT, procurement, and the key business stakeholders – it should not be built in isolation. Everyone should agree on the fundamental criteria and weights that are employed.
      • Consider using not just the outputs of investigative interviews and RFP responses to score vendors, but also third-party review services like SoftwareReviews.

      Info-Tech Insight
      Even the best scoring model will still involve some “art” rather than science. Scoring categories such as vendor viability always entail a degree of subjective interpretation.

      Define how you will score vendor responses and demos

      Your key CSM criteria should be informed by the following goals, use cases, and requirements.

      Criteria Description
      Functional Capabilities How well does the vendor align with the top-priority functional requirements identified in your accelerated needs assessment? What is the vendor’s functional breadth and depth?
      Affordability How affordable is this vendor? Consider a three-to-five-year total cost of ownership (TCO) that encompasses not just licensing costs but also implementation, integration, training, and ongoing support costs.
      Architectural Fit How well does this vendor align with your direction from an enterprise architecture perspective? How interoperable is the solution with existing applications in your technology stack? Does the solution meet your deployment model preferences?
      Extensibility How easy is it to augment the base solution with native or third-party add-ons as your business needs may evolve?
      Scalability How easy is it to expand the solution to support increased user, data, and/or customer volumes? Does the solution have any capacity constraints?
      Vendor Viability How viable is this vendor? Are they an established player with a proven track record or a new and untested entrant to the market? What is the financial health of the vendor? How committed are they to the particular solution category?
      Vendor Vision Does the vendor have a cogent and realistic product roadmap? Are they making sensible investments that align with your organization’s internal direction?
      Emotional Footprint How well does the vendor’s organizational culture and team dynamics align to yours?
      Third-Party Assessments and/or References How well-received is the vendor by unbiased third-party sources like SoftwareReviews? For larger projects, how well does the vendor perform in reference checks (and how closely do those references mirror your own situation)?

      Leverage Info-Tech’s Contract Review Services to level the playing field with shortlisted vendors

      You may be faced with multiple products, services, master service agreements, licensing models, service agreements, and more.

      Use Info-Tech’s Contract Review Services to gain insights on your agreements.

      Consider the aspects of a contract review:

      1. Are all key terms included?
      2. Are they applicable to your business?
      3. Can you trust that results will be delivered?
      4. What questions should you be asking from an IT perspective?

      Validate that a contract meets IT’s and the business’ needs by looking beyond the legal terminology. Use a practical set of questions, rules, and guidance to improve your value for dollar spent.

      Book Contract Review Service

      Download Master Contract Review and Negotiation for Software Agreements

      Customer Service Management (CSM) Software

      Vendor Analysis

      Evaluate software category leaders through vendor rankings and awards

      SoftwareReviews

      The Data Quadrant is a thorough evaluation and ranking of all software in an individual category to compare platforms across multiple dimensions.

      Vendors are ranked by their Composite Score, based on individual feature evaluations, user satisfaction rankings, vendor capability comparisons, and likeliness to recommend the platform.

      The Emotional Footprint is a powerful indicator of overall user sentiment toward the relationship with the vendor, capturing data across five dimensions.

      Vendors are ranked by their Customer Experience (CX) Score, which combines the overall Emotional Footprint rating with a measure of the value delivered by the solution.

      Speak with category experts to dive deeper into the vendor landscape

      SoftwareReviews

      Fact-based reviews of business software from IT professionals.

      Product and category reports with state-of-the-art data visualization.

      Top-tier data quality backed by a rigorous quality assurance process.

      User-experience insight that reveals the intangibles of working with a vendor.

      SoftwareReviews is powered by Info-Tech

      Technology coverage is a priority for Info-Tech, and SoftwareReviews provides the most comprehensive, unbiased data on today’s technology. Combined with the insight of our expert analysts, our members receive unparalleled support in their buying journey.

      Click here to access SoftwareReviews

      Comprehensive software reviews to make better IT decisions

      We collect and analyze the most detailed reviews on enterprise software from real users to give you an unprecedented view into the product and vendor before you buy.

      Microsoft Dynamics 365

      Est. 2003 | WA, USA | MSFT:NASDAQ

      Bio

      To accelerate your digital transformation, you need a new type of business application. One that breaks down the silos between CRM and ERP, that’s powered by data and intelligence, and helps capture new business opportunities. That’s Microsoft Dynamics 365.

      Offices

      Microsoft is located all over the world. For a full list, see Microsoft Worldwide Sites.

      representative Customers

      Stated Industry Specializations

      • Covers an extremely wide range of industries, such as finance, education, government, healthcare, manufacturing, and retail.

      Software review for Microsoft

      SoftwareReviews’ CSM Enterprise Vendor Ranking
      (out of 7)

      Likeliness to Recommend

      • 7th (81%)

      Plan to Renew

      • 6th (93%)

      Satisfaction That Cost Is Fair Relative to Value

      • 2nd (81%)

      Strengths

      • Product Strategy and Rate of Improvement (1st)
      • Ease of Customization (1st)
      • Breadth of Features (2nd)

      Areas to Improve

      • Availability and Quality of Training (5th)
      • Ease of Implementation (7th)
      • Usability and Intuitiveness (7th

      Microsoft Dynamics 365

      History

      Founded 2003 (as Microsoft Dynamics CRM)
      2005 Second version branded Dynamics 3.0.
      2009 Dynamics CRM 4.0 (Titan) passes 1 million user mark.
      2015 Announces availability of CRM Cloud design for FedRAMP compliance.
      2016 Dynamics 365 released as successor to Dynamics CRM.
      2016 Microsoft’s acquisition of LinkedIn provides line of data to 500 million users.
      2021 First-party voice channel added to Dynamics 365.
      2022 Announces Digital Contact Center Platform powered with Nuance AI, MS Teams, and Dynamics 365.

      Microsoft is rapidly innovating in the customer experience technology marketspace. Alongside Dynamics 365’s omnichannel offering, Microsoft is building out its own native contact center platform. This will provide new opportunities for centralization without multivendor management between Dynamics 365, Microsoft Teams, and an additional third-party telephony or contact-center-as-a-service (CCaaS) vendor. SoftwareReviews reports suggest that Microsoft is a market leader in the area of product innovation for CSM, and this area of voice channel capability is where I see most industry interest.

      Of course, Dynamics 365 is not a platform to get only for CSM functionality. Users will typically be a strong Microsoft shop already (using Dynamics 365 for customer relationship management) and are looking for native CSM features to enhance customer service workflow management and self-service.
      Thomas Randall
      Research Director, Info-Tech Research Group

      Info-Tech Insight
      Pricing for Microsoft Dynamics 365 is often contextualized to an organization’s needs. However, this can create complicated licensing structures. Two Info-Tech resources to assist are:

      *This service may be used for other enterprise CSM providers too, including Salesforce, ServiceNow, SAP, and Oracle.
      Contact your account manager to review your access to this service.

      Freshworks

      Est. 2010 | CA, USA | FRSH:NASDAQ

      Bio

      Freshworks' cloud-based customer support software, Freshdesk, makes customer happiness refreshingly easy. With powerful features, an easy-to-use interface, and a freemium pricing model, Freshdesk enables companies of all sizes to provide a seamless multichannel support experience across email, phone, web, chat, forums, social media, and mobile apps. Freshdesk’s capabilities include robust ticketing, SLA management, smart automations, intelligent reporting, and game mechanics to motivate agents.

      Offices

      • Americas: US
      • Asia-Pacific (APAC): Australia, India, Singapore
      • Europe, Middle East, and Africa (EMEA): France, Germany, Netherlands, UK

      Freshworks Representative Customers

      Stated Industry Specializations

      • Automotive
      • Education
      • Energy
      • Finance
      • Healthcare
      • Nonprofit
      • Professional Services
      • Publishing
      • Real Estate
      • Retail
      • Travel

      Software Review of Freshworks

      SoftwareReviews’ CSM Enterprise Vendor Ranking
      (out of 7)

      Likeliness to Recommend

      • 3rd (83%)

      Plan to Renew

      • 4th (94%)

      Satisfaction That Cost Is Fair Relative to Value

      • 3rd (80%)

      Strengths

      • Breadth of Features (1st)
      • Usability and Intuitiveness (1st)
      • Ease of Implementation (2nd)

      Areas to Improve

      • Ease of IT Administration (3rd)
      • Vendor Support (4th)
      • Product Strategy and Rate of Improvement (4th)

      Freshworks

      History

      Founded 2010
      2011 Freshdesk forms a core component of product line.
      2014 Raises significant capital in Series D round: $31M.
      2016 Acquires Airwoot, enabling real-time customer support on social media.
      2019 Raises $150M in Series H funding round.
      2019 Acquires Natero, which predicts, analyzes, and drives customer behavior.
      2021 Surpasses $300M in annual recurring revenues.
      2021 Freshworks posts its IPO listing.

      Freshworks stepped into the SaaS customer support marketspace in 2010 to attract dissatisfied Zendesk eSupport customers, following Zendesk’s large price increases that year (of 300%). After performing well during the pandemic, Freshworks has reinforced its global positioning in the CSM tool marketspace; SoftwareReviews data suggests Freshworks performs very well against its competitors for breadth and intuitiveness of its features.

      Freshworks receives strong recommendations from Info-Tech’s members, boasting a broad product selection that enables opportunities for scaling and receiving a high rate of value return. Of note are Freshworks’ internal customer management solution and its native contact center offering, limiting multivendor management typically required for integrating separate IT service management (ITSM) and CCaaS solutions.
      Thomas Randall
      Research Director, Info-Tech Research Group

      Free Growth Pro Enterprise
      • $0 up to 10 agents
      • Knowledge base
      • Ticket routing
      • Out-of-box analytics
      • $15 agent/month
      • Collision detection
      • Integrations
      • Automated follow-ups
      • $49 agent/month
      • Multiple product lines
      • Personalization
      • CSAT surveys
      • Customer journey
      • $79 agent/month
      • Assist bot and email bot
      • Skill-based routing

      *Pricing correct as of November 2022. Listed in USD and absent discounts.
      See pricing on vendor’s website for latest information.

      Help Scout

      Est. 2006 | MA, USA | HUBS:NYSE

      Bio
      Help Scout is designed with your customers in mind. Provide email and live chat with a personal touch and deliver help content right where your customers need it, all in one place, all for one low price. The customer experience is simple and training staff is painless, but Help Scout still has all the powerful features you need to provide great support at scale. With best-in-class reporting, an integrated knowledge base, 50+ integrations, and a robust API, Help Scout lets your team focus on what really matters: your customers.

      Offices

      • Americas: Canada, Colombia, US
      • APAC: Australia, Japan, Singapore
      • EMEA: Belgium, France, Ireland, Germany, UK

      Questions for support transition

      Stated Industry Specializations

      • eCommerce
      • Education
      • Finance
      • Healthcare
      • Logistics
      • Manufacturing
      • Media
      • Professional Services
      • Property Management
      • Software

      Software Review of Help Scout

      SoftwareReviews’ CSM Enterprise Vendor Ranking
      (out of 7)

      Likeliness to Recommend

      • 4th (82%)

      Plan to Renew

      • 7th (87%)

      Satisfaction That Cost Is Fair Relative to Value

      • 7th (71%)

      Strengths

      • Business Value Created (1st)
      • Ease of Data Integration (1st)
      • Breadth of Features (3rd)

      Areas to Improve

      • Ease of IT Administration (5th)
      • Product Strategy and Rate of Improvement (5th)
      • Quality of Features (6th)

      Help Scout

      History

      Founded 2011
      2015 Raised $6M in Series A funding.
      2015 Rebrands from Brightwurks to Help Scout.
      2015 Named by Appstorm as one of six CSM tools to delight Mac users.
      2016 iOS app released.
      2017 Android app released.
      2020 All employees instructed to work remotely.
      2021 Raises $15M in Series B funding.

      Help Scout provides a simplified, standalone CSM tool that operates like a shared email inbox. Best suited for mid-sized organizations, customers can expect live chat, in-app messaging, and knowledge-base functionality. A particular strength is Help Scout’s integration capabilities, with a wide range of CRM, eCommerce, marketing, and communication APIs available. This strength is also reflected in the data: SoftwareReviews lists Help Scout as first in its CSM category for ease of data integrations.

      Customers who are expecting a broader range of channels (including voice, video cobrowsing, and so on) will not find good return on investment with Help Scout. However, for mid-sized organizations looking to begin maturing their customer service management, Help Scout provides a strong foundation – especially for enhancing in-house collaboration between support staff.
      Thomas Randall
      Research Director, Info-Tech Research Group

      Standard Plus Pro
      • $20 user/month
      • Live chat
      • Up to 25 users
      • 50+ integrations
      • 2 mailboxes
      • $40 user/month
      • Advanced permissions
      • Group users
      • 5 mailboxes
      • $65 user/month
      • HIPAA compliance
      • Onboarding service
      • Dedicated account manager

      *Pricing correct as of November 2022. Listed in USD and absent discounts.
      See pricing on vendor’s website for latest information.

      HubSpot

      Est. 2006 | MA, USA | HUBS:NYSE

      Bio
      HubSpot’s Service Hub brings all your customer service data and channels together in one place and helps scale your support through automation and self-service. The result? More time for proactive service that delights, retains, and grows your customer base. HubSpot provides software and support to help businesses grow better. The overall platform includes marketing, sales, service, and website management products that start free and scale to meet our customers’ needs at any stage of growth.

      Offices

      • Americas: Canada, Colombia, US
      • APAC: Australia, Japan, Singapore
      • EMEA: Belgium, France, Ireland, Germany, UK

      HubSpot Representative Customers

      Stated Industry Specializations

      • Covers an extremely wide range of industries, such as finance, education, healthcare, manufacturing, and retail.

      Software Review for HubSpot

      SoftwareReviews’ CSM Enterprise Vendor Ranking
      (out of 7)

      Likeliness to Recommend

      • 1st (88%)

      Plan to Renew

      • 1st (98%)

      Satisfaction That Cost Is Fair Relative to Value

      • 5th (78%)

      Strengths:

      • Vendor Support (1st)
      • Availability and Quality of Training (1st)
      • Ease of IT Administration (1st)

      Areas to Improve:

      • Ease of Data Integration (5th)
      • Ease of Customization (5th)
      • Breadth of Features (7th)

      HubSpot

      History

      Founded 2006
      2013 Opens first international office in Ireland.
      2014 First IPO listing on NYSE, raising $140M.
      2015 Milestone for acquiring 15,000 customers
      2017 Acquires Kemvi for AI and ML support for sales teams.
      2019 Acquires PieSync for customer data synchronization.
      2021 Yamini Rangan is announced as new CEO.
      2021 Records $1B in revenues.

      HubSpot is a competitive player in the enterprise sales and marketing technology market. Offering an all-in-one platform, HubSpot allows users to leverage its CRM, marketing solutions, content management tool, and CSM tool. Across knowledge management, contact center integration, and customer self-service, SoftwareReviews data pits HubSpot as performing better than its enterprise competitors.

      While customers can leverage HubSpot’s CSM tool independently, watch out for scope creep. HubSpot’s other offerings are tightly integrated and module extensions could quickly add up in price. HubSpot may not be affordable for most regional, mid-sized organizations, and a poor ROI may be expected. For instance, the Pro plan is required to get a knowledge base, which is typically a standard CSM feature – yet the same plan also comes with multicurrency support, which could remain unleveraged.
      Thomas Randall
      Research Director, Info-Tech Research Group

      Free Starter Pro Enterprise
      • $0 month
      • Ticketing
      • Live chat
      • 200 notifications per month
      • $45 month
      • 5,000 email templates
      • White label
      • 500 calling minutes
      • $450 month
      • 30 currencies
      • Knowledge base
      • Up to 300 workflows
      • $1,200 month
      • Conversation intelligence
      • SSO

      *Pricing correct as of November 2022. Listed in USD and absent discounts.
      See pricing on vendor’s website for latest information.

      Salesforce

      Est. 1999 | CA, USA | CRM:NYSE

      Bio

      Service Cloud customer service software gives you faster, smarter customer support. Salesforce provides customer relationship management software and applications focused on sales, customer service, marketing automation, analytics, and application development.

      Offices

      • Americas: US
      • APAC: Australia, India, Singapore
      • EMEA: France, Germany, Netherlands, UK

      Salesforce Representative Customers

      Stated Industry Specializations

      • Covers an extremely wide range of industries, such as finance, education, government, healthcare, manufacturing, and retail.

      Software Review for Salesforce

      SoftwareReviews’ CSM Enterprise Vendor Ranking
      (out of 7)

      Likeliness to Recommend

      • 6th (81%)

      Plan to Renew

      • 2nd (96%)

      Satisfaction That Cost Is Fair Relative to Value

      • 4th (79%)

      Strengths:

      • Usability and Intuitiveness (5th)
      • Breadth of Features (5th)
      • Ease of Implementation (6th)

      Areas to Improve:

      • Ease of IT Administration (7th)
      • Availability and Quality of Training (7th)
      • Ease of Customization (7th)

      Salesforce

      History

      Founded 1999
      2000 Salesforce launches its cloud-based products.
      2003 The first Dreamforce (a leading CX conference) happens.
      2005 Salesforce unveils AppExchange.
      2013 Salesforce acquires ExactTarget and expands Marketing Cloud offering.
      2016 Salesforce acquires Demandware, launches Commerce Cloud.
      2019 Salesforce acquires Tableau to expand business intelligence capabilities.
      2021 Salesforce buys major collaboration vendor Slack.

      Salesforce was an early disruptor in CRM marketspace, placing a strong emphasis on a SaaS delivery model and end-user experience. This allowed Salesforce to rapidly gain market share at the expense of complacent enterprise application vendors. A series of savvy acquisitions over the years has allowed Salesforce to augment its core Sales and Service Clouds with a wide variety of other solutions, from ecommerce to marketing automation – and recently Slack for internal collaboration.

      Salesforce Service Cloud Voice is now available to take advantage of integrating telephony and voice channels into your CRM. This service is still maturing, though, with Salesforce selecting Amazon Connect as its preferred integrator. However, Connect is not necessarily plug-and-play – it is a communications platform as a service, requiring you to build your own contact center solution. This is either a fantastic opportunity for creativity or a time suck of already tied-up resources.
      Thomas Randall
      Research Director, Info-Tech Research Group

      Service Cloud Essentials Service Cloud Professional Service Cloud Enterprise Service Cloud Unlimited
      • $25 user/month
      • Small businesses after basic functionality
      • $75 user/month
      • Mid-market target
      • $150 user/month
      • Enterprise target
      • Web Services API
      • $300 user/month
      • Strong upmarket feature additions

      *Pricing correct as of November 2022. Listed in USD and absent discounts.
      See pricing on vendor’s website for latest information.

      Zendesk

      Est. 2007 | CA, USA | ZEN:NYSE

      Bio

      Zendesk streamlines your support with time-saving tools like ticket views, triggers, and automations. This helps you get straight to what matters most – better customer service and more meaningful conversations. Today, Zendesk is the champion of great service everywhere for everyone and powers billions of conversations, connecting more than 100,000 brands with hundreds of millions of customers over telephony, chat, email, messaging, social channels, communities, review sites, and help centers.

      Offices

      • Americas: Brazil, Canada, US
      • APAC: Australia, China, India, Indonesia, Japan, Korea, Malaysia, Philippines, Singapore, Thailand, Vietnam
      • EMEA: Denmark, France, Germany, Ireland, Italy, Netherlands, Poland, Spain, Sweden, UK

      Zendesk Representative Customers

      Stated Industry Specializations

      • Education
      • Finance
      • Government
      • Healthcare
      • Manufacturing
      • Media
      • Retail
      • Software
      • Telecommunications

      Software Review for Zendesk

      SoftwareReviews’ CSM Enterprise Vendor Ranking
      (out of 7)

      Likeliness to Recommend

      • 5th (81%)

      Plan to Renew

      • 5th (94%)

      Satisfaction That Cost Is Fair Relative to Value

      • 6th (77%)

      Strengths

      • Ease of IT Administration (2nd)
      • Ease of Implementation (5th)
      • Quality of Features (5th)

      Areas to Improve

      • Business Value Created (7th)
      • Vendor Support (7th)
      • Product Strategy and Rate of Improvement (7th)

      Zendesk

      History

      Founded 2007
      2008 Initial seed funding of $500,000.
      2009 Receives $6M through Series B Funding.
      2009 Relocates from Copenhagen to San Francisco.
      2014 Acquires Zopin Technologies.
      2014 Listed on NYSE.
      2015 Acquires We Are Cloud SAS.
      2018 Launches Zendesk Sell.

      Zendesk is a global player in the CSM tool marketspace and works with enterprises across a wide variety of industries. Unlike some other CSM players, Zendesk provides more service channels at its lowest licensing offer, affording organizations a quicker expansion in customer service delivery without making enterprise-grade investments. However, the price of the lowest licensing offer starts much higher than Zendesk’s competitors; organizations will need to consider if the cost to try Zendesk over an annual contract is within budget.

      Unfortunately, SoftwareReviews data suggests that Zendesk may not always provide that immediate value, especially to mid-sized organizations. Zendesk is rated lower for vendor support and business value created. However, Zendesk provides strong functionality that competes with other enterprise players, and mid-sized organizations are continually impressed with Zendesk’s automation workflows.
      Thomas Randall
      Research Director, Info-Tech Research Group

      *Pricing correct as of November 2022. Listed in USD and absent discounts.
      See pricing on vendor’s website for latest information.

      Team Growth Pro
      • $49 user/month
      • Ticketing
      • Email, voice, SMS, and live chat channels
      • $79 user/month
      • AI-powered knowledge management
      • Self-service portal
      • $99 user/month
      • HIPAA compliance
      • Customizable dashboards

      LiveChat

      Est. 2002 | Poland | WSE:LVC

      Bio

      Manage all emails from customers in one app and save time on customer support. LiveChat is a real-time live-chat software tool for ecommerce sales and support that is helping ecommerce companies create a new sales channel. It serves more than 30,000 businesses in over 150 countries, including large brands like Adobe, Asus, LG, Acer, Better Business Bureau, and Air Asia and startups like SproutSocial, Animoto, and HasOffers.

      Offices

      • Americas: US
      • EMEA: Poland

      LiveChat Representative Customers

      Stated Industry Specializations

      • eCommerce
      • Education
      • Finance
      • Software and IT

      Software Review for LiveChat

      SoftwareReviews’ CSM Midmarket Vendor Ranking
      (out of 8)

      Likeliness to Recommend

      • 1st (93%)

      Plan to Renew

      • 4th (92%)

      Satisfaction That Cost Is Fair Relative to Value

      • 5th (83%)

      Strengths

      • Product Strategy and Rate of Improvement (1st)
      • Usability and Intuitiveness (1st)
      • Breadth of Features (1st)

      Areas to Improve

      • Ease of Implementation (5th)
      • Ease of IT Administration (5th)
      • Ease of Customization (7th)

      LiveChat

      History

      Founded 2002
      2006 50% of company stock bought by Capital Partners.
      2008 Capital Partners sells entire stake to Naspers.
      2011 LiveChat buys back majority of stakeholder shares.
      2013 Listed by Red Herring in group of most innovative companies across Europe.
      2014 Listed on Warsaw Stock Exchange.
      2019 HelpDesk is launched.
      2020 Offered services for free to organizations helping mitigate the pandemic.

      LiveChat’s HelpDesk solution for CSM is a relatively recent solution (2019) that is proving very popular for small to mid-sized businesses (SMBs) – especially across Western Europe. SoftwareReviews’ data shows that HelpDesk is well-rated for breadth of features, usability and intuitiveness, and rate of improvement. Indeed, LiveChat has won and been shortlisted for several awards over the past decade for customer feedback, innovation, and fast growth to IPO.

      When shortlisting LiveChat’s HelpDesk, SMBs should be careful of scope creep. LiveChat offers a range of other solutions that are intended to work together. The LiveChat self-titled product is designed to integrate with HelpDesk to provide ticketing, email management, and chat management. Moreover, LiveChat’s AI-based ChatBot (for automated webchat) comes with additional cost (starting at $52 team/month).
      Thomas Randall
      Research Director, Info-Tech Research Group

      Team Plan Enterprise
      • $29 user/month.
      • Customized canned responses
      • Real-time reporting
      • Request quote
      • White labelling
      • Product training
      • Account manager

      *Pricing correct as of November 2022. Listed in USD and absent discounts.
      See pricing on vendor’s website for latest information.

      ManageEngine

      Est. 1996 | India | Privately Owned

      Bio

      SupportCenter Plus is a web-based customer support software that lets organizations effectively manage customer tickets, their account and contact information, and their service contracts, and in the process provide a superior customer experience. ManageEngine is a division of Zoho.

      Offices

      • Americas: Brazil, Colombia, Mexico, US
      • APAC: Australia, China, India, Japan, Singapore
      • EMEA: Netherlands, Saudi Arabia, South Africa, UAE, UK

      ManageEngine Representative Customers

      Stated Industry Specializations

      • None stated but representative customers cover manufacturing, R&D, real estate, and transportation.

      Software Review for ManageEngine

      SoftwareReviews’ CSM Midmarket Vendor Ranking
      (out of 8)

      Likeliness to Recommend

      • 6th (85%)

      Plan to Renew

      • 5th (91%)

      Satisfaction That Cost Is Fair Relative to Value

      • 6th (83%)

      Strengths

      • Ease of Customization (1st)
      • Ease of Implementation (2nd)
      • Ease of IT Administration (2nd)

      Areas to Improve

      • Quality of Features (4th)
      • Usability and Intuitiveness (6th)
      • Availability and Quality of Training (8th)

      ManageEngine

      History

      Founded 1996
      2002 Branches from Zoho to become division focused on IT management.
      2004 Becomes an authorized MySQL Partner.
      2009 Begins shift of offerings into the cloud.
      2010 Tops 35,000 customers.
      2011 Integration with Zoho Assist.
      2015 Integration with Zoho Reports.

      ManageEngine, as a division of Zoho, has its strengths in IT operations management (ITOM). SupportCenter thus scores well in our SoftwareReviews data for ease of customization, implementation, and administration. As ManageEngine is a frequently discussed low-cost vendor in the ITOM market, customers often get good scalability across IT, sales, and marketing teams. Although SupportCenter is aimed at the midmarket and is low cost, organizations have the benefit of ManageEngine’s global presence and backing by Zoho for viability.

      However, because ManageEngine’s focus is ITOM, the breadth and quality of features for SupportCenter are not rated as well compared to its competitors. These features may be “good enough,” but usability and intuitiveness is not scored high. Organizations thinking about SupportCenter are recommended to identify their high-value use cases and perform user acceptance testing before adopting.
      Thomas Randall
      Research Director, Info-Tech Research Group

      Standard* Pro* Enterprise*
      • Account and contact management
      • Knowledge base
      • SLA management
      • Customer portal
      • Active Directory integration
      • Reporting and dashboards
      • Billing contracts
      • Live chat
      • APIs
      • Automation tools

      *Pricing unavailable. Request quote.
      See pricing on vendor’s website for latest information.

      Zoho Desk

      Est. 1996 | India | Privately Owned

      Bio

      Use the power of customer context to improve agent productivity, promote self-service, manage cross-functional service processes, and increase customer happiness. Zoho offers beautifully smart software to help you grow your business. With over 80 million users worldwide, Zoho's 55+ products (including Zoho Desk) aid your sales and marketing, support and collaboration, finance, and recruitment needs – letting you focus only on your business.

      Offices

      • Americas: Brazil, Colombia, Mexico, US
      • APAC: Australia, China, India, Japan, Singapore
      • EMEA: Netherlands, Saudi Arabia, South Africa, UAE, UK

      Zoho Desk Representative Customers

      Stated Industry Specializations

      • Covers an extremely wide range of industries, such as finance, education, government, healthcare, manufacturing, and retail.

      Software Review for Zoho Desk

      SoftwareReviews’ CSM Midmarket Vendor Ranking
      (out of 8)

      Likeliness to Recommend

      • 2nd (90%)

      Plan to Renew

      • 2nd (98%)

      Satisfaction That Cost Is Fair Relative to Value

      • 3rd (83%)

      Strengths

      • Breadth of Features (2nd)
      • Quality of Features (3rd)
      • Ease of Implementation (3rd)

      Areas to Improve

      • Business Value Created (5th)
      • Ease of Data Integration (5th)
      • Product Strategy and Rate of Improvements (5th)

      Zoho Desk

      History

      Founded 1996
      2001 Expands into Japan and shifts focus to SMBs.
      2006 Zoho CRM is launched, alongside first Office suite.
      2008 Reaches 1M users.
      2009 Rebrands from AdventNet to Zoho Corp.
      2011 Zoho Desk is built and launched.
      2017 Zoho One, a suite of applications, is launched.
      2020 Reaches 50M users.

      Zoho Desk is one of the highest scoring CSM tool providers for likelihood to renew and recommend (98% and 90%, respectively). A major reason is that users receive a broad range of functionality for a lower-cost price model. There is also the capacity to scale with Zoho Desk as midmarket customers expand; companies can grow with Zoho and can receive high return on investment in the process.

      However, while Zoho Desk can be used as a standalone CSM tool, there is danger of scope creep with other Zoho products. Zoho now has 50+ applications, all tied into one another. For Zoho Desk, customers may also lean into Zoho Assist (for troubleshooting customer problems via remote access) and Zoho Lens (for reality-based remote assistance, typically for plant machinery or servers). Consequently, customers should keep an eye on business value created if the scope of CSM grows wider.
      Thomas Randall
      Research Director, Info-Tech Research Group

      Standard Pro Enterprise
      • $14 user/month
      • 1 social media channel
      • 5 workflow rules
      • $23 user/month
      • Telephony channel
      • Round-robin ticket assignment
      • Ticket sharing
      • $40 user/month
      • Live chat
      • Contract management SLAs

      *Pricing correct as of November 2022. Listed in USD and absent discounts.
      See pricing on vendor’s website for latest information.

      Summary of AccomplishmentSuccessful selection of a CSM tool

      In this trends and buyer’s guide for CSM tool selection, we engaged in several activities to:

      1. Contextualize the CSM technology marketspace.
      2. Engage in a selection process for CSM tools.

      The result:

      • Understanding of key trends and differentiating features in the CSM marketspace.
      • Determination of your organization’s customer service maturity (and thus if a standalone CSM tool is relevant).
      • Identification of high-value use cases that CSM tools should successfully enable.
      • Evaluation of major vendors in the CSM marketspace to discover the best-fitting provider.
      • Procurement items to finalize selection process.

      If you would like additional support, have our analysts guide you through an Info-Tech workshop or Guided Implementation

      Contact your account representative for more information.
      workshops@infotech.com
      1-888-670-8889

      Related Info-Tech Research

      Governance and Management of Enterprise Software Implementation

      • Being Agile will increase the likelihood of success.

      The Rapid Application Selection Framework

      • Application selection is a critical activity for IT departments. Implement a repeatable, data-driven approach that accelerates application selection efforts.

      Build a Strong Technology Foundation for Customer Experience Management

      • Design an end-to-end technology strategy to drive sales revenue, enhance marketing effectiveness, and create compelling experiences for your customers.

      Bibliography

      Capers, Zach. “How the Pandemic Changed Customer Attitudes Toward Biometric Technology.” GetApp, 21 Feb. 2022. Accessed Nov. 2022.

      Gomez, Jenny. “The Good, the Bad, and the Ugly: A History of Customer Service.” Lucidworks, 15 Jul. 2021. Accessed Nov. 2022.

      Hoory. “History of Customer Service: How Did It All Begin?” Hoory, 24 Mar. 2022. Accessed Nov. 2022.

      Patel, Snigdha. “Top 10 Customer Service Technology Trends to Follow in 2022.” Reve Chat, 21 Feb. 2021. Accessed Nov. 2022.

      RingCentral. “The 2020 Customer Communications Review: A Survey of How Consumers Prefer to Communicate with Businesses.” RingCentral, 2020. Accessed Nov. 2022.

      Robinson-Yu, Sarah. “What is a Knowledgebase? How Can It Help my Business?” Vanilla, 25 Feb. 2022. Accessed Nov. 2022.

      Salesforce. “The Complete History of CRM.” Salesforce, n.d. Accessed Nov. 2022.

      Salesforce. “State of the Connected Customer.” 5th ed. Salesforce, 2022. Accessed Nov. 2022.

      Sprinklr. “How AzkoNobel UK Reduced Response Times and Increased Engagement.” Sprinklr, 2021. Accessed Nov. 2022.

      Vermes, Krystle. “Study: 70% of Marketers Using Advanced Personalization Seeing 200% ROI.” KoMarketing, 2 Jun. 2020. Accessed Nov. 2022.

      Research Contributors and Experts

      Colin Taylor, CEO, The Taylor Research Group

      Colin Taylor
      CEO
      The Taylor Reach Group

      Recognized as one of the leading contact/call center pioneers and experts, Colin has received 30 awards on two continents for excellence in contact center management and has been acknowledged as a leader and influencer on the topics of call/contact centers, customer service, and customer experience, in published rankings on Huffington Post, Call Center Helper, and MindShift. Colin was recognized as number 6 in the global 100 for customer service.

      The Taylor Reach Group is a contact center, call center and customer experience (CX) consultancy specializing in CX consulting and call and contact center consulting, management, performance, technologies, site selection, tools, training development and center leadership training, center audits, benchmarking, and assessments.

      David Thomas, Customer Service Specialist, Freedom Mobile

      David Thomas
      Customer Service Specialist
      Freedom Mobile

      David Thomas has both managerial and hands-on experience with delivering quality service to Freedom Mobile customers. With several years being involved in training customer support and being at the forefront of retail during the pandemic, David has witnessed first-hand how to incentivize staff with the right metrics that create positive experiences for both staff and customers.

      Freedom Mobile Inc. is a Canadian wireless telecommunications provider owned by Shaw Communications. It has 6% market share of Canada, mostly in urban areas of Ontario, British Columbia, and Alberta. Freedom Mobile is the fourth-largest wireless carrier in Canada.

      A special thanks to three other anonymous contributors, all based in customer support and contact center roles for Canada’s National Park Booking Systems’ software provider.

      Get Started With Artificial Intelligence

      • Buy Link or Shortcode: {j2store}345|cart{/j2store}
      • member rating overall impact: 9.4/10 Overall Impact
      • member rating average dollars saved: $24,469 Average $ Saved
      • member rating average days saved: 18 Average Days Saved
      • Parent Category Name: Business Intelligence Strategy
      • Parent Category Link: /business-intelligence-strategy
      • It is hard to not hear about how AI is revolutionizing the world. Across all industries, new applications for AI are changing the way humans work and how we interact with technologies that are used in modern organizations.
      • It can be difficult to see the specific applications of AI for your business. With all of the talk about the AI revolution, it can be hard to tie the rapidly changing and growing field of AI to your industry and organization and to determine which technologies are worth serious time and investment, and which ones are too early and not worth your time.

      Our Advice

      Critical Insight

      • AI is not a magic bullet. Instead, it is a tool for speeding up data-driven decision making. A more appropriate term for current AI technology is data-enabled, automated, adaptive decision support. Use when appropriate.
      • Garbage in, garbage out still applies to AI ‒ and it is even more relevant! AI technology has its foundations in data. Lots of it. Relevant, accurate, and timely data is essential to the effective use of AI.
      • AI is a rapidly evolving field – and this means that you can learn from others more effectively. Using a use case-based approach, you can learn from the successes and failures of others to more rapidly narrow down how AI can show value for you.

      Impact and Result

      • Understand what AI really means in practice.
      • Learn what others are doing in your industry to leverage AI technologies for competitive advantage.
      • Determine the use cases that best apply to your situation for maximum value from AI in your environment.
      • Define your first AI proof-of-concept (PoC) project to start exploring what AI can do for you.
      • Separate the signal from the noise when wading through the masses of marketing material around AI.

      Get Started With Artificial Intelligence Research & Tools

      Start here – read the Executive Brief

      Read our concise Executive Brief to get up to speed with the rapid changes in AI technologies taking over the world today, review Info-Tech’s methodology, and understand the four ways we can support you on your AI journey.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Explore the possibilities

      Understand what AI really is in the modern world and how AI technologies impact the business functions.

      • Get Started With Artificial Intelligence – Phase 1: Explore the Possibilities

      2. Learn from your peers and give your AI a purpose

      Develop a good understanding of where AI is delivering value in your industry and other verticals. Determine the top three business goals to get value from your AI and give your AI a purpose.

      • Get Started With Artificial Intelligence – Phase 2: Learn From Your Peers and Give Your AI a Purpose

      3. Select your first AI PoC

      Brainstorm your AI PoC projects, prioritize and sequence your AI ideas, select your first AI PoC, and create a minimum viable business case for this use case.

      • Get Started With Artificial Intelligence – Phase 3: Select Your First AI PoC
      • Idea Reservoir Tool
      • Minimum Viable Business Case Document
      • Prototyping Workbook
      [infographic]

      Mergers & Acquisitions: The Sell Blueprint

      • Buy Link or Shortcode: {j2store}324|cart{/j2store}
      • member rating overall impact: N/A
      • member rating average dollars saved: N/A
      • member rating average days saved: N/A
      • Parent Category Name: IT Strategy
      • Parent Category Link: /it-strategy

      There are four key scenarios or entry points for IT as the selling/divesting organization in M&As:

      • IT can suggest a divestiture to meet the business objectives of the organization.
      • IT is brought in to strategy plan the sale/divestiture from both the business’ and IT’s perspectives.
      • IT participates in due diligence activities and complies with the purchasing organization’s asks.
      • IT needs to reactively prepare its environment to enable the separation.

      Consider the ideal scenario for your IT organization.

      Our Advice

      Critical Insight

      Divestitures are inevitable in modern business, and IT’s involvement in the process should be too. This progression is inspired by:

      • The growing trend for organizations to increase, decrease, or evolve through these types of transactions.
      • A maturing business perspective of IT, preventing the difficulty that IT is faced with when invited into the transaction process late.
      • Transactions that are driven by digital motivations, requiring IT’s expertise.
      • There never being such a thing as a true merger, making the majority of M&A activity either acquisitions or divestitures.

      Impact and Result

      Prepare for a sale/divestiture transaction by:

      • Recognizing the trend for organizations to engage in M&A activity and the increased likelihood that, as an IT leader, you will be involved in a transaction in your career.
      • Creating a standard strategy that will enable strong program management.
      • Properly considering all the critical components of the transaction and integration by prioritizing tasks that will reduce risk, deliver value, and meet stakeholder expectations.

      Mergers & Acquisitions: The Sell Blueprint Research & Tools

      Start here – read the Executive Brief

      Read our concise Executive Brief to find out how your organization can excel its reduction strategy by engaging in M&A transactions. Review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Proactive Phase

      Be an innovative IT leader by suggesting how and why the business should engage in an acquisition or divestiture.

      • One-Pager: M&A Proactive
      • Case Study: M&A Proactive
      • Information Asset Audit Tool
      • Data Valuation Tool
      • Enterprise Integration Process Mapping Tool
      • Risk Register Tool
      • Security M&A Due Diligence Tool
      • Service Catalog Internal Service Level Agreement Template

      2. Discovery & Strategy

      Create a standardized approach for how your IT organization should address divestitures or sales.

      • One-Pager: M&A Discovery & Strategy – Sell
      • Case Study: M&A Discovery & Strategy – Sell

      3. Due Diligence & Preparation

      Comply with due diligence, prepare the IT environment for carve-out possibilities, and establish the separation project plan.

      • One-Pager: M&A Due Diligence & Preparation – Sell
      • Case Study: M&A Due Diligence & Preparation – Sell
      • IT Due Diligence Charter
      • IT Culture Diagnostic
      • M&A Separation Project Management Tool (SharePoint)
      • SharePoint Template: Step-by-Step Deployment Guide
      • M&A Separation Project Management Tool (Excel)

      4. Execution & Value Realization

      Deliver on the separation project plan successfully and communicate IT’s transaction value to the business.

      • One-Pager: M&A Execution & Value Realization – Sell
      • Case Study: M&A Execution & Value Realization – Sell

      Infographic

      Workshop: Mergers & Acquisitions: The Sell Blueprint

      Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

      1 Pre-Transaction Discovery & Strategy

      The Purpose

      Establish the transaction foundation.

      Discover the motivation for divesting or selling.

      Formalize the program plan.

      Create the valuation framework.

      Strategize the transaction and finalize the M&A strategy and approach.

      Key Benefits Achieved

      All major stakeholders are on the same page.

      Set up crucial elements to facilitate the success of the transaction.

      Have a repeatable transaction strategy that can be reused for multiple organizations.

      Activities

      1.1 Conduct the CIO Business Vision and CEO-CIO Alignment diagnostics.

      1.2 Identify key stakeholders and outline their relationship to the M&A process.

      1.3 Understand the rationale for the company's decision to pursue a divestiture or sale.

      1.4 Assess the IT/digital strategy.

      1.5 Identify pain points and opportunities tied to the divestiture/sale.

      1.6 Create the IT vision statement and mission statement and identify IT guiding principles and the transition team.

      1.7 Document the M&A governance.

      1.8 Establish program metrics.

      1.9 Create the valuation framework.

      1.10 Establish the separation strategy.

      1.11 Conduct a RACI.

      1.12 Create the communication plan.

      1.13 Prepare to assess target organizations.

      Outputs

      Business perspectives of IT

      Stakeholder network map for M&A transactions

      Business context implications for IT

      IT’s divestiture/sale strategic direction

      Governance structure

      M&A program metrics

      IT valuation framework

      Separation strategy

      RACI

      Communication plan

      Prepared to assess target organization(s)

      2 Mid-Transaction Due Diligence & Preparation

      The Purpose

      Establish the foundation.

      Discover the motivation for separation.

      Identify expectations and create the carve-out roadmap.

      Prepare and manage employees.

      Plan the separation roadmap.

      Key Benefits Achieved

      All major stakeholders are on the same page.

      Methodology identified to enable compliance during due diligence.

      Employees are set up for a smooth and successful transition.

      Separation activities are planned and assigned.

      Activities

      2.1 Gather and evaluate the stakeholders involved, M&A strategy, future-state operating model, and governance.

      2.2 Review the business rationale for the divestiture/sale.

      2.3 Establish the separation strategy.

      2.4 Create the due diligence charter.

      2.5 Create a list of IT artifacts to be reviewed in the data room.

      2.6 Create a carve-out roadmap.

      2.7 Create a service/technical transaction agreement.

      2.8 Measure staff engagement.

      2.9 Assess the current culture and identify the goal culture.

      2.10 Create employee transition and functional workplans.

      2.11 Establish the separation roadmap.

      2.12 Establish and align project metrics with identified tasks.

      2.13 Estimate integration costs.

      Outputs

      Stakeholder map

      IT strategy assessed

      IT operating model and IT governance structure defined

      Business context implications for IT

      Separation strategy

      Due diligence charter

      Data room artifacts

      Carve-out roadmap

      Service/technical transaction agreement

      Engagement assessment

      Culture assessment

      Employee transition and functional workplans

      Integration roadmap and associated resourcing

      3 Post-Transaction Execution & Value Realization

      The Purpose

      Establish the transaction foundation.

      Discover the motivation for separation.

      Plan the separation roadmap.

      Prepare employees for the transition.

      Engage in separation.

      Assess the transaction outcomes.

      Key Benefits Achieved

      All major stakeholders are on the same page.

      Separation activities are planned and assigned.

      Employees are set up for a smooth and successful transition.

      Separation strategy and roadmap are executed to benefit the organization.

      Review what went well and identify improvements to be made in future transactions.

      Activities

      3.1 Identify key stakeholders and outline their relationship to the M&A process.

      3.2 Gather and evaluate the M&A strategy, future-state operating model, and governance.

      3.3 Review the business rationale for the divestiture/sale.

      3.4 Establish the separation strategy.

      3.5 Prioritize separation tasks.

      3.6 Establish the separation roadmap.

      3.7 Establish and align project metrics with identified tasks.

      3.8 Estimate separation costs.

      3.9 Measure staff engagement.

      3.10 Assess the current culture and identify the goal culture.

      3.11 Create employee transition and functional workplans.

      3.12 Complete the separation by regularly updating the project plan.

      3.13 Assess the service/technical transaction agreement.

      3.14 Confirm separation costs.

      3.15 Review IT’s transaction value.

      3.16 Conduct a transaction and separation SWOT.

      3.17 Review the playbook and prepare for future transactions.

      Outputs

      M&A transaction team

      Stakeholder map

      IT strategy assessed

      IT operating model and IT governance structure defined

      Business context implications for IT

      Separation strategy

      Separation roadmap and associated resourcing

      Engagement assessment

      Culture assessment

      Employee transition and functional workplans

      Updated separation project plan

      Evaluated service/technical transaction agreement

      SWOT of transaction

      M&A Sell Playbook refined for future transactions

      Further reading

      Mergers & Acquisitions: The Sell Blueprint

      For IT leaders who want to have a role in the transaction process when their business is engaging in an M&A sale or divestiture.

      EXECUTIVE BRIEF

      Analyst Perspective

      Don’t wait to be invited to the M&A table, make it.

      Photo of Brittany Lutes, Research Analyst, CIO Practice, Info-Tech Research Group.
      Brittany Lutes
      Research Analyst,
      CIO Practice
      Info-Tech Research Group
      Photo of Ibrahim Abdel-Kader, Research Analyst, CIO Practice, Info-Tech Research Group.
      Ibrahim Abdel-Kader
      Research Analyst,
      CIO Practice
      Info-Tech Research Group

      IT has always been an afterthought in the M&A process, often brought in last minute once the deal is nearly, if not completely, solidified. This is a mistake. When IT is brought into the process late, the business misses opportunities to generate value related to the transaction and has less awareness of critical risks or inaccuracies.

      To prevent this mistake, IT leadership needs to develop strong business relationships and gain respect for their innovative suggestions. In fact, when it comes to modern M&A activity, IT should be the ones suggesting potential transactions to meet business needs, specifically when it comes to modernizing the business or adopting digital capabilities.

      IT needs to stop waiting to be invited to the acquisition or divestiture table. IT needs to suggest that the table be constructed and actively work toward achieving the strategic objectives of the business.

      Executive Summary

      Your Challenge

      There are four key scenarios or entry points for IT as the selling/divesting organization in M&As:

      • IT can suggest a divestiture to meet the business objectives of the organization.
      • IT is brought in to strategy plan the sale/divestiture from both the business’ and IT’s perspectives.
      • IT participates in due diligence activities and complies with the purchasing organization’s asks.
      • IT needs to reactively prepare its environment to enable the separation.

      Consider the ideal scenario for your IT organization.

      Common Obstacles

      Some of the obstacles IT faces include:

      • IT is often told about the transaction once the deal has already been solidified and is now forced to meet unrealistic business demands.
      • The business does not trust IT and therefore does not approach IT to define value or reduce risks to the transaction process.
      • The people and culture element is forgotten or not given adequate priority.

      These obstacles often arise when IT waits to be invited into the transaction process and misses critical opportunities.

      Info-Tech's Approach

      Prepare for a sale/divestiture transaction by:

      • Recognizing the trend for organizations to engage in M&A activity and the increased likelihood that, as an IT leader, you will be involved in a transaction in your career.
      • Creating a standard strategy that will enable strong program management.
      • Properly considering all the critical components of the transaction and integration by prioritizing tasks that will reduce risk, deliver value, and meet stakeholder expectations.

      Info-Tech Insight

      As the number of merger, acquisition, and divestiture transactions continues to increase, so too does IT’s opportunity to leverage the growing digital nature of these transactions and get involved at the onset.

      The changing M&A landscape

      Businesses will embrace more digital M&A transactions in the post-pandemic world

      • When the pandemic occurred, businesses reacted by either pausing (61%) or completely cancelling (46%) deals that were in the mid-transaction state (Deloitte, 2020). The uncertainty made many organizations consider whether the risks would be worth the potential benefits.
      • However, many organizations quickly realized the pandemic is not a hindrance to M&A transactions but an opportunity. Over 16,000 American companies were involved in M&A transactions in the first six months of 2021 (The Economist). For reference, this had been averaging around 10,000 per six months from 2016 to 2020.
      • In addition to this transaction growth, organizations have increasingly been embracing digital. These trends increase the likelihood that, as an IT leader, you will engage in an M&A transaction. However, it is up to you when you get involved in the transactions.

      The total value of transactions in the year after the pandemic started was $1.3 billion – a 93% increase in value compared to before the pandemic. (Nasdaq)

      71% of technology companies anticipate that divestitures will take place as a result of the COVID-19 pandemic. (EY, 2020)

      Your challenge

      IT is often not involved in the M&A transaction process. When it is, it’s often too late.

      • The most important driver of an acquisition is the ability to access new technology (DLA Piper), and yet 50% of the time, IT isn’t involved in the M&A transaction at all (IMAA Institute, 2017).
      • Additionally, IT’s lack of involvement in the process negatively impacts the business:
        • Most organizations (60%) do not have a standardized approach to integration (Steeves and Associates), let alone separation.
        • Two-thirds of the time, the divesting organization and acquiring organization will either fail together or succeed together (McKinsey, 2015).
        • Less than half (47%) of organizations actually experience the positive results sought by the M&A transaction (Steeves and Associates).
      • Organizations pursuing M&A and not involving IT are setting themselves up for failure.

      Only half of M&A deals involve IT (Source: IMAA Institute, 2017)

      Common Obstacles

      These barriers make this challenge difficult to address for many organizations:

      • IT is rarely afforded the opportunity to participate in the transaction deal. When IT is invited, this often happens later in the process where separation will be critical to business continuity.
      • IT has not had the opportunity to demonstrate that it is a valuable business partner in other business initiatives.
      • One of the most critical elements that IT often doesn’t take the time or doesn’t have the time to focus on is the people and leadership component.
      • IT waits to be invited to the process rather then actively involving themselves and suggesting how value can be added to the process.

      In hindsight, it’s clear to see: Involving IT is just good business.

      47% of senior leaders wish they would have spent more time on IT due diligence to prevent value erosion. (Source: IMAA Institute, 2017)

      “Solutions exist that can save well above 50 percent on divestiture costs, while ensuring on-time delivery.” (Source: SNP)

      Info-Tech's approach

      Acquisitions & Divestitures Framework

      Acquisitions and divestitures are inevitable in modern business, and IT’s involvement in the process should be too. This progression is inspired by:

      1. The growing trend for organizations to increase, decrease, or evolve through these types of transactions.
      2. Transactions that are driven by digital motivations, requiring IT’s expertise.
      3. A maturing business perspective of IT, preventing the difficulty that IT is faced with when invited into the transaction process late.
      4. There never being such a thing as a true merger, making the majority of M&A activity either acquisitions or divestitures.
      A diagram highlighting the 'IT Executives' Role in Acquisitions and Divestitures' when they are integrated at different points in the 'Core Business Timeline'. There are four main entry points 'Proactive', 'Discovery and Strategy', 'Due Diligence and Preparation', and 'Execution and Value Realized'. It is highlighted that IT can and should start at 'Proactive', but most organizations start at 'Execution and Value Realized'. 'Proactive': suggest opportunities to evolve the organization; prove IT's value and engage in growth opportunities early. Innovators start here. Steps of the business timeline in 'Proactive' are 'Organization strategies are defined' and 'M and A is considered to enable strategy'. After a buy or sell transaction is initiated is 'Discovery and Strategy': pre-transaction state. If it is a Buy transaction, 'Establish IT's involvement and approach'. If it is a Sell transaction, 'Prepare to engage in negotiations'. Business Partners start here. Steps of the business timeline in 'Discovery and Strategy' are 'Searching criteria is set', 'Potential candidates are considered', and 'LOI is sent/received'. 'Due Diligence and Preparation': mid-transaction state. If it is a Buy transaction, 'Identify potential transaction benefits and risks'. If it is a Sell transaction, 'Comply, communicate, and collaborate in transaction'. Trusted Operators start here. Steps of the business timeline in 'Due Diligence and Preparation' are 'Due diligence engagement occurs', 'Final agreement is reached', and 'Preparation for transaction execution occurs'. 'Execution and Value Realization': post-transaction state. If it is a Buy transaction, 'Integrate the IT environments and achieve business value'. If it is a Sell transaction, 'Separate the IT environment and deliver on transaction terms'. Firefighters start here. Steps of the business timeline in 'Execution and Value Realization' are 'Staff and operations are addressed appropriately', 'Day 1 of implementation and integration activities occurs', '1st 100 days of new entity state occur' and 'Ongoing risk mitigating and value creating activities occur'.

      The business’ view of IT will impact how soon IT can get involved

      There are four key entry points for IT

      A colorful visualization of the four key entry points for IT and a fifth not-so-key entry point. Starting from the top: 'Innovator', Information and Technology as a Competitive Advantage, 90% Satisfaction; 'Business Partner', Effective Delivery of Strategic Business Projects, 80% Satisfaction; 'Trusted Operator', Enablement of Business Through Application and Work Orders, 70% Satisfaction; 'Firefighter', Reliable Infrastructure and IT Service Desk, 60% Satisfaction; and then 'Unstable', Inability to Consistently Deliver Basic Services, <60% Satisfaction.
      1. Innovator: IT suggests a sale or divestiture to meet the business objectives of the organization.
      2. Business Partner: IT is brought in to strategy plan the sale/divestiture from both the business’ and IT’s perspective.
      3. Trusted Operator: IT participates in due diligence activities and complies with the purchasing organization’s asks.
      4. Firefighter: IT needs to reactively prepare its environment in order to enable the separation.

      Merger, acquisition, and divestiture defined

      Merger

      A merger looks at the equal combination of two entities or organizations. Mergers are rare in the M&A space, as the organizations will combine assets and services in a completely equal 50/50 split. Two organizations may also choose to divest business entities and merge as a new company.

      Acquisition

      The most common transaction in the M&A space, where an organization will acquire or purchase another organization or entities of another organization. This type of transaction has a clear owner who will be able to make legal decisions regarding the acquired organization.

      Divestiture

      An organization may decide to sell partial elements of a business to an acquiring organization. They will separate this business entity from the rest of the organization and continue to operate the other components of the business.

      Info-Tech Insight

      A true merger does not exist, as there is always someone initiating the discussion. As a result, most M&A activity falls into acquisition or divestiture categories.

      Selling vs. buying

      The M&A process approach differs depending on whether you are the selling or buying organization

      This blueprint is only focused on the sell side:

      • Examples of sell-related scenarios include:
        • Your organization is selling to another organization with the intent of keeping its regular staff, operations, and location. This could mean minimal separation is required.
        • Your organization is selling to another organization with the intent of separating to be a part of the purchasing organization.
        • Your organization is engaging in a divestiture with the intent of:
          • Separating components to be part of the purchasing organization permanently.
          • Separating components to be part of a spinoff and establish a unit as a standalone new company.
      • As the selling organization, you could proactively seek out suitors to purchase all or components of your organization, or you could be approached by an organization.

      The buy side is focused on:

      • More than two organizations could be involved in a transaction.
      • Examples of buy-related scenarios include:
        • Your organization is buying another organization with the intent of having the purchased organization keep its regular staff, operations, and location. This could mean minimal integration is required.
        • Your organization is buying another organization in its entirety with the intent of integrating it into your original company.
        • Your organization is buying components of another organization with the intent of integrating them into your original company.
      • As the purchasing organization, you will probably be initiating the purchase and thus will be valuating the selling organization during due diligence and leading the execution plan.

      For more information on acquisitions or purchases, check out Info-Tech’s Mergers & Acquisitions: The Buy Blueprint.

      Core business timeline

      For IT to be valuable in M&As, you need to align your deliverables and your support to the key activities the business and investors are working on.

      Info-Tech’s methodology for Selling Organizations in Mergers, Acquisitions, or Divestitures

      1. Proactive

      2. Discovery & Strategy

      3. Due Diligence & Preparation

      4. Execution & Value Realization

      Phase Steps
      1. Identify Stakeholders and Their Perspective of IT
      2. Assess IT’s Current Value and Future State
      3. Drive Innovation and Suggest Growth Opportunities
      1. Establish the M&A Program Plan
      2. Prepare IT to Engage in the Separation or Sale
      1. Engage in Due Diligence and Prepare Staff
      2. Prepare to Separate
      1. Execute the Transaction
      2. Reflection and Value Realization

      Phase Outcomes

      Be an innovative IT leader by suggesting how and why the business should engage in an acquisition or divestiture.

      Create a standardized approach for how your IT organization should address divestitures or sales.

      Comply with due diligence, prepare the IT environment for carve-out possibilities, and establish the separation project plan.

      Deliver on the separation project plan successfully and communicate IT’s transaction value to the business.

      Metrics for each phase

      1. Proactive

      2. Discovery & Strategy

      3. Valuation & Due Diligence

      4. Execution & Value Realization

      • % Share of business innovation spend from overall IT budget
      • % Critical processes with approved performance goals and metrics
      • % IT initiatives that meet or exceed value expectation defined in business case
      • % IT initiatives aligned with organizational strategic direction
      • % Satisfaction with IT's strategic decision-making abilities
      • $ Estimated business value added through IT-enabled innovation
      • % Overall stakeholder satisfaction with IT
      • % Percent of business leaders that view IT as an Innovator
      • % IT budget as a percent of revenue
      • % Assets that are not allocated
      • % Unallocated software licenses
      • # Obsolete assets
      • % IT spend that can be attributed to the business (chargeback or showback)
      • % Share of CapEx of overall IT budget
      • % Prospective organizations that meet the search criteria
      • $ Total IT cost of ownership (before and after M&A, before and after rationalization)
      • % Business leaders that view IT as a Business Partner
      • % Defects discovered in production
      • $ Cost per user for enterprise applications
      • % In-house-built applications vs. enterprise applications
      • % Owners identified for all data domains
      • # IT staff asked to participate in due diligence
      • Change to due diligence
      • IT budget variance
      • Synergy target
      • % Satisfaction with the effectiveness of IT capabilities
      • % Overall end-customer satisfaction
      • $ Impact of vendor SLA breaches
      • $ Savings through cost-optimization efforts
      • $ Savings through application rationalization and technology standardization
      • # Key positions empty
      • % Frequency of staff turnover
      • % Emergency changes
      • # Hours of unplanned downtime
      • % Releases that cause downtime
      • % Incidents with identified problem record
      • % Problems with identified root cause
      • # Days from problem identification to root cause fix
      • % Projects that consider IT risk
      • % Incidents due to issues not addressed in the security plan
      • # Average vulnerability remediation time
      • % Application budget spent on new build/buy vs. maintenance (deferred feature implementation, enhancements, bug fixes)
      • # Time (days) to value realization
      • % Projects that realized planned benefits
      • $ IT operational savings and cost reductions that are related to synergies/divestitures
      • % IT staff–related expenses/redundancies
      • # Days spent on IT separation
      • $ Accurate IT budget estimates
      • % Revenue growth directly tied to IT delivery
      • % Profit margin growth

      IT's role in the selling transaction

      And IT leaders have a greater likelihood than ever of needing to support a merger, acquisition, or divestiture.

      1. Reduced Risk

        IT can identify risks that may go unnoticed when IT is not involved.

      2. Increased Accuracy

        The business can make accurate predictions around the costs, timelines, and needs of IT.

      3. Faster Integration

        Faster integration means faster value realization for the business.

      4. Informed Decision Making

        IT leaders hold critical information that can support the business in moving the transaction forward.

      5. Innovation

        IT can suggest new opportunities to generate revenue, optimize processes, or reduce inefficiencies.

      The IT executive’s critical role is demonstrated by:

      • Reduced Risk

        47% of senior leaders wish they would have spent more time on IT due diligence to prevent value erosion (IMAA Institute, 2017).

      • Increased Accuracy

        Sellers often only provide 15 to 30 days for the acquiring organization to decide (Forbes, 2018), increasing the necessity of accurate pricing.

      • Faster Integration

        36% of CIOs have visibility into only business unit data, making the divestment a challenge (EY, 2021).

      • Informed Decision Making

        Only 38% of corporate and 22% of private equity firms include IT as a significant aspect in their transaction approach (IMAA Institute, 2017).

      • Innovation

        Successful CIOs involved in M&As can spend 70% of their time on aspects outside of IT and 30% of their time on technology and delivery (CIO).

      Playbook benefits

      IT Benefits

      • IT will be seen as an innovative partner to the business, and its suggestions and involvement in the organization will lead to benefits, not hindrances.
      • Develop a streamlined method to prepare the IT environment for potential carve-out and separations, ensuring risk management concerns are brought to the business’ attention immediately.
      • Create a comprehensive list of items that IT needs to do during the separation that can be prioritized and actioned.

      Business Benefits

      • The business will get accurate and relevant information about its IT environment in order to sell or divest the company to the highest bidder for a true price.
      • Fewer business interruptions will happen, because IT can accurately plan for and execute the high-priority separation tasks.
      • The business can obtain a high-value offer for the components of IT being sold and can measure the ongoing value the sale will bring.

      Insight summary

      Overarching Insight

      IT controls if and when it gets invited to support the business through a purchasing growth transaction. Take control of the process, demonstrate the value of IT, and ensure that separation of IT environments does not lead to unnecessary and costly decisions.

      Proactive Insight

      CIOs on the forefront of digital transformation need to actively look for and suggest opportunities to acquire or partner on new digital capabilities to respond to rapidly changing business needs.

      Discovery & Strategy Insight

      IT organizations that have an effective M&A program plan are more prepared for the transaction, enabling a successful outcome. A structured strategy is particularly necessary for organizations expected to deliver M&As rapidly and frequently.

      Due Diligence & Preparation Insight

      IT often faces unnecessary separation challenges because of a lack of preparation. Secure the IT environment and establish how IT will retain employees early in the transaction process.

      Execution & Value Realization Insight

      IT needs to demonstrate value and cost savings within 100 days of the transaction. The most successful transactions are when IT continuously realizes synergies a year after the transaction and beyond.

      Blueprint deliverables

      Key Deliverable: M&A Sell Playbook

      The M&A Sell Playbook should be a reusable document that enables your IT organization to successfully deliver on any divestiture transaction.

      Screenshots of the 'M and A Sell Playbook' deliverable.

      M&A Sell One-Pager

      See a one-page overview of each phase of the transaction.

      Screenshots of the 'M and A Sell One-Pagers' deliverable.

      M&A Sell Case Studies

      Read a one-page case study for each phase of the transaction.

      Screenshots of the 'M and A Sell Case Studies' deliverable.

      M&A Separation Project Management Tool (SharePoint)

      Manage the separation process of the divestiture/sale using this SharePoint template.

      Screenshots of the 'M and A Separation Project Management Tool (SharePoint)' deliverable.

      M&A Separation Project Management Tool (Excel)

      Manage the separation process of the divestiture/sale using this Excel tool if you can’t or don’t want to use SharePoint.

      Screenshots of the 'M and A Separation Project Management Tool (Excel)' deliverable.

      Info-Tech offers various levels of support to best suit your needs

      DIY Toolkit

      Guided Implementation

      Workshop

      Consulting
      "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

      Diagnostics and consistent frameworks used throughout all four options

      Guided Implementation

      What does a typical GI on this topic look like?

      A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

      A typical GI is between 6 to 10 calls over the course of 2 to 4 months.

        Proactive Phase

      • Call #1: Scope requirements, objectives, and your specific challenges.

        • Discovery & Strategy Phase

      • Call #2: Determine stakeholders and business perspectives on IT.
      • Call #3: Identify how M&A could support business strategy and how to communicate.

        • Due Diligence & Preparation Phase

      • Call #4: Establish a transaction team and divestiture/sale strategic direction.
      • Call #5: Create program metrics and identify a standard separation strategy.
      • Call #6: Prepare to carve out the IT environment.
      • Call #7: Identify the separation program plan.

        • Execution & Value Realization Phase

      • Call #8: Establish employee transitions to retain key staff.
      • Call #9: Assess IT’s ability to deliver on the divestiture/sale transaction.

      The Sell Blueprint

      Phase 1

      Proactive

      Phase 1

      		 Phase 2 Phase 3 Phase 4
      • 1.1 Identify Stakeholders and Their Perspective of IT
      • 1.2 Assess IT’s Current Value and Future State
      • 1.3 Drive Innovation and Suggest Reduction Opportunities
      • 2.1 Establish the M&A Program Plan
      • 2.2 Prepare IT to Engage in the Separation or Sale
      • 3.1 Engage in Due Diligence and Prepare Staff
      • 3.2 Prepare to Separate
      • 4.1 Execute the Transaction
      • 4.2 Reflection and Value Realization

      This phase will walk you through the following activities:

      • Conduct the CEO-CIO Alignment diagnostic
      • Conduct the CIO Business Vision diagnostic
      • Visualize relationships among stakeholders to identify key influencers
      • Group stakeholders into categories
      • Prioritize your stakeholders
      • Plan to communicate
      • Valuate IT
      • Assess the IT/digital strategy
      • Determine pain points and opportunities
      • Align goals to opportunities
      • Recommend reduction opportunities

      This phase involves the following participants:

      • IT and business leadership

      What is the Proactive phase?

      Embracing the digital drivers

      As the number of merger, acquisition, or divestiture transactions driven by digital means continues to increase, IT has an opportunity to not just be involved in a transaction but actively seek out potential deals.

      In the Proactive phase, the business is not currently considering a transaction. However, the business could consider one to reach its strategic goals. IT organizations that have developed respected relationships with the business leaders can suggest these potential transactions.

      Understand the business’ perspective of IT, determine who the critical M&A stakeholders are, valuate the IT environment, and examine how it supports the business goals in order to suggest an M&A transaction.

      In doing so, IT isn’t waiting to be invited to the transaction table – it’s creating it.

      Goal: To support the organization in reaching its strategic goals by suggesting M&A activities that will enable the organization to reach its objectives faster and with greater-value outcomes.

      Proactive Prerequisite Checklist

      Before coming into the Proactive phase, you should have addressed the following:

      • Understand what mergers, acquisitions, and divestitures are.
      • Understand what mergers, acquisitions, and divestitures mean for the business.
      • Understand what mergers, acquisitions, and divestitures mean for IT.

      Review the Executive Brief for more information on mergers, acquisitions, and divestitures for selling organizations.

      Proactive

      Step 1.1

      Identify M&A Stakeholders and Their Perspective of IT

      Activities

      • 1.1.1 Conduct the CEO-CIO Alignment diagnostic
      • 1.1.2 Conduct the CIO Business Vision diagnostic
      • 1.1.3 Visualize relationships among stakeholders to identify key influencers
      • 1.1.4 Group stakeholders into categories
      • 1.1.5 Prioritize your stakeholders
      • 1.16 Plan to communicate

      This step involves the following participants:

      • IT executive leader
      • IT leadership
      • Critical M&A stakeholders

      Outcomes of Step

      Understand how the business perceives IT and establish strong relationships with critical M&A stakeholders.

      Business executives' perspectives of IT

      Leverage diagnostics and gain alignment on IT’s role in the organization

      • To suggest or get involved with a merger, acquisition, or divestiture, the IT executive leader needs to be well respected by other members of the executive leadership team and the business.
      • Specifically, the Proactive phase relies on the IT organization being viewed as an Innovator within the business.
      • Identify how the CEO/business executive currently views IT and where they would like IT to move within the Maturity Ladder.
      • Additionally, understand how other critical department leaders view IT and how they view the partnership with IT.
      A colorful visualization titled 'Maturity Ladder' detailing levels of IT function that a business may choose from based on the business executives' perspectives of IT. Starting from the bottom: 'Struggle', Does not embarrass, Does not crash; 'Support', Keeps business happy, Keeps costs low; 'Optimize', Increases efficiency, Decreases costs; 'Expand', Extends into new business, Generates revenue; 'Transform', Creates new industry.

      Misalignment in target state requires further communication between the CIO and CEO to ensure IT is striving toward an agreed-upon direction.

      Info-Tech’s CIO Business Vision (CIO BV) diagnostic measures a variety of high-value metrics to provide a well-rounded understanding of stakeholder satisfaction with IT.

      Sample of Info-Tech's CIO Business Vision diagnostic measuring percentages of high-value metrics like 'IT Satisfaction' and 'IT Value' regarding business leader satisfaction. A note for these two reads 'Evaluate business leader satisfaction with IT this year and last year'. A section titled 'Relationship' has metrics such as 'Understands Needs' and 'Trains Effectively'. A note for this section reads 'Examine relationship indicators between IT and the business'. A section titled 'Security Friction' has metrics such as 'Regulatory Compliance-Driven' and 'Office/Desktop Security'.

      Business Satisfaction and Importance for Core Services

      The core services of IT are important when determining what IT should focus on. The most important services with the lowest satisfaction offer the largest area of improvement for IT to drive business value.

      Sample of Info-Tech's CIO Business Vision diagnostic specifically comparing the business satisfaction of 12 core services with their importance. Services listed include 'Service Desk', 'IT Security', 'Requirements Gathering', 'Business Apps', 'Data Quality', and more. There is a short description of the services, a percentage for the business satisfaction with the service, a percentage comparing it to last year, and a numbered ranking of importance for each service. A note reads 'Assess satisfaction and importance across 12 core IT capabilities'.

      1.1.1 Conduct the CEO-CIO Alignment diagnostic

      2 weeks

      Input: IT organization expertise and the CEO-CIO Alignment diagnostic

      Output: An understanding of an executive business stakeholder’s perception of IT

      Materials: M&A Sell Playbook, CEO-CIO Alignment diagnostic

      Participants: IT executive/CIO, Business executive/CEO

      1. The CEO-CIO Alignment diagnostic can be a powerful input. Speak with your Info-Tech account representative to conduct the diagnostic. Use the results to inform current IT capabilities.
      2. You may choose to debrief the results of your diagnostic with an Info-Tech analyst. We recommend this to help your team understand how to interpret and draw conclusions from the results.
      3. Examine the results of the survey and note where there might be specific capabilities that could be improved.
      4. Determine whether there are any areas of significant disagreement between the you and the CEO. Mark down those areas for further conversations. Additionally, take note of areas that could be leveraged to support transactions or support your rationale in recommending transactions.

      Download the sample report.

      Record the results in the M&A Sell Playbook.

      1.1.2 Conduct the CIO Business Vision diagnostic

      2 weeks

      Input: IT organization expertise, CIO BV diagnostic

      Output: An understanding of business stakeholder perception of certain IT capabilities and services

      Materials: M&A Buy Playbook, CIO Business Vision diagnostic

      Participants: IT executive/CIO, Senior business leaders

      1. The CIO Business Vision (CIO BV) diagnostic can be a powerful tool for identifying IT capability focus areas. Speak with your account representative to conduct the CIO BV diagnostic. Use the results to inform current IT capabilities.
      2. You may choose to debrief the results of your diagnostic with an Info-Tech analyst. We recommend this to help your team understand how to interpret the results and draw conclusions from the diagnostic.
      3. Examine the results of the survey and take note of any IT services that have low scores.
      4. Read through the diagnostic comments and note any common themes. Especially note which stakeholders identified they have a favorable relationship with IT and which stakeholders identified they have an unfavorable relationship. For those who have an unfavorable relationship, identify if they will have a critical role in a growth transaction.

      Download the sample report.

      Record the results in the M&A Sell Playbook.

      Create a stakeholder network map for M&A transactions

      Follow the trail of breadcrumbs from your direct stakeholders to their influencers to uncover hidden stakeholders.

      Example:

      Diagram of stakeholders and their relationships with other stakeholders, such as 'Board Members', 'CFO/Finance', 'Compliance', etc. with 'CIO/IT Leader' highlighted in the middle. There are unidirectional black arrows and bi-directional green arrows indicating each connection.

        Legend
      • Black arrows indicate the direction of professional influence
      • Dashed green arrows indicate bidirectional, informal influence relationships

      Info-Tech Insight

      Your stakeholder map defines the influence landscape that the M&A transaction will occur within. This will identify who holds various levels of accountability and decision-making authority when a transaction does take place.

      Use connectors to determine who may be influencing your direct stakeholders. They may not have any formal authority within the organization, but they may have informal yet substantial relationships with your stakeholders.

      1.1.3 Visualize relationships among stakeholders to identify key influencers

      1-3 hours

      Input: List of M&A stakeholders

      Output: Relationships among M&A stakeholders and influencers

      Materials: Flip charts, Markers, Sticky notes, M&A Sell Playbook

      Participants: IT executive leadership

      1. The purpose of this activity is to list all the stakeholders within your organization that will have a direct or indirect impact on the M&A transaction.
      2. Determine the critical stakeholders, and then determine the stakeholders of your stakeholders and consider adding each of them to the stakeholder list.
      3. Assess who has either formal or informal influence over your stakeholders; add these influencers to your stakeholder list.
      4. Construct a diagram linking stakeholders and their influencers together.
        • Use black arrows to indicate the direction of professional influence.
        • Use dashed green arrows to indicate bidirectional, informal influence relationships.

      Record the results in the M&A Sell Playbook.

      Categorize your stakeholders with a prioritization map

      A stakeholder prioritization map helps IT leaders categorize their stakeholders by their level of influence and ownership in the merger, acquisition, or divestiture process.

      A prioritization map of stakeholder categories split into four quadrants. The vertical axis is 'Influence', from low on the bottom to high on top. The horizontal axis is 'Ownership/Interest', from low on the left to high on the right. 'Spectators' are low influence, low ownership/interest. 'Mediators' are high influence, low ownership/interest. 'Noisemakers' are low influence, high ownership/interest. 'Players' are high influence, high ownership/interest.

      There are four areas in the map, and the stakeholders within each area should be treated differently.

      Players – players have a high interest in the initiative and the influence to effect change over the initiative. Their support is critical, and a lack of support can cause significant impediment to the objectives.

      Mediators – mediators have a low interest but significant influence over the initiative. They can help to provide balance and objective opinions to issues that arise.

      Noisemakers – noisemakers have low influence but high interest. They tend to be very vocal and engaged, either positively or negatively, but have little ability to enact their wishes.

      Spectators – generally, spectators are apathetic and have little influence over or interest in the initiative.

      1.1.4 Group stakeholders into categories

      30 minutes

      Input: Stakeholder map, Stakeholder list

      Output: Categorization of stakeholders and influencers

      Materials: Flip charts, Markers, Sticky notes, M&A Sell Playbook

      Participants: IT executive leadership, Stakeholders

      1. Identify your stakeholders’ interest in and influence on the M&A process as high, medium, or low by rating the attributes below.
      2. Map your results to the model to the right to determine each stakeholder’s category.

      Same prioritization map of stakeholder categories as before. This one has specific stakeholders mapped onto it. 'CFO' is mapped as low interest and middling influence, between 'Mediator' and 'Spectator'. 'CIO' is mapped as higher than average interest and high influence, a 'Player'. 'Board Member' is mapped as high interest and high influence, a 'Player'.

      Level of Influence
      • Power: Ability of a stakeholder to effect change.
      • Urgency: Degree of immediacy demanded.
      • Legitimacy: Perceived validity of stakeholder’s claim.
      • Volume: How loud their “voice” is or could become.
      • Contribution: What they have that is of value to you.
      Level of Interest

      How much are the stakeholder’s individual performance and goals directly tied to the success or failure of the product?

      Record the results in the M&A Sell Playbook.

      Prioritize your stakeholders

      There may be too many stakeholders to be able to manage them all. Focus your attention on the stakeholders that matter most.

      Level of Support

      Supporter

      Evangelist

      Neutral

      Blocker
      Stakeholder Category Player Critical High High Critical
      Mediator Medium Low Low Medium
      Noisemaker High Medium Medium High
      Spectator Low Irrelevant Irrelevant Low

      Consider the three dimensions for stakeholder prioritization: influence, interest, and support. Support can be determined by answering the following question: How significant is that stakeholder to the M&A or divestiture process?

      These parameters are used to prioritize which stakeholders are most important and should receive your focused attention.

      1.1.5 Prioritize your stakeholders

      30 minutes

      Input: Stakeholder matrix

      Output: Stakeholder and influencer prioritization

      Materials: Flip charts, Markers, Sticky notes, M&A Sell Playbook

      Participants: IT executive leadership, M&A/divestiture stakeholders

      1. Identify the level of support of each stakeholder by answering the following question: How significant is that stakeholder to the M&A transaction process?
      2. Prioritize your stakeholders using the prioritization scheme on the previous slide.

      Stakeholder

      Category

      Level of Support

      Prioritization
      CMO Spectator Neutral Irrelevant
      CIO Player Supporter Critical

      Record the results in the M&A Sell Playbook.

      Define strategies for engaging stakeholders by type

      A revisit to the map of stakeholder categories, but with strategies listed for each one, and arrows on the side instead of an axis. The vertical arrow is 'Authority', which increases upward, and the horizontal axis is Ownership/Interest which increases as it moves to the right. The strategy for 'Players' is 'Engage', for 'Mediators' is 'Satisfy', for 'Noisemakers' is 'Inform', and for 'Spectators' is 'Monitor'.

      Type

      Quadrant

      Actions
      Players High influence, high interest – actively engage Keep them updated on the progress of the project. Continuously involve Players in the process and maintain their engagement and interest by demonstrating their value to its success.
      Mediators High influence, low interest – keep satisfied They can be the game changers in groups of stakeholders. Turn them into supporters by gaining their confidence and trust and including them in important decision-making steps. In turn, they can help you influence other stakeholders.
      Noisemakers Low influence, high interest – keep informed Try to increase their influence (or decrease it if they are detractors) by providing them with key information, supporting them in meetings, and using Mediators to help them.
      Spectators Low influence, low interest – monitor They are followers. Keep them in the loop by providing clarity on objectives and status updates.

      Info-Tech Insight

      Each group of stakeholders draws attention and resources away from critical tasks. By properly identifying stakeholder groups, the IT executive leader can develop corresponding actions to manage stakeholders in each group. This can dramatically reduce wasted effort trying to satisfy Spectators and Noisemakers while ensuring the needs of Mediators and Players are met.

      1.1.6 Plan to communicate

      30 minutes

      Input: Stakeholder priority, Stakeholder categorization, Stakeholder influence

      Output: Stakeholder communication plan

      Materials: Flip charts, Markers, Sticky notes, M&A Sell Playbook

      Participants: IT executive leadership, M&A/divestiture stakeholders

      The purpose of this activity is to make a communication plan for each of the stakeholders identified in the previous activities, especially those who will have a critical role in the M&A transaction process.

      1. In the M&A Sell Playbook, input the type of influence each stakeholder has on IT, how they would be categorized in the M&A process, and their level of priority. Use this information to create a communication plan.
      2. Determine the methods and frequency of communication to keep the necessary stakeholder satisfied and maintain or enhance IT’s profile within the organization.

      Record the results in the M&A Sell Playbook.

      Proactive

      Step 1.2

      Assess IT’s Current Value and Method to Achieve a Future State

      Activities

      • 1.2.1 Valuate IT
      • 1.2.2 Assess the IT/digital strategy

      This step involves the following participants:

      • IT executive leader
      • IT leadership
      • Critical stakeholders to M&A

      Outcomes of Step

      Identify critical opportunities to optimize IT and meet strategic business goals through a merger, acquisition, or divestiture.

      How to valuate your IT environment

      And why it matters so much

      • Valuating your current organization’s IT environment is a critical step that all IT organizations should take, whether involved in an M&A or not, to fully understand what it might be worth.
      • The business investments in IT can be directly translated into a value amount. For every $1 invested in IT, the business might be gaining $100 in value back or possibly even loosing $100.
      • Determining, documenting, and communicating this information ensures that the business takes IT’s suggestions seriously and recognizes why investing in IT is so critical.
      • There are three ways a business or asset can be valuated:
        • Cost Approach: Look at the costs associated with building, purchasing, replacing, and maintaining a given aspect of the business.
        • Market Approach: Look at the relative value of a particular aspect of the business. Relative value can fluctuate and depends on what the markets and consequently society believe that particular element is worth.
        • Discounted Cash Flow Approach: Focus on what the potential value of the business could be or the intrinsic value anticipated due to future profitability.
        • (Source: “Valuation Methods,” Corporate Finance Institute)

      Four ways to create value through digital

      1. Reduced costs
      2. Improved customer experience
      3. New revenue sources
      4. Better decision making
        5. (Source: McKinsey & Company)

      1.2.1 Valuate IT

      1 day

      Input: Valuation of data, Valuation of applications, Valuation of infrastructure and operations, Valuation of security and risk

      Output: Valuation of IT

      Materials: Relevant templates/tools listed on the following slides, Capital budget, Operating budget, M&A Sell Playbook

      Participants: IT executive/CIO, IT senior leadership

      The purpose of this activity is to demonstrate that IT is not simply an operational functional area that diminishes business resources. Rather, IT contributes significant value to the business.

      1. Review each of the following slides to valuate IT’s data, applications, infrastructure and operations, and security and risk. These valuations consider several tangible and intangible factors and result in a final dollar amount.
      2. Input the financial amounts identified for each critical area into a summary slide. Use this information to determine where IT is delivering value to the organization.

      Info-Tech Insight

      Consistency is key when valuating your IT organization as well as other IT organizations throughout the transaction process.

      Record the results in the M&A Sell Playbook.

      Data valuation

      Data valuation identifies how you monetize the information that your organization owns.

      Create a data value chain for your organization

      When valuating the information and data that exists in an organization, there are many things to consider.

      Info-Tech has two tools that can support this process:

      1. Information Asset Audit Tool: Use this tool first to take inventory of the different information assets that exist in your organization.
      2. Data Valuation Tool: Once information assets have been accounted for, valuate the data that exists within those information assets.

      Data Collection

      Insight Creation

      Value Creation

      Data Valuation
      01 Data Source
      02 Data Collection Method
      03 Data       		04 Data Analysis
      05 Insight
      06 Insight Delivery       		07 Consumer
      08 Value in Data       		09 Value Dimension
      10 Value Metrics Group
      11 Value Metrics
      Screenshots of Tab 2 of Info-Tech's Data Valuation Tool.

      Instructions

      1. Using the Data Valuation Tool, start gathering information based on the eight steps above to understand your organization’s journey from data to value.
      2. Identify the data value spectrum. (For example: customer sales service, citizen licensing service, etc.)
      3. Fill out the columns for data sources, data collection, and data first.
      4. Capture data analysis and related information.
      5. Then capture the value in data.
      6. Add value dimensions such as usage, quality, and economic dimensions.
        • Remember that economic value is not the only dimension, and usage/quality has a significant impact on economic value.
      7. Collect evidence to justify your data valuation calculator (market research, internal metrics, etc.).
      8. Finally, calculate the value that has a direct correlation with underlying value metrics.

      Application valuation

      Calculate the value of your IT applications

      When valuating the applications and their users in an organization, consider using a business process map. This shows how business is transacted in the company by identifying which IT applications support these processes and which business groups have access to them. Info-Tech has a business process mapping tool that can support this process:

      • Enterprise Integration Process Mapping Tool: Complete this tool first to map the different business processes to the supporting applications in your organization.

      Instructions

      1. Start by calculating user costs. This is the multiplication of: (# of users) × (% of time spent using IT) × (fully burdened salary).
      2. Identify the revenue per employee and divide that by the average cost per employee to calculate the derived productivity ratio (DPR).
      3. Once you have calculated the user costs and DPR, multiply those total values together to get the application value.

        4. User Costs

        Total User Costs

        Derived Productivity Ratio (DPR)

        Total DPR

        Application Value
        # of users % time spent using IT Fully burdened salary Multiply values from the 3 user costs columns Revenue per employee Average cost per employee (Revenue P.E) ÷ (Average cost P.E) (User costs) X (DPR)

      4. Once the total application value is established, calculate the combined IT and business costs of delivering that value. IT and business costs include inflexibility (application maintenance), unavailability (downtime costs, including disaster exposure), IT costs (common costs statistically allocated to applications), and fully loaded cost of active (full-time equivalent [FTE]) users.
      5. Calculate the net value of applications by subtracting the total IT and business costs from the total application value calculated in step 3.

        6. IT and Business Costs

        Total IT and Business Costs

        Net Value of Applications
        Application maintenance Downtime costs (include disaster exposure) Common costs allocated to applications Fully loaded costs of active (FTE) users Sum of values from the four IT and business costs columns (Application value) – (IT and business costs)

      (Source: CSO)

      Infrastructure valuation

      Assess the foundational elements of the business’ information technology

      The purpose of this exercise is to provide a high-level infrastructure valuation that will contribute to valuating your IT environment.

      Calculating the value of the infrastructure will require different methods depending on the environment. For example, a fully cloud-hosted organization will have different costs than a fully on-premises IT environment.

      Instructions:

      1. Start by listing all of the infrastructure-related items that are relevant to your organization.
      2. Once you have finalized your items column, identify the total costs/value of each item.
        • For example, total software costs would include servers and storage.
      3. Calculate the total cost/value of your IT infrastructure by adding all of values in the right column.

      Item

      Costs/Value
      Hardware Assets Total Value +$3.2 million
      Hardware Leased/Service Agreement -$
      Software Purchased +$
      Software Leased/Service Agreement -$
      Operational Tools
      Network
      Disaster Recovery
      Antivirus
      Data Centers
      Service Desk
      Other Licenses
      Total:

      For additional support, download the M&A Runbook for Infrastructure and Operations.

      Risk and security

      Assess risk responses and calculate residual risk

      The purpose of this exercise is to provide a high-level risk assessment that will contribute to valuating your IT environment. For a more in-depth risk assessment, please refer to the Info-Tech tools below:

      1. Risk Register Tool
      2. Security M&A Due Diligence Tool
        3.

      Instructions

      1. Review the probability and impact scales below and ensure you have the appropriate criteria that align to your organization before you conduct a risk assessment.
      2. Identify the probability of occurrence and estimated financial impact for each risk category detail and fill out the table on the right. Customize the table as needed so it aligns to your organization.

        3. Probability of Risk Occurrence

        Occurrence Criteria
        (Classification; Probability of Risk Event Within One Year)

        Negligible Very Unlikely; ‹20%
        Very Low Unlikely; 20 to 40%
        Low Possible; 40 to 60%
        Moderately Low Likely; 60 to 80%
        Moderate Almost Certain; ›80%

      Note: If needed, you can customize this scale with the severity designations that you prefer. However, make sure you are always consistent with it when conducting a risk assessment.

      Financial & Reputational Impact

      Budgetary and Reputational Implications
      (Financial Impact; Reputational Impact)
      Negligible (‹$10,000; Internal IT stakeholders aware of risk event occurrence)
      Very Low ($10,000 to $25,000; Business customers aware of risk event occurrence)
      Low ($25,000 to $50,000; Board of directors aware of risk event occurrence)
      Moderately Low ($50,000 to $100,000; External customers aware of risk event occurrence)
      Moderate (›$100,000; Media coverage or regulatory body aware of risk event occurrence)

      Risk Category Details

      Probability of Occurrence

      Estimated Financial Impact

      Estimated Severity (Probability X Impact)
      Capacity Planning
      Enterprise Architecture
      Externally Originated Attack
      Hardware Configuration Errors
      Hardware Performance
      Internally Originated Attack
      IT Staffing
      Project Scoping
      Software Implementation Errors
      Technology Evaluation and Selection
      Physical Threats
      Resource Threats
      Personnel Threats
      Technical Threats
      Total:

      1.2.2 Assess the IT/digital strategy

      4 hours

      Input: IT strategy, Digital strategy, Business strategy

      Output: An understanding of an executive business stakeholder’s perception of IT, Alignment of IT/digital strategy and overall organization strategy

      Materials: Computer, Whiteboard and markers, M&A Sell Playbook

      Participants: IT executive/CIO, Business executive/CEO

      The purpose of this activity is to review the business and IT strategies that exist to determine if there are critical capabilities that are not being supported.

      Ideally, the IT and digital strategies would have been created following development of the business strategy. However, sometimes the business strategy does not directly call out the capabilities it requires IT to support.

      1. On the left half of the corresponding slide in the M&A Sell Playbook, document the business goals, initiatives, and capabilities. Input this information from the business or digital strategies. (If more space for goals, initiatives, or capabilities is needed, duplicate the slide).
      2. On the other half of the slide, document the IT goals, initiatives, and capabilities. Input this information from the IT strategy and digital strategy.

      For additional support, see Build a Business-Aligned IT Strategy.

      Record the results in the M&A Sell Playbook.

      Proactive

      Step 1.3

      Drive Innovation and Suggest Growth Opportunities

      Activities

      • 1.3.1 Determine pain points and opportunities
      • 1.3.2 Align goals with opportunities
      • 1.3.3 Recommend reduction opportunities

      This step involves the following participants:

      • IT executive leader
      • IT leadership
      • Critical M&A stakeholders

      Outcomes of Step

      Establish strong relationships with critical M&A stakeholders and position IT as an innovative business partner that can suggest reduction opportunities.

      1.3.1 Determine pain points and opportunities

      1-2 hours

      Input: CEO-CIO Alignment diagnostic, CIO Business Vision diagnostic, Valuation of IT environment, IT-business goals cascade

      Output: List of pain points or opportunities that IT can address

      Materials: Computer, Whiteboard and markers, M&A Sell Playbook

      Participants: IT executive/CIO, IT senior leadership, Business stakeholders

      The purpose of this activity is to determine the pain points and opportunities that exist for the organization. These can be external or internal to the organization.

      1. Identify what opportunities exist for your organization. Opportunities are the potential positives that the organization would want to leverage.
      2. Next, identify pain points, which are the potential negatives that the organization would want to alleviate.
      3. Spend time considering all the options that might exist, and keep in mind what has been identified previously.

      Opportunities and pain points can be trends, other departments’ initiatives, business perspectives of IT, etc.

      Record the results in the M&A Sell Playbook.

      1.3.2 Align goals with opportunities

      1-2 hours

      Input: CEO-CIO Alignment diagnostic, CIO Business Vision diagnostic, Valuation of IT environment, IT-business goals cascade, List of pain points and opportunities

      Output: An understanding of an executive business stakeholder’s perception of IT, Foundations for reduction strategy

      Materials: Computer, Whiteboard and markers, M&A Sell Playbook

      Participants: IT executive/CIO, IT senior leadership, Business stakeholders

      The purpose of this activity is to determine whether a growth or separation strategy might be a good suggestion to the business in order to meet its business objectives.

      1. For the top three to five business goals, consider:
        1. Underlying drivers
        2. Digital opportunities
        3. Whether a growth or reduction strategy is the solution
      2. Just because a growth or reduction strategy is a solution for a business goal does not necessarily indicate M&A is the way to go. However, it is important to consider before you pursue suggesting M&A.

      Record the results in the M&A Sell Playbook.

      1.3.3 Recommend reduction opportunities

      1-2 hours

      Input: Growth or separation strategy opportunities to support business goals, Stakeholder communication plan, Rationale for the suggestion

      Output: M&A transaction opportunities suggested

      Materials: M&A Sell Playbook

      Participants: IT executive/CIO, Business executive/CEO

      The purpose of this activity is to recommend a merger, acquisition, or divestiture to the business.

      1. Identify which of the business goals the transaction would help solve and why IT is the one to suggest such a goal.
      2. Leverage the stakeholder communication plan identified previously to give insight into stakeholders who would have a significant level of interest, influence, or support in the process.

      Info-Tech Insight

      With technology and digital driving many transactions, leverage your organizations’ IT environment as an asset and reason why the divestiture or sale should happen, suggesting the opportunity yourself.

      Record the results in the M&A Sell Playbook.

      By the end of this Proactive phase, you should:

      Be prepared to suggest M&A opportunities to support your company’s goals through sale or divestiture transactions

      Key outcome from the Proactive phase

      Develop progressive relationships and strong communication with key stakeholders to suggest or be aware of transformational opportunities that can be achieved through sale or divestiture strategies.

      Key deliverables from the Proactive phase
      • Business perspective of IT examined
      • Key stakeholders identified and relationship to the M&A process outlined
      • Ability to valuate the IT environment and communicate IT’s value to the business
      • Assessment of the business, digital, and IT strategies and how M&As could support those strategies
      • Pain points and opportunities that could be alleviated or supported through an M&A transaction
      • Sale or divestiture recommendations

      The Sell Blueprint

      Phase 2

      Discovery & Strategy

      Phase 1

      Phase 2

      		Phase 3Phase 4
      • 1.1 Identify Stakeholders and Their Perspective of IT
      • 1.2 Assess IT’s Current Value and Future State
      • 1.3 Drive Innovation and Suggest Reduction Opportunities
      • 2.1 Establish the M&A Program Plan
      • 2.2 Prepare IT to Engage in the Separation or Sale
      • 3.1 Engage in Due Diligence and Prepare Staff
      • 3.2 Prepare to Separate
      • 4.1 Execute the Transaction
      • 4.2 Reflection and Value Realization

      This phase will walk you through the following activities:

      • Create the mission and vision
      • Identify the guiding principles
      • Create the future-state operating model
      • Determine the transition team
      • Document the M&A governance
      • Create program metrics
      • Establish the separation strategy
      • Conduct a RACI
      • Create the communication plan
      • Assess the potential organization(s)

      This phase involves the following participants:

      • IT executive/CIO
      • IT senior leadership
      • Company M&A team

      Workshop Overview

      Contact your account representative for more information.
      workshops@infotech.com 1-888-670-8889

      Pre-Work

      Day 1

      Day 2

      Day 3

      Day 4

      Day 5

      Establish the Transaction FoundationDiscover the Motivation for Divesting or SellingFormalize the Program PlanCreate the Valuation FrameworkStrategize the TransactionNext Steps and Wrap-Up (offsite)

      Activities

      • 0.1 Conduct the CIO Business Vision and CEO-CIO Alignment diagnostics
      • 0.2 Identify key stakeholders and outline their relationship to the M&A process
      • 0.3 Identify the rationale for the company's decision to pursue a divestiture or sale
      • 1.1 Review the business rationale for the divestiture/sale
      • 1.2 Assess the IT/digital strategy
      • 1.3 Identify pain points and opportunities tied to the divestiture/sale
      • 1.4 Create the IT vision statement, create the IT mission statement, and identify IT guiding principles
      • 2.1 Create the future-state operating model
      • 2.2 Determine the transition team
      • 2.3 Document the M&A governance
      • 2.4 Establish program metrics
      • 3.1 Valuate your data
      • 3.2 Valuate your applications
      • 3.3 Valuate your infrastructure
      • 3.4 Valuate your risk and security
      • 3.5 Combine individual valuations to make a single framework
      • 4.1 Establish the separation strategy
      • 4.2 Conduct a RACI
      • 4.3 Review best practices for assessing target organizations
      • 4.4 Create the communication plan
      • 5.1 Complete in-progress deliverables from previous four days
      • 5.2 Set up review time for workshop deliverables and to discuss next steps

      Deliverables

      1. Business perspectives of IT
      2. Stakeholder network map for M&A transactions
      1. Business context implications for IT
      2. IT’s divestiture/sale strategic direction
      1. Operating model for future state
      2. Transition team
      3. Governance structure
      4. M&A program metrics
      1. IT valuation framework
      1. Separation strategy
      2. RACI
      3. Communication plan
      1. Completed M&A program plan and strategy
      2. Prepared to assess target organization(s)

      What is the Discovery & Strategy phase?

      Pre-transaction state

      The Discovery & Strategy phase during a sale or divestiture is a unique opportunity for many IT organizations. IT organizations that can participate in the transaction at this stage are likely considered a strategic partner of the business.

      For one-off sales/divestitures, IT being invited during this stage of the process is rare. However, for organizations that are preparing to engage in many divestitures over the coming years, this type of strategy will greatly benefit from IT involvement. Again, the likelihood of participating in an M&A transaction is increasing, making it a smart IT leadership decision to, at the very least, loosely prepare a program plan that can act as a strategic pillar throughout the transaction.

      During this phase of the pre-transaction state, IT may be asked to participate in ensuring that the IT environment is able to quickly and easily carve out components/business lines and deliver on service-level agreements (SLAs).

      Goal: To identify a repeatable program plan that IT can leverage when selling or divesting all or parts of the current IT environment, ensuring customer satisfaction and business continuity

      Discovery & Strategy Prerequisite Checklist

      Before coming into the Discovery & Strategy phase, you should have addressed the following:

      • Understand the business perspective of IT.
      • Know the key stakeholders and have outlined their relationship to the M&A process.
      • Be able to valuate the IT environment and communicate IT's value to the business.
      • Understand the rationale for the company's decision to pursue a sale or divestiture and the opportunities or pain points the sale should address.

      Discovery & Strategy

      Step 2.1

      Establish the M&A Program Plan

      Activities

      • 2.1.1 Create the mission and vision
      • 2.1.2 Identify the guiding principles
      • 2.1.3 Create the future-state operating model
      • 2.1.4 Determine the transition team
      • 2.1.5 Document the M&A governance
      • 2.1.6 Create program metrics

      This step involves the following participants:

      • IT executive/CIO
      • IT senior leadership
      • Company M&A team

      Outcomes of Step

      Establish an M&A program plan that can be repeated across sales/divestitures.

      The vision and mission statements clearly articulate IT’s aspirations and purpose

      The IT vision statement communicates a desired future state of the IT organization, whereas the IT mission statement portrays the organization’s reason for being. While each serves its own purpose, they should both be derived from the business context implications for IT.

      Vision Statements

      Mission Statements

      Characteristics
      • Describe a desired future
      • Focus on ends, not means
      • Concise
      • Aspirational
      • Memorable
      • Articulate a reason for existence
      • Focus on how to achieve the vision
      • Concise
      • Easy to grasp
      • Sharply focused
      • Inspirational

      Samples

      		 To be a trusted advisor and partner in enabling business innovation and growth through an engaged IT workforce. (Source: Business News Daily) IT is a cohesive, proactive, and disciplined team that delivers innovative technology solutions while demonstrating a strong customer-oriented mindset. (Source: Forbes, 2013)

      2.1.1 Create the mission and vision statements

      2 hours

      Input: Business objectives, IT capabilities, Rationale for the transaction

      Output: IT’s mission and vision statements for reduction strategies tied to mergers, acquisitions, and divestitures

      Materials: Flip charts/whiteboard, Markers, M&A Sell Playbook

      Participants: IT executive/CIO, IT senior leadership, Company M&A team

      The purpose of this activity is to create mission and vision statements that reflect IT’s intent and method to support the organization as it pursues a reduction strategy.

      1. Review the definitions and characteristics of mission and vision statements.
      2. Brainstorm different versions of the mission and vision statements.
      3. Edit the statements until you get to a single version of each that accurately reflects IT’s role in the reduction process.

      Record the results in the M&A Sell Playbook.

      Guiding principles provide a sense of direction

      IT guiding principles are shared, long-lasting beliefs that guide the use of IT in constructing, transforming, and operating the enterprise by informing and restricting IT investment portfolio management, solution development, and procurement decisions.

      A diagram illustrating the place of 'IT guiding principles' in the process of making 'Decisions on the use of IT'. There are four main items, connecting lines naming the type of process in getting from one step to the next, and a line underneath clarifying the questions asked at each step. On the far left, over the question 'What decisions should be made?', is 'Business context and IT implications'. This flows forward to 'IT guiding principles', and they are connected by 'Influence'. Next, over the question 'How should decisions be made?', is the main highlighted section. 'IT guiding principles' flows forward to 'Decisions on the use of IT', and they are connected by 'Guide and inform'. On the far right, over the question 'Who has the accountability and authority to make decisions?', is 'IT policies'. This flows back to 'Decisions on the use of IT', and they are connected by 'Direct and control'.

      IT principles must be carefully constructed to make sure they are adhered to and relevant

      Info-Tech has identified a set of characteristics that IT principles should possess. These characteristics ensure the IT principles are relevant and followed in the organization.

      Approach focused. IT principles should be focused on the approach – how the organization is built, transformed, and operated – as opposed to what needs to be built, which is defined by both functional and non-functional requirements.

      Business relevant. Create IT principles that are specific to the organization. Tie IT principles to the organization’s priorities and strategic aspirations.

      Long lasting. Build IT principles that will withstand the test of time.

      Prescriptive. Inform and direct decision making with actionable IT principles. Avoid truisms, general statements, and observations.

      Verifiable. If compliance can’t be verified, people are less likely to follow the principle.

      Easily Digestible. IT principles must be clearly understood by everyone in IT and by business stakeholders. IT principles aren’t a secret manuscript of the IT team. IT principles should be succinct; wordy principles are hard to understand and remember.

      Followed. Successful IT principles represent a collection of beliefs shared among enterprise stakeholders. IT principles must be continuously communicated to all stakeholders to achieve and maintain buy-in.

      In organizations where formal policy enforcement works well, IT principles should be enforced through appropriate governance processes.

      Consider the example principles below

      IT Principle Name

      IT Principle Statement
      1. Risk Management We will ensure that the organization’s IT Risk Management Register is properly updated to reflect all potential risks and that a plan of action against those risks has been identified.
      2. Transparent Communication We will ensure employees are spoken to with respect and transparency throughout the transaction process.
      3. Separation for Success We will create a carve-out strategy that enables the organization and clearly communicates the resources required to succeed.
      4. Managed Data We will handle data creation, modification, separation, and use across the enterprise in compliance with our data governance policy.
      5.Deliver Better Customer Service We will reduce the number of products offered by IT, enabling a stronger focus on specific products or elements to increase customer service delivery.
      6. Compliance With Laws and Regulations We will operate in compliance with all applicable laws and regulations for both our organization and the potentially purchasing organization.
      7. Defined Value We will create a plan of action that aligns with the organization’s defined value expectations.
      8. Network Readiness We will ensure that employees and customers have immediate access to the network with minimal or no outages.
      9. Value Generator We will leverage the current IT people, processes, and technology to turn the IT organization into a value generator by developing and selling our services to purchasing organizations.

      2.1.2 Identify the guiding principles

      2 hours

      Input: Business objectives, IT capabilities, Rationale for the transaction, Mission and vision statements

      Output: IT’s guiding principles for reduction strategies tied to mergers, acquisitions, and divestitures

      Materials: Flip charts/whiteboard, Markers, M&A Sell Playbook

      Participants: IT executive/CIO, IT senior leadership, Company M&A team

      The purpose of this activity is to create the guiding principles that will direct the IT organization throughout the reduction strategy process.

      1. Review the role of guiding principles and the examples of guiding principles that organizations have used.
      2. Brainstorm different versions of the guiding principles. Each guiding principle should start with the phrase “We will…”
      3. Edit and consolidate the statements until you have a list of approximately eight to ten statements that accurately reflect IT’s role in the reduction process.
      4. Review the guiding principles every six months to ensure they continue to support the delivery of the business’ reduction strategy goals.

      Record the results in the M&A Sell Playbook.

      Create two IT teams to support the transaction

      IT M&A Transaction Team

      • The IT M&A Transaction Team should consist of the strongest members of the IT team who can be expected to deliver on unusual or additional tasks not asked of them in normal day-to-day operations.
      • The roles selected for this team will have very specific skills sets or deliver on critical separation capabilities, making their involvement in the combination of two or more IT environments paramount.
      • These individuals need to have a history of proving themselves very trustworthy, as they will likely be required to sign an NDA as well.
      • Expect to have to certain duplicate capabilities or roles across the M&A Team and Operational Team.

      IT Operational Team

      • This group is responsible for ensuring the business operations continue.
      • These employees might be those who are newer to the organization but can be counted on to deliver consistent IT services and products.
      • The roles of this team should ensure that end users or external customers remain satisfied.

      Key capabilities to support M&A

      Consider the following capabilities when looking at who should be a part of the IT Transaction Team.

      Employees who have a significant role in ensuring that these capabilities are being delivered will be a top priority.

      Infrastructure & Operations

      • System Separation
      • Data Management
      • Helpdesk/Desktop Support
      • Cloud/Server Management

      Business Focus

      • Service-Level Management
      • Enterprise Architecture
      • Stakeholder Management
      • Project Management

      Risk & Security

      • Privacy Management
      • Security Management
      • Risk & Compliance Management

      Build a lasting and scalable operating model

      An operating model is an abstract visualization, used like an architect’s blueprint, that depicts how structures and resources are aligned and integrated to deliver on the organization’s strategy.

      It ensures consistency of all elements in the organizational structure through a clear and coherent blueprint before embarking on detailed organizational design.

      The visual should highlight which capabilities are critical to attaining strategic goals and clearly show the flow of work so that key stakeholders can understand where inputs flow in and outputs flow out of the IT organization.

      As you assess the current operating model, consider the following:

      • Does the operating model contain all the necessary capabilities your IT organization requires to be successful?
      • What capabilities should be duplicated?
      • Are there individuals with the skill set to support those roles? If not, is there a plan to acquire or develop those skills?
      • A dedicated project team strictly focused on M&A is great. However, is it feasible for your organization? If not, what blockers exist?
      A diagram with 'Initiatives' and 'Solutions' on the left and right of an area chart, 'Customer' at the top, the area between them labelled 'Functional Area n', and six horizontal bars labelled 'IT Capability' stacked on top of each other. The 'IT Capability' bars are slightly skewed to the 'Solutions' side of the chart.

      Info-Tech Insight

      Investing time up-front getting the operating model right is critical. This will give you a framework to rationalize future organizational changes, allowing you to be more iterative and allowing your model to change as the business changes.

      2.1.3 Create the future-state operating model

      4 hours

      Input: Current operating model, IT strategy, IT capabilities, M&A-specific IT capabilities, Business objectives, Rationale for the transaction, Mission and vision statements

      Output: Future-state operating model for divesting organizations

      Materials: Operating model, Capability overlay, Flip charts/whiteboard, Markers, M&A Sell Playbook

      Participants: IT executive/CIO, IT senior leadership, Company M&A team

      The purpose of this activity is to establish what the future-state operating model will be if your organization needs to adjust to support a divestiture transaction. If your organization plans to sell in its entirety, you may choose to skip this activity.

      1. Ensuring that all the IT capabilities are identified by the business and IT strategy, document your organization’s current operating model.
      2. Identify what core capabilities would be critical to the divesting transaction process and separation. Highlight and make copies of those capabilities in the M&A Sell Playbook. As a result of divesting, there may also be capabilities that will become irrelevant in your future state.
      3. Ensure the capabilities that will be decentralized are clearly identified. Decentralized capabilities do not exist within the central IT organization but rather in specific lines of businesses, products, or locations to better understand needs and deliver on the capability.

      An example operating model is included in the M&A Sell Playbook. This process benefits from strong reference architecture and capability mapping ahead of time.

      Record the results in the M&A Sell Playbook.

      2.1.4 Determine the transition team

      3 hours

      Input: IT capabilities, Future-state operating model, M&A-specific IT capabilities, Business objectives, Rationale for the transaction, Mission and vision statements

      Output: Transition team

      Materials: Reference architecture, Organizational structure, Flip charts/whiteboard, Markers

      Participants: IT executive/CIO, IT senior leadership, Company M&A team

      The purpose of this activity is to create a team that will support your IT organization throughout the transaction. Determining which capabilities and therefore which roles will be required ensures that the business will continue to get the operational support it needs.

      1. Based on the outcome of activity 2.1.3, review the capabilities that your organization will require on the transition team. Group capabilities into functional groups containing capabilities that are aligned well with one another because they have similar responsibilities and functionalities.
      2. Replace the capabilities with roles. For example, stakeholder management, requirements gathering, and project management might be one functional group. Project management and stakeholder management might combine to create a project manager role.
      3. Review the examples in the M&A Sell Playbook and identify which roles will be a part of the transition team.

      For more information, see Redesign Your Organizational Structure

      What is governance?

      And why does it matter so much to IT and the M&A process?

      • Governance is the method in which decisions get made, specifically as they impact various resources (time, money, and people).
      • Because M&A is such a highly governed transaction, it is important to document the governance bodies that exist in your organization.
      • This will give insight into what types of governing bodies there are, what decisions they make, and how that will impact IT.
      • For example, funds to support separation need to be discussed, approved, and supplied to IT from a governing body overseeing the acquisition.
      • A highly mature IT organization will have automated governance, while a seemingly non-existent governance process will be considered ad hoc.
      A pyramid with four levels representing the types of governing bodies that are available with differing levels of IT maturity. An arrow beside the pyramid points upward. The bottom of the arrow is labelled 'Traditional (People and document centric)' and the top is labelled 'Adaptive (Data centric)'. Starting at the bottom of the pyramid is level 1 'Ad Hoc Governance', 'Governance that is not well defined or understood within the organization. It occurs out of necessity but often not by the right people'. Level 2 is 'Controlled Governance', 'Governance focused on compliance and decisions driven by hierarchical authority. Levels of authority are defined and often driven by regulatory'. Level 3 is 'Agile Governance', 'Governance that is flexible to support different needs and quick response in the organization. Driven by principles and delegated throughout the company'. At the top of the pyramid is level 4 'Automated Governance', 'Governance that is entrenched and automated into organizational processes and product/service design. Empowered and fully delegated governance to maintain fit and drive organizational success and survival'.

      2.1.5 Document M&A governance

      1-2 hours

      Input: List of governing bodies, Governing body committee profiles, Governance structure

      Output: Documented method on how decisions are made as it relates to the M&A transaction

      Materials: Flip charts/whiteboard, Markers, M&A Sell Playbook

      Participants: IT executive/CIO, IT senior leadership, Company M&A team

      The purpose of this activity is to determine the method in which decisions are made throughout the M&A transaction as it relates to IT. This will require understanding both governing bodies internal to IT and those external to IT.

      1. First, determine the other governance structures within the organization that will impact the decisions made about M&A. List out these bodies or committees.
      2. Create a profile for each committee that looks at the membership, purpose of the committee, decision areas (authority), and the process of inputs and outputs. Ensure IT committees that will have a role in this process are also documented. Consider the benefits realized, risks, and resources required for each.
      3. Organize the committees into a structure, identifying the committees that have a role in defining the strategy, designing and building, and running.

      Record the results in the M&A Sell Playbook.

      Current-state structure map – definitions of tiers

      Strategy: These groups will focus on decisions that directly connect to the strategic direction of the organization.

      Design & Build: The second tier of groups will oversee prioritization of a certain area of governance as well as design and build decisions that feed into strategic decisions.

      Run: The lowest level of governance will be oversight of more-specific initiatives and capabilities within IT.

      Expect tier overlap. Some committees will operate in areas that cover two or three of these governance tiers.

      Measure the IT program’s success in terms of its ability to support the business’ M&A goals

      Upper management will measure IT’s success based on your ability to support the underlying reasons for the M&A. Using business metrics will help assure business stakeholders that IT understands their needs and is working with the business to achieve them.

      Business-Specific Metrics

      • Revenue Growth: Increase in the top line as seen by market expansion, product expansion, etc. by percentage/time.
      • Synergy Extraction: Reduction in costs as determined by the ability to identify and eliminate redundancies over time.
      • Profit Margin Growth: Increase in the bottom line as a result of increased revenue growth and/or decreased costs over time.

      IT-Specific Metrics

      • IT operational savings and cost reductions due to synergies: Operating expenses, capital expenditures, licenses, contracts, applications, infrastructure over time.
      • Reduction in IT staff expense and headcount: Decreased budget allocated to IT staff, and ability to identify and remove redundancies in staff.
      • Meeting or improving on IT budget estimates: Delivering successful IT separation on a budget that is the same or lower than the budget estimated during due diligence.
      • Meeting or improving on IT time-to-separation estimates: Delivering successful IT carve-out on a timeline that is the same or shorter than the timeline estimated during due diligence.
      • Business capability support: Delivering the end state of IT that supports the expected business capabilities and growth.

      Establish your own metrics to gauge the success of IT

      Establish SMART M&A Success Metrics

      S pecific Make sure the objective is clear and detailed.
      M easurable Objectives are measurable if there are specific metrics assigned to measure success. Metrics should be objective.
      A ctionable Objectives become actionable when specific initiatives designed to achieve the objective are identified.
      R ealistic Objectives must be achievable given your current resources or known available resources.
      T ime-Bound An objective without a timeline can be put off indefinitely. Furthermore, measuring success is challenging without a timeline.
      • What should IT consider when looking to identify potential additions, deletions, or modifications that will either add value to the organization or reduce costs/risks?
      • Provide a definition of synergies.
      • IT operational savings and cost reductions due to synergies: Operating expenses, capital expenditures, licenses, contracts, applications, infrastructure.
      • Reduction in IT staff expense and headcount: Decreased budget allocated to IT staff, and ability to identify and remove redundancies in staff.
      • Meeting or improving on IT budget estimates: Delivering successful IT separation on a budget that is the same or lower than the budget estimated during due diligence.
      • Meeting or improving on IT time-to-separation estimates: Delivering successful IT carve-out on a timeline that is the same or shorter than the timeline estimated during due diligence.
      • Revenue growth: Increase in the top line as a result, as seen by market expansion, product expansion, etc., as a result of divesting lines of the business and selling service-level agreements to the purchasing organization.
      • Synergy extraction: Reduction in costs, as determined by the ability to identify and eliminate redundancies.
      • Profit margin growth: Increase in the bottom line as a result of increased revenue growth and/or decreased costs.

      Metrics for each phase

      1. Proactive

      2. Discovery & Strategy

      3. Valuation & Due Diligence

      4. Execution & Value Realization

      • % Share of business innovation spend from overall IT budget
      • % Critical processes with approved performance goals and metrics
      • % IT initiatives that meet or exceed value expectation defined in business case
      • % IT initiatives aligned with organizational strategic direction
      • % Satisfaction with IT's strategic decision-making abilities
      • $ Estimated business value added through IT-enabled innovation
      • % Overall stakeholder satisfaction with IT
      • % Percent of business leaders that view IT as an Innovator
      • % IT budget as a percent of revenue
      • % Assets that are not allocated
      • % Unallocated software licenses
      • # Obsolete assets
      • % IT spend that can be attributed to the business (chargeback or showback)
      • % Share of CapEx of overall IT budget
      • % Prospective organizations that meet the search criteria
      • $ Total IT cost of ownership (before and after M&A, before and after rationalization)
      • % Business leaders that view IT as a Business Partner
      • % Defects discovered in production
      • $ Cost per user for enterprise applications
      • % In-house-built applications vs. enterprise applications
      • % Owners identified for all data domains
      • # IT staff asked to participate in due diligence
      • Change to due diligence
      • IT budget variance
      • Synergy target
      • % Satisfaction with the effectiveness of IT capabilities
      • % Overall end-customer satisfaction
      • $ Impact of vendor SLA breaches
      • $ Savings through cost-optimization efforts
      • $ Savings through application rationalization and technology standardization
      • # Key positions empty
      • % Frequency of staff turnover
      • % Emergency changes
      • # Hours of unplanned downtime
      • % Releases that cause downtime
      • % Incidents with identified problem record
      • % Problems with identified root cause
      • # Days from problem identification to root cause fix
      • % Projects that consider IT risk
      • % Incidents due to issues not addressed in the security plan
      • # Average vulnerability remediation time
      • % Application budget spent on new build/buy vs. maintenance (deferred feature implementation, enhancements, bug fixes)
      • # Time (days) to value realization
      • % Projects that realized planned benefits
      • $ IT operational savings and cost reductions that are related to synergies/divestitures
      • % IT staff–related expenses/redundancies
      • # Days spent on IT separation
      • $ Accurate IT budget estimates
      • % Revenue growth directly tied to IT delivery
      • % Profit margin growth

      2.1.6 Create program metrics

      1-2 hours

      Input: IT capabilities, Mission, vision, and guiding principles, Rationale for the acquisition

      Output: Program metrics to support IT throughout the M&A process

      Materials: Flip charts/whiteboard, Markers, M&A Sell Playbook

      Participants: IT executive/CIO, IT senior leadership, Company M&A team

      The purpose of this activity is to determine how IT’s success throughout a growth transaction will be measured and determined.

      1. Document a list of appropriate metrics on the whiteboard. Remember to include metrics that demonstrate the business impact. You can use the sample metrics listed on the previous slide as a starting point.
      2. Set a target and deadline for each metric. This will help the group determine when it is time to evaluate progression.
      3. Establish a baseline for each metric based on information collected within your organization.
      4. Assign an owner for tracking each metric as well as someone to be accountable for performance.

      Record the results in the M&A Sell Playbook.

      Discovery & Strategy

      Step 2.2

      Prepare IT to Engage in the Separation or Sale

      Activities

      • 2.2.1 Establish the separation strategy
      • 2.2.2 Conduct a RACI
      • 2.2.3 Create the communication plan
      • 2.2.4 Assess the potential organization(s)

      This step involves the following participants:

      • IT executive/CIO
      • IT senior leadership
      • Company M&A team

      Outcomes of Step

      Identify IT’s plan of action when it comes to the separation/sale and align IT’s separation/sale strategy with the business’ M&A strategy.

      Separation strategies

      There are several IT separation strategies that will let you achieve your target technology environment.

      IT Separation Strategies
      • Divest. Carve out elements of the IT organization and sell them to a purchasing organization with or without a service-level agreement.
      • Sell. Sell the entire IT environment to a purchasing organization. The purchasing organization takes full responsibility in delivering and running the IT environment.
      • Spin-Off Joint Venture. Carve out elements of the IT organization and combine them with elements of a new or purchasing organization to create a new entity.

      The approach IT takes will depend on the business objectives for the M&A.

      • Generally speaking, the separation strategy is well understood and influenced by the frequency of and rationale for selling.
      • Based on the initiatives generated by each business process owner, you need to determine the IT separation strategy that will best support the desired target technology environment, especially if you are still operating or servicing elements of that IT environment.

      Key considerations when choosing an IT separation strategy include:

      • What are the main business objectives of the M&A?
      • What are the key synergies expected from the transaction?
      • What IT separation strategy best helps obtain these benefits?
      • What opportunities exist to position the business for sustainable and long-term growth?

      Separation strategies in detail

      Review highlights and drawbacks of different separation strategies

      Divest
        Highlights
      • Recommended for businesses striving to reduce costs and potentially even generate revenue for the business through the delivery of SLAs.
      • Opportunity to reduce or scale back on lines of business or products that are not driving profits.
        Drawbacks
      • May be forced to give up critical staff that have been known to deliver high value.
      • The IT department is left to deliver services to the purchasing organization with little support or consideration from the business.
      • There can be increased risk and security concerns that need to be addressed.
      Sell
        Highlights
      • Recommended for businesses looking to gain capital to exit the market profitably or to enter a new market with a large sum of capital.
      • The business will no longer exist, and as a result all operational costs, including IT, will become redundant.
        Drawbacks
      • IT is no longer needed as an operating or capital service for the organization.
      • Lost resources, including highly trained and critical staff.
      • May require packaging employees off and using the profit or capital generated to cover any closing costs.
      Spin-Off or Joint Venture
        Highlights
      • Recommended for businesses looking to expand their market presence or acquire new products. Essentially aligning the two organizations in the same market.
      • Each side has a unique offering but complementing capabilities.
        Drawbacks
      • As much as the organization is going through a separation from the original company, it will be going through an integration with the new company.
      • There could be differences in culture.
      • This could require a large amount of investment without a guarantee of profit or success.

      2.2.1 Establish the separation strategy

      1-2 hours

      Input: Business separation strategy, Guiding principles, M&A governance

      Output: IT’s separation strategy

      Materials: Flip charts/whiteboard, Markers, M&A Sell Playbook

      Participants: IT executive/CIO, IT senior leadership, Company M&A team

      The purpose of this activity is to determine IT’s approach to separating or selling. This approach might differ slightly from transaction to transaction. However, the businesses approach to transactions should give insight into the general separation strategy IT should adopt.

      1. Make sure you have clearly articulated the business objectives for the M&A, the technology end state for IT, and the magnitude of the overall separation.
      2. Review and discuss the highlights and drawbacks of each type of separation.
      3. Use Info-Tech’s Separation Posture Selection Framework on the next slide to select the separation posture that will appropriately enable the business. Consider these questions during your discussion:
        1. What are the main business objectives of the M&A? What key IT capabilities will need to support business objectives?
        2. What key synergies are expected from the transaction? What opportunities exist to position the business for sustainable growth?
        3. What IT separation best helps obtain these benefits?

      Record the results in the M&A Sell Playbook.

      Separation Posture Selection Framework

      Business M&A Strategy

      Resultant Technology Strategy

      M&A Magnitude (% of Seller Assets, Income, or Market Value)

      IT Separation Posture
      A. Horizontal Adopt One Model ‹100% Divest
      ›99% Sell
      B. Vertical Create Links Between Critical Systems Any Divest
      C. Conglomerate Independent Model Any Joint Venture
      Divest
      D. Hybrid: Horizontal & Conglomerate Create Links Between Critical Systems Any Divest
      Joint Venture

      M&A separation strategy

      Business M&A Strategy Resultant Technology Strategy M&A Magnitude (% of Seller Assets, Income, or Market Value) IT Separation Posture

      You may need a hybrid separation posture to achieve the technology end state.

      M&A objectives may not affect all IT domains and business functions in the same way. Therefore, the separation requirements for each business function may differ. Organizations will often choose to select and implement a hybrid separation posture to realize the technology end state.

      Each business division may have specific IT domain and capability needs that require an alternative separation strategy.

      • Example: Even when conducting a joint venture by forming a new organization, some partners might view themselves as the dominant partner and want to influence the IT environment to a greater degree.
      • Example: Some purchasing organizations will expect service-level agreements to be available for a significant period of time following the divestiture, while others will be immediately independent.

      2.2.2 Conduct a RACI

      1-2 hours

      Input: IT capabilities, Transition team, Separation strategy

      Output: Completed RACI for Transition team

      Materials: Reference architecture, Organizational structure, Flip charts/whiteboard, Markers, M&A Sell Playbook

      Participants: IT executive/CIO, IT senior leadership, Company M&A team

      The purpose of this activity is to identify the core accountabilities and responsibilities for the roles identified as critical to your transition team. While there might be slight variation from transaction to transaction, ideally each role should be performing certain tasks.

      1. First, identify a list of critical tasks that need to be completed to support the sale or separation. For example:
        • Communicate with the company M&A team.
        • Identify the key IT solutions that can and cannot be carved out.
        • Gather data room artifacts and provide them to acquiring organization.
      2. Next, identify at the activity level which role is accountable or responsible for each activity. Enter an A for accountable, R for responsible, or A/R for both.

      Record the results in the M&A Sell Playbook.

      Communication and change

      Prepare key stakeholders for the potential changes

      • Anytime you are starting a project or program that will depend on users and stakeholders to give up their old way of doing things, change will force people to become novices again, leading to lost productivity and added stress.
      • Change management can improve outcomes for any project where you need people to adopt new tools and procedures, comply with new policies, learn new skills and behaviors, or understand and support new processes.
      • M&As move very quickly, and it can be very difficult to keep track of which stakeholders you need to be communicating with and what you should be communicating.
      • Not all organizations embrace or resist change in the same ways. Base your change communications on your organization’s cultural appetite for change in general.
        • Organizations with a low appetite for change will require more direct, assertive communications.
        • Organizations with a high appetite for change are more suited to more open, participatory approaches.

      Three key dimensions determine the appetite for cultural change:

      • Power Distance. Refers to the acceptance that power is distributed unequally throughout the organization.
        In organizations with a high power distance, the unequal power distribution is accepted by the less powerful employees.
      • Individualism. Organizations that score high in individualism have employees who are more independent. Those who score low in individualism fall into the collectivism side, where employees are strongly tied to one another or their groups.
      • Uncertainty Avoidance. Describes the level of acceptance that an organization has toward uncertainty. Those who score high in this area find that their employees do not favor uncertain situations, while those that score low in this area find that their employees are comfortable with change and uncertainty.

      2.2.3 Create the communication plan

      1-2 hours

      Input: IT’s M&A mission, vision, and guiding principles, M&A transition team, IT separation strategy, RACI

      Output: IT’s M&A communication plan

      Materials: Flip charts/whiteboard, Markers, RACI, M&A Sell Playbook

      Participants: IT executive/CIO, IT senior leadership, Company M&A team

      The purpose of this activity is to create a communication plan that IT can leverage throughout the initiative.

      1. Create a structured communication plan that allows for continuous communication with the integration management office, senior management, and the business functional heads.
      2. Outline key topics of communication, with stakeholders, inputs, and outputs for each topic.
      3. Review Info-Tech’s example communication plan in the M&A Sell Playbook and update it with relevant information.
      4. Does this communication plan make sense for your organization? What doesn’t make sense? Adjust the communication guide to suit your organization.

      Record the results in the M&A Sell Playbook.

      Assessing potential organizations

      As soon as you have identified organizations to consider, it’s imperative to assess critical risks. Most IT leaders can attest that they will receive little to no notice when the business is pursuing a sale and IT has to assess the IT organization. As a result, having a standardized template to quickly assess the potential acquiring organization is important.

      Ways to Assess

      1. News: Assess what sort of news has been announced in relation to the organization. Have they had any risk incidents? Has a critical vendor announced working with them?
      2. LinkedIn: Scan through the LinkedIn profiles of employees. This will give you a sense of what platforms they have based on employees. It will also give insight into positive or negative employee experiences that could impact retention.
      3. Trends: Some industries will have specific solutions that are relevant and popular. Assess what the key players are (if you don’t already know) to determine the solution.
      4. Business Architecture: While this assessment won’t perfect, try to understand the business’ value streams and the critical business and IT capabilities that would be needed to support them. Will your organization or employee skills be required to support these long term?

      Info-Tech Insight

      Assessing potential organizations is not just for the purchaser. The seller should also know what the purchasing organization’s history with M&As is and what potential risks could occur if remaining connected through ongoing SLAs.

      2.2.4 Assess the potential organization(s)

      1-2 hours

      Input: Publicized historical risk events, Solutions and vendor contracts likely in the works, Trends

      Output: IT’s valuation of the potential organization(s) for selling or divesting

      Materials: M&A Sell Playbook

      Participants: IT executive/CIO

      The purpose of this activity is to assess the organization(s) that your organization is considering selling or divesting to.

      1. Complete the Historical Valuation Worksheet in the M&A Sell Playbook to understand the type of IT organization that your company may support.
        • The business likely isn’t looking for in-depth details at this time. However, as the IT leader, it is your responsibility to ensure critical risks are identified and communicated to the business.
      2. Use the information identified to help the business narrow down which organizations could be the right organizations to sell or divest to.

      Record the results in the M&A Sell Playbook.

      By the end of this pre-transaction phase you should:

      Have a program plan for M&As and a repeatable M&A strategy for IT when engaging in reduction transactions

      Key outcomes from the Discovery & Strategy phase
      • Prepare the IT environment to support the potential sale or divestiture by identifying critical program plan elements and establishing a separation or carve-out strategy that will enable the business to reach its goals.
      • Create a M&A strategy that accounts for all the necessary elements of a transaction and ensures sufficient governance, capabilities, and metrics exist.
      Key deliverables from the Discovery & Strategy phase
      • Create vision and mission statements
      • Establish guiding principles
      • Create a future-state operating model
      • Identify the key roles for the transaction team
      • Identify and communicate the M&A governance
      • Determine target metrics
      • Identify the M&A operating model
      • Select the separation strategy framework
      • Conduct a RACI for key transaction tasks for the transaction team
      • Document the communication plan

      M&A Sell Blueprint

      Phase 3

      Due Diligence & Preparation

      Phase 1Phase 2

      Phase 3

      		Phase 4
      • 1.1 Identify Stakeholders and Their Perspective of IT
      • 1.2 Assess IT’s Current Value and Future State
      • 1.3 Drive Innovation and Suggest Reduction Opportunities
      • 2.1 Establish the M&A Program Plan
      • 2.2 Prepare IT to Engage in the Separation or Sale
      • 3.1 Engage in Due Diligence and Prepare Staff
      • 3.2 Prepare to Separate
      • 4.1 Execute the Transaction
      • 4.2 Reflection and Value Realization

      This phase will walk you through the following activities:

      • Drive value with a due diligence charter
      • Gather data room artifacts
      • Measure staff engagement
      • Assess culture
      • Create a carve-out roadmap
      • Prioritize separation tasks
      • Establish the separation roadmap
      • Identify the buyer’s IT expectations
      • Create a service/transaction agreement
      • Estimate separation costs
      • Create an employee transition plan
      • Create functional workplans for employees
      • Align project metrics with identified tasks

      This phase involves the following participants:

      • IT executive/CIO
      • IT senior leadership
      • Company M&A team
      • Business leaders
      • Purchasing organization
      • Transition team

      Workshop Overview

      Contact your account representative for more information.
      workshops@infotech.com 1-888-670-8889

      Pre-Work

      Day 1

      Day 2

      Day 3

      Day 4

      Day 5

      Establish the Transaction FoundationDiscover the Motivation for SeparationIdentify Expectations and Create the Carve-Out RoadmapPrepare and Manage EmployeesPlan the Separation RoadmapNext Steps and Wrap-Up (offsite)

      Activities

      • 0.1 Identify the rationale for the company's decision to pursue a divestiture/sale.
      • 0.2 Identify key stakeholders and determine the IT transaction team.
      • 0.3 Gather and evaluate the M&A strategy, future-state operating model, and governance.
      • 1.1 Review the business rationale for the divestiture/sale.
      • 1.2 Identify pain points and opportunities tied to the divestiture/sale.
      • 1.3 Establish the separation strategy.
      • 1.4 Create the due diligence charter.
      • 2.1 Identify the buyer’s IT expectations.
      • 2.2 Create a list of IT artifacts to be reviewed in the data room.
      • 2.3 Create a carve-out roadmap.
      • 2.4 Create a service/technical transaction agreement.
      • 3.1 Measure staff engagement.
      • 3.2 Assess the current culture and identify the goal culture.
      • 3.3 Create an employee transition plan.
      • 3.4 Create functional workplans for employees.
      • 4.1 Prioritize separation tasks.
      • 4.2 Establish the separation roadmap.
      • 4.3 Establish and align project metrics with identified tasks.
      • 4.4 Estimate separation costs.
      • 5.1 Complete in-progress deliverables from previous four days.
      • 5.2 Set up review time for workshop deliverables and to discuss next steps.

      Deliverables

      1. IT strategy
      2. IT operating model
      3. IT governance structure
      4. M&A transaction team
      1. Business context implications for IT
      2. Separation strategy
      3. Due diligence charter
      1. Data room artifacts identified
      2. Carve-out roadmap
      3. Service/technical transaction agreement
      1. Engagement assessment
      2. Culture assessment
      3. Employee transition plans and workplans
      1. Separation roadmap and associated resourcing
      1. Divestiture separation strategy for IT

      What is the Due Diligence & Preparation phase?

      Mid-transaction state

      The Due Diligence & Preparation phase during a sale or divestiture is a critical time for IT. If IT fails to proactively participate in this phase, IT will have to merely react to separation expectations set by the business.

      If your organization is being sold in its entirety, staff will have major concerns about their future in the new organization. Making this transition as smooth as possible and being transparent could go a long way in ensuring their success in the new organization.

      In a divestiture, this is the time to determine where it’s possible for the organization to divide or separate from itself. A lack of IT involvement in these conversations could lead to an overcommitment by the business and under-delivery by IT.

      Goal: To ensure that, as the selling or divesting organization, you comply with regulations, prepare staff for potential changes, and identify a separation strategy if necessary

      Due Diligence Prerequisite Checklist

      Before coming into the Due Diligence & Preparation phase, you must have addressed the following:

      • Understand the rationale for the company's decision to pursue a sale or divestiture and what opportunities or pain points the sale should alleviate.
      • Identify the key roles for the transaction team.
      • Identify the M&A governance.
      • Determine target metrics.
      • Select a separation strategy framework.
      • Conduct a RACI for key transaction tasks for the transaction team.

      Before coming into the Due Diligence & Preparation phase, we recommend addressing the following:

      • Create vision and mission statements.
      • Establish guiding principles.
      • Create a future-state operating model.
      • Identify the M&A operating model.
      • Document the communication plan.
      • Examine the business perspective of IT.
      • Identify key stakeholders and outline their relationship to the M&A process.
      • Be able to valuate the IT environment and communicate IT’s value to the business.

      The Technology Value Trinity

      Delivery of Business Value & Strategic Needs

      • Digital & Technology Strategy
        The identification of objectives and initiatives necessary to achieve business goals.
      • IT Operating Model
        The model for how IT is organized to deliver on business needs and strategies.
      • Information & Technology Governance
        The governance to ensure the organization and its customers get maximum value from the use of information and technology.

      All three elements of the Technology Value Trinity work in harmony to deliver business value and achieve strategic needs. As one changes, the others need to change as well.

      • Digital and IT Strategy tells you what you need to achieve to be successful.
      • IT Operating Model and Organizational Design is the alignment of resources to deliver on your strategy and priorities.
      • Information & Technology Governance is the confirmation of IT’s goals and strategy, which ensures the alignment of IT and business strategy. It’s the mechanism by which you continuously prioritize work to ensure that what is delivered is in line with the strategy. This oversight evaluates, directs, and monitors the delivery of outcomes to ensure that the use of resources results in the achieving the organization’s goals.

      Too often strategy, operating model and organizational design, and governance are considered separate practices. As a result, “strategic documents” end up being wish lists, and projects continue to be prioritized based on who shouts the loudest – not based on what is in the best interest of the organization.

      Due Diligence & Preparation

      Step 3.1

      Engage in Due Diligence and Prepare Staff

      Activities

      • 3.1.1 Drive value with a due diligence charter
      • 3.1.2 Gather data room artifacts
      • 3.1.3 Measure staff engagement
      • 3.1.4 Assess culture

      This step involves the following participants:

      • IT executive/CIO
      • IT senior leadership
      • Company M&A team
      • Business leaders
      • Prospective IT organization
      • Transition team

      Outcomes of Step

      This step of the process is when IT should prepare and support the business in due diligence and gather the necessary information about staff changes.

      3.1.1 Drive value with a due diligence charter

      1-2 hours

      Input: Key roles for the transaction team, M&A governance, Target metrics, Selected separation strategy framework, RACI of key transaction tasks for the transaction team

      Output: IT Due Diligence Charter

      Materials: M&A Sell Playbook

      Participants: IT executive/CIO, IT senior leadership, Company M&A team

      The purpose of this activity is to create a charter leveraging the items completed in the previous phase, as listed on the Due Diligence Prerequisite Checklist slide, to gain executive sign-off.

      1. In the IT Due Diligence Charter in the M&A Sell Playbook, complete the aspects of the charter that are relevant for you and your organization.
      2. We recommend including these items in the charter:
        • Communication plan
        • Transition team roles
        • Goals and metrics for the transaction
        • Separation strategy
        • Sale/divestiture RACI
      3. Once the charter has been completed, ensure that business executives agree to the charter and sign off on the plan of action.

      Record the results in the M&A Sell Playbook.

      3.1.2 Gather data room artifacts

      4 hours

      Input: Future-state operating model, M&A governance, Target metrics, Selected separation strategy framework, RACI of key transaction tasks for the transaction team

      Output: List of items to acquire and verify can be provided to the purchasing organization while in the data room

      Materials: Critical domain lists on following slides, M&A Sell Playbook

      Participants: IT executive/CIO, IT senior leadership, Company M&A team, Transition team, Legal team, Compliance/privacy officers

      The purpose of this activity is to create a list of the key artifacts that you could be asked for during the due diligence process.

      1. Review the lists on the following pages as a starting point. Identify which domains, stakeholders, artifacts, and information should be requested for the data room.
      2. IT leadership may or may not be asked to enter the data room directly. The short notice for having to find these artifacts for the purchasing organization can leave your IT organization scrambling. Identify the critical items worth obtaining ahead of time.
      3. Once you have identified the artifacts, provide the list to the legal team or compliance/privacy officers and ensure they also agree those items can be provided. If changes to the documents need to be made, take the time to do so.
      4. Store all items in a safe and secure file or provide to the M&A team ahead of due diligence.

      **Note that if your organization is not leading/initiating the data room, then you can ignore this activity.

      Record the results in the M&A Sell Playbook.

      Critical domains

      Understand the key stakeholders and outputs for each domain

      Domain

      Stakeholders

      Key Artifacts

      Key Information to request
      Business
      • Enterprise Architecture
      • Business Relationship Manager
      • Business Process Owners
      • Business capability map
      • Capability map (the M&A team should be taking care of this, but make sure it exists)
      • Business satisfaction with various IT systems and services
      Leadership/IT Executive
      • CIO
      • CTO
      • CISO
      • IT budgets
      • IT capital and operating budgets (from current year and previous year)
      Data & Analytics
      • Chief Data Officer
      • Data Architect
      • Enterprise Architect
      • Master data domains, system of record for each
      • Unstructured data retention requirements
      • Data architecture
      • Master data domains, sources, and storage
      • Data retention requirements
      Applications
      • Applications Manager
      • Application Portfolio Manager
      • Application Architect
      • Applications map
      • Applications inventory
      • Applications architecture
      • Copy of all software license agreements
      • Copy of all software maintenance agreements
      Infrastructure
      • Head of Infrastructure
      • Enterprise Architect
      • Infrastructure Architect
      • Infrastructure Manager
      • Infrastructure map
      • Infrastructure inventory
      • Network architecture (including which data centers host which infrastructure and applications)
      • Inventory (including separation capabilities of vendors, versions, switches, and routers)
      • Copy of all hardware lease or purchase agreements
      • Copy of all hardware maintenance agreements
      • Copy of all outsourcing/external service provider agreements
      • Copy of all service-level agreements for centrally provided, shared services and systems
      Products and Services
      • Product Manager
      • Head of Customer Interactions
      • Product lifecycle
      • Product inventory
      • Customer market strategy

      Critical domains (continued)

      Understand the key stakeholders and outputs for each domain

      Domain

      Stakeholders

      Key Artifacts

      Key Information to request

      Operations
      • Head of Operations
      • Service catalog
      • Service overview
      • Service owners
      • Access policies and procedures
      • Availability and service levels
      • Support policies and procedures
      • Costs and approvals (internal and customer costs)
      IT Processes
      • CIO
      • IT Management
      • VP of IT Governance
      • VP of IT Strategy
      • IT process flow diagram
      • Processes in place and productivity levels (capacity)
      • Critical processes/processes the organization feels they do particularly well
      IT People
      • CIO
      • VP of Human Resources
      • IT organizational chart
      • Competency & capacity assessment
      • IT organizational structure (including resources from external service providers such as contractors) with appropriate job descriptions or roles and responsibilities
      • IT headcount and location
      Security
      • CISO
      • Security Architect
      • Security posture
      • Information security staff
      • Information security service providers
      • Information security tools
      • In-flight information security projects
      Projects
      • Head of Projects
      • Project portfolio
      • List of all future, ongoing, and recently completed projects
      Vendors
      • Head of Vendor Management
      • License inventory
      • Inventory (including what will and will not be transitioning, vendors, versions, number of licenses)

      Retain top talent throughout the transition

      Focus on retention and engagement

      • People are such a critical component of this process, especially in the selling organization.
      • Retaining employees, especially the critical employees who hold specific skills or knowledge, will ensure the success and longevity of the divesting organization, purchasing organization, or the new company.
      • Giving employees a role in the organization and ensuring they do not see their capabilities as redundant will be critical to the process.
      • It is okay if employees need to change what they were doing temporarily or even long-term. However, being transparent about these changes and highlighting their value to the process and organization(s) will help.
      • The first step to moving forward with retention is to look at the baseline engagement and culture of employees and the organization. This will help determine where to focus and allow you to identify changes in engagement that resulted from the transaction.
      • Job engagement drivers are levers that influence the engagement of employees in their day-to-day roles.
      • Organizational engagement drivers are levers that influence an employee’s engagement with the broader organization.
      • Retention drivers are employment needs. They don’t necessarily drive engagement, but they must be met for engagement to be possible.

      3.1.3 Measure staff engagement

      3-4 hours

      Input: Engagement survey

      Output: Baseline engagement scores

      Materials: Build an IT Employee Engagement Program

      Participants: IT executive/CIO, IT senior leadership, IT employees of current organization

      The purpose of this activity is to measure current staff engagement to have a baseline to measure against in the future state. This is a good activity to complete if you will be divesting or selling in entirety.

      The results from the survey should act as a baseline to determine what the organization is doing well in terms of employee engagement and what drivers could be improved upon.

      1. Review Info-Tech’s Build an IT Employee Engagement Program research and select a survey that will best meet your needs.
      2. Conduct the survey and note which drivers employees are currently satisfied with. Likewise, note where there are opportunities.
      3. Document actions that should be taken to mitigate the negative engagement drivers throughout the transaction and enhance or maintain the positive engagement drivers.

      Record the results in the M&A Sell Playbook.

      Assess culture as a part of engagement

      Culture should not be overlooked, especially as it relates to the separation of IT environments

      • There are three types of culture that need to be considered.
      • Most importantly, this transition is an opportunity to change the culture that might exist in your organization’s IT environment.
      • Make a decision on which type of culture you’d like IT to have post transition.

      Target Organization's Culture. The culture that the target organization is currently embracing. Their established and undefined governance practices will lend insight into this.

      Your Organization’s Culture. The culture that your organization is currently embracing. Examine people’s attitudes and behaviors within IT toward their jobs and the organization.

      Ideal Culture. What will the future culture of the IT organization be once separation is complete? Are there aspects that your current organization and the target organization embrace that are worth considering?

      Culture categories

      Map the results of the IT Culture Diagnostic to an existing framework

      Competitive
      • Autonomy
      • Confront conflict directly
      • Decisive
      • Competitive
      • Achievement oriented
      • Results oriented
      • High performance expectations
      • Aggressive
      • High pay for good performance
      • Working long hours
      • Having a good reputation
      • Being distinctive/different
      Innovative
      • Adaptable
      • Innovative
      • Quick to take advantage of opportunities
      • Risk taking
      • Opportunities for professional growth
      • Not constrained by rules
      • Tolerant
      • Informal
      • Enthusiastic
      Traditional
      • Stability
      • Reflective
      • Rule oriented
      • Analytical
      • High attention to detail
      • Organized
      • Clear guiding philosophy
      • Security of employment
      • Emphasis on quality
      • Focus on safety
      Cooperative
      • Team oriented
      • Fair
      • Praise for good performance
      • Supportive
      • Calm
      • Developing friends at work
      • Socially responsible

      Culture Considerations

      • What culture category was dominant for each IT organization?
      • Do you share the same dominant category?
      • Is your current dominant culture category the most ideal to have post-separation?

      3.1.4 Assess Culture

      3-4 hours

      Input: Cultural assessments for current IT organization, Cultural assessment for target IT organization

      Output: Goal for IT culture

      Materials: IT Culture Diagnostic

      Participants: IT executive/CIO, IT senior leadership, IT employees of current organization, IT employees of target organization, Company M&A team

      The purpose of this activity is to assess the different cultures that might exist within the IT environments of the organizations involved. By understanding the culture that exists in the purchasing organization, you can identify the fit and prepare impacted staff for potential changes.

      1. Complete this activity by leveraging the blueprint Fix Your IT Culture, specifically the IT Culture Diagnostic.
      2. Fill out the diagnostic for the IT department in your organization:
        1. Answer the 16 questions in tab 2, Diagnostic.
        2. Find out your dominant culture and review recommendations in tab 3, Results.
      3. Document the results from tab 3, Results, in the M&A Sell Playbook if you are trying to record all artifacts related to the transaction in one place.
      4. Repeat the activity for the purchasing organization.
      5. Leverage the information to determine what the goal for the culture of IT will be post-separation if it will differ from the current culture.

      Record the results in the M&A Sell Playbook.

      Due Diligence & Preparation

      Step 3.2

      Prepare to Separate

      Activities

      • 3.2.1 Create a carve-out roadmap
      • 3.2.2 Prioritize separation tasks
      • 3.2.3 Establish the separation roadmap
      • 3.2.4 Identify the buyer’s IT expectations
      • 3.2.5 Create a service/transaction agreement
      • 3.2.6 Estimate separation costs
      • 3.2.7 Create an employee transition plan
      • 3.2.8 Create functional workplans for employees
      • 3.2.9 Align project metrics with identified tasks

      This step involves the following participants:

      • IT executive/CIO
      • IT senior leadership
      • Transition team
      • Company M&A team
      • Purchasing organization

      Outcomes of Step

      Have an established plan of action toward separation across all domains and a strategy toward resources.

      Don’t underestimate the importance of separation preparation

      Separation involves taking the IT organization and dividing it into two or more separate entities.

      Testing the carve capabilities of the IT organization often takes 3 months. (Source: Cognizant, 2014)

      Daimler-Benz lost nearly $19 billion following its purchase of Chrysler by failing to recognize the cultural differences that existed between the two car companies. (Source: Deal Room)

      Info-Tech Insight

      Separating the IT organization requires more time and effort than business leaders will know. Frequently communicate challenges and lost opportunities when carving the IT environment out.

      Separation needs

      Identify the business objectives of the sale to determine the IT strategy

      Set up a meeting with your IT due diligence team to:

      • Ensure there will be no gaps in the delivery of products and services in the future state.
      • Discuss the people and processes necessary to achieve the target technology environment and support M&A business objectives.

      Use this opportunity to:

      • Identify data and application complexities between the involved organizations.
      • Identify the IT people and process gaps, initiatives, and levels of support expected.
      • Determine your infrastructure needs to ensure effectiveness and delivery of services:
        • Does IT have the infrastructure to support the applications and business capabilities?
        • Identify any gaps between the current infrastructure in both organizations and the infrastructure required.
        • Identify any redundancies/gaps.
        • Determine the appropriate IT separation strategies.
      • Document your gaps, redundancies, initiatives, and assumptions to help you track and justify the initiatives that must be undertaken and help estimate the cost of separation.

      Separation strategies

      There are several IT separation strategies that will let you achieve your target technology environment.

      IT Separation Strategies
      • Divest. Carve out elements of the IT organization and sell them to a purchasing organization with or without a service-level agreement.
      • Sell. Sell the entire IT environment to a purchasing organization. The purchasing organization takes full responsibility in delivering and running the IT environment.
      • Spin-Off Joint Venture. Carve out elements of the IT organization and combine them with elements of a new or purchasing organization to create a new entity.

      The approach IT takes will depend on the business objectives for the M&A.

      • Generally speaking, the separation strategy is well understood and influenced by the frequency of and rationale for selling.
      • Based on the initiatives generated by each business process owner, you need to determine the IT separation strategy that will best support the desired target technology environment, especially if you are still operating or servicing elements of that IT environment.

      Key considerations when choosing an IT separation strategy include:

      • What are the main business objectives of the M&A?
      • What are the key synergies expected from the transaction?
      • What IT separation strategy best helps obtain these benefits?
      • What opportunities exist to position the business for sustainable and long-term growth?

      Separation strategies in detail

      Review highlights and drawbacks of different separation strategies

      Divest
        Highlights
      • Recommended for businesses striving to reduce costs and potentially even generate revenue for the business through the delivery of SLAs.
      • Opportunity to reduce or scale back on lines of business or products that are not driving profits.
        Drawbacks
      • May be forced to give up critical staff that have been known to deliver high value.
      • The IT department is left to deliver services to the purchasing organization with little support or consideration from the business.
      • There can be increased risk and security concerns that need to be addressed.
      Sell
        Highlights
      • Recommended for businesses looking to gain capital to exit the market profitably or to enter a new market with a large sum of capital.
      • The business will no longer exist, and as a result all operational costs, including IT, will become redundant.
        Drawbacks
      • IT is no longer needed as an operating or capital service for the organization.
      • Lost resources, including highly trained and critical staff.
      • May require packaging employees off and using the profit or capital generated to cover any closing costs.
      Spin-Off or Joint Venture
        Highlights
      • Recommended for businesses looking to expand their market presence or acquire new products. Essentially aligning the two organizations in the same market.
      • Each side has a unique offering but complementing capabilities.
        Drawbacks
      • As much as the organization is going through a separation from the original company, it will be going through an integration with the new company.
      • There could be differences in culture.
      • This could require a large amount of investment without a guarantee of profit or success.

      Preparing the carve-out roadmap

      And why it matters so much

      • When carving out the IT environment in preparation for a divestiture, it’s important to understand the infrastructure, application, and data connections that might exist.
      • Much to the business’ surprise, carving out the IT environment is not easy, especially when considering the services and products that might depend on access to certain applications or data sets.
      • Once the business has indicated which elements they anticipate divesting, be prepared for testing the functionality and ability of this carve-out, either through automation or manually. There are benefits and drawbacks to both methods:
        • Automated requires a solution and a developer to code the tests.
        • Manual requires time to find the errors, possibly more time than automated testing.
      • Identify if there are dependencies that will make the carve-out difficult.
        • For example, the business is trying to divest Product X, but that product is integrated with Product Y, which is not being sold.
        • Consider all the processes and products that specific data might support as well.
        • Moreover, the data migration tool will need to enter the ERP system and identify not just the data but all supporting and historical elements that underlie the data.

      Critical components to consider:

      • Selecting manual or automated testing
      • Determining data dependencies
      • Data migration capabilities
      • Auditing approval
      • People and skills that support specific elements being carved out

      3.2.1 Create a carve-out roadmap

      6 hours

      Input: Items included in the carve-out, Dependencies, Whether testing is completed, If the carve-out will pass audit, If the carve-out item is prepared to be separated

      Output: Carve-out roadmap

      Materials: Business’ divestiture plan, M&A Sell Playbook

      Participants: IT executive/CIO, IT senior leadership, Business leaders, Transition team

      The purpose of this activity is to prepare the IT environment by identifying a carve-out roadmap, specifically looking at data, infrastructure, and applications. Feel free to expand the roadmap to include other categories as your organization sees fit.

      1. In the Carve-Out Roadmap in the M&A Sell Playbook, identify the key elements of the carve-out in the first column.
      2. Note any dependencies the items might have. For example:
        • The business is selling Product X, which is linked to Data X and Data Y. The organization does not want to sell Data Y. Data X would be considered dependent on Data Y.
      3. Once the dependencies have been confirmed, begin automated or manual testing to examine the possibility of separating the data sets (or other dependencies) from one another.
      4. After identifying an acceptable method of separation, inform the auditing individual or body and confirm that there would be no repercussions for the planned process.

      Record the results in the M&A Sell Playbook.

      3.2.2 Prioritize separation tasks

      2 hours

      Input: Separation tasks, Transition team, M&A RACI

      Output: Prioritized separation list

      Materials: Separation task checklist, Separation roadmap

      Participants: IT executive/CIO, IT senior leadership, Company M&A team

      The purpose of this activity is to prioritize the different separation tasks that your organization has identified as necessary to this transaction. Some tasks might not be relevant for this particular transaction, and others might be critical.

      1. Begin by downloading the SharePoint or Excel version of the M&A Separation Project Management Tool.
      2. Identify which separation tasks you want to have as part of your project plan. Alter or remove any tasks that are irrelevant to your organization. Add in tasks you think are missing.
      3. When deciding criticality of the task, consider the effect on stakeholders, those who are impacted or influenced in the process of the task, and dependencies (e.g. data strategy needs to be addressed first before you can tackle its dependencies, like data quality).
      4. Feel free to edit the way you measure criticality. The standard tool leverages a three-point scale. At the end, you should have a list of tasks in priority order based on criticality.

      Record the updates in the M&A Separation Project Management Tool (SharePoint).

      Record the updates in the M&A Separation Project Management Tool (Excel).

      Separation checklists

      Prerequisite Checklist
      • Build the project plan for separation and prioritize activities
        • Plan first day
        • Plan first 30/100 days
        • Plan first year
      • Create an organization-aligned IT strategy
      • Identify critical stakeholders
      • Create a communication strategy
      • Understand the rationale for the sale or divestiture
      • Develop IT's sale/divestiture strategy
        • Determine goal opportunities
        • Create the mission and vision statements
        • Create the guiding principles
        • Create program metrics
      • Consolidate reports from due diligence/data room
      • Conduct culture assessment
      • Create a transaction team
      • Establish a service/technical transaction agreement
      • Plan and communicate culture changes
      • Create an employee transition plan
      • Assess baseline engagement
      Business
      • Design an enterprise architecture
      • Document your business architecture
      • Meet compliance and regulatory standards
      • Identify and assess all of IT's risks
      Applications
      • Prioritize and address critical applications
        • CRM
        • HRIS
        • Financial
        • Sales
        • Risk
        • Security
        • ERP
        • Email
      • Develop method of separating applications
      • Model critical applications that have dependencies on one another
      • Identify the infrastructure capacity required to support critical applications
      • Prioritize and address critical applications
      Leadership/IT Executive
      • Build an IT budget
      • Structure operating budget
      • Structure capital budget
      • Identify the workforce demand vs. capacity
      • Establish and monitor key metrics
      • Communicate value realized/cost savings
      Data
      • Confirm data strategy
      • Confirm data governance
      • Build a data architecture roadmap
      • Analyze data sources and domains
      • Evaluate data storage (on-premises vs. cloud)
      • Develop an enterprise content management strategy and roadmap
      • Ensure cleanliness/usability of data sets
      • Identify data sets that can remain operational if reduced/separated
      • Develop reporting and analytics capabilities
      • Confirm data strategy
      Operations
      • Manage sales access to customer data
      • Determine locations and hours of operation
      • Separate/terminate phone lists and extensions
      • Split email address books
      • Communicate helpdesk/service desk information

      Separation checklists (continued)

      Infrastructure
      • Manage organization domains
      • Consolidate data centers
      • Compile inventory of vendors, versions, switches, and routers
      • Review hardware lease or purchase agreements
      • Review outsourcing/service provider agreements
      • Review service-level agreements
      • Assess connectivity linkages between locations
      • Plan to migrate to a single email system if necessary
      • Determine network access concerns
      Vendors
      • Establish a sustainable vendor management office
      • Review vendor landscape
      • Identify warranty options
      • Identify the licensing grant
      • Rationalize vendor services and solutions
      People
      • Design an IT operating model
      • Design your future IT organizational structure
      • Conduct a RACI for prioritized activities
      • Conduct a culture assessment and identify goal IT culture
      • Build an IT employee engagement program
      • Determine critical roles and systems/process/products they support
      • Define new job descriptions with meaningful roles and responsibilities
      • Create employee transition plans
      • Create functional workplans
      Projects
      • Identify projects to be on hold
      • Communicate project intake process
      • Reprioritize projects
      Products & Services
      • Redefine service catalog
      • Ensure customer interaction requirements are met
      • Select a solution for product lifecycle management
      • Plan service-level agreements
      Security
      • Conduct a security assessment
      • Develop accessibility prioritization and schedule
      • Establish an information security strategy
      • Develop a security awareness and training program
      • Develop and manage security governance, risk, and compliance
      • Identify security budget
      • Build a data privacy and classification program
      IT Processes
      • Evaluate current process models
      • Determine productivity/capacity levels of processes
      • Identify processes to be changed/terminated
      • Establish a communication plan
      • Develop a change management process
      • Establish/review IT policies
      • Evaluate current process models

      3.2.2 Establish the separation roadmap

      2 hours

      Input: Prioritized separation tasks, Carve-out roadmap, Employee transition plan, Separation RACI, Costs for activities, Activity owners

      Output: Separation roadmap

      Materials: M&A Separation Project Plan Tool (SharePoint), M&A Separation Project Plan Tool (Excel), SharePoint Template: Step-by-Step Deployment Guide

      Participants: IT executive/CIO, IT senior leadership, Transition team, Company M&A team

      The purpose of this activity is to create a roadmap to support IT throughout the separation process. Using the information gathered in previous activities, you can create a roadmap that will ensure a smooth separation.

      1. Use our Separation Project Management Tool to help track critical elements in relation to the separation project. There are a few options available:
        1. Follow the instructions on the next slide if you are looking to upload our SharePoint project template. Additional instructions are available in the SharePoint Template Step-by-Step Deployment Guide.
        2. If you cannot or do not want to use SharePoint as your project management solution, download our Excel version of the tool.
          **Remember that this your tool, so customize to your liking.
      2. Identify who will own or be accountable for each of the separation tasks and establish the time frame for when each project should begin and end. This will confirm which tasks should be prioritized.

      Record the updates in the M&A Separation Project Management Tool (SharePoint).

      Record the updates in the M&A Separation Project Management Tool (Excel).

      Separation Project Management Tool (SharePoint Template)

      Follow these instructions to upload our template to your SharePoint environment

      1. Create or use an existing SP site.
      2. Download the M&A Separation Project Management Tool (SharePoint) .wsp file from the Mergers & Acquisitions: The Sell Blueprint landing page.
      3. To import a template into your SharePoint environment, do the following:
        1. Open PowerShell.
        2. Connect-SPO Service (need to install PowerShell module).
        3. Enter in your tenant admin URL.
        4. Enter in your admin credentials.
        5. Set-SPO Site https://YourDomain.sharepoint.com/sites/YourSiteHe... -DenyAddAndCustomizePages 0
        OR
        1. Turn on both custom script features to allow users to run custom
        4. Screenshot of the 'Custom Script' option for importing a template into your SharePoint environment. Feature description reads 'Control whether users can run custom script on personal sites and self-service created sites. Note: changes to this setting might take up to 24 hours to take effect. For more information, see http://go.microsoft.com/fwlink/?LinkIn=397546'. There are options to prevent or allow users from running custom script on personal/self-service created sites.
      4. Enable the SharePoint Server feature.
      5. Upload the .wsp file in Solutions Gallery.
      6. Deploy by creating a subsite and select from custom options.
        • Allow or prevent custom script
        • Security considerations of allowing custom script
        • Save, download, and upload a SharePoint site as a template
        7. Refer to Microsoft documentation to understand security considerations and what is and isn’t supported:

      For more information, check out the SharePoint Template: Step-by-Step Deployment Guide.

      Supporting the transition and establishing service-level agreements

      The purpose of this part of the transition is to ensure both buyer and seller have a full understanding of expectations for after the transaction.

      • Once the organizations have decided to move forward with a deal, all parties need a clear level of agreement.
      • IT, since it is often seen as an operational division of an organization, is often expected to deliver certain services or products once the transaction has officially closed.
      • The purchasing organization or the new company might depend on IT to deliver these services until they are able to provide those services on their own.
      • Having a clear understanding of what the buyer’s expectations are and what your company, as the selling organization, can provide is important.
      • Have a conversation with the buyer and document those expectations in a signed service agreement.

      3.2.4 Identify the buyer's IT expectations

      3-4 hours

      Input: Carve-out roadmap, Separation roadmap, Up-to-date version of the agreement

      Output: Buyer’s IT expectations

      Materials: Questions for meeting

      Participants: IT executive/CIO, IT senior leadership, Company M&A team, Purchasing company M&A team, Purchasing company IT leadership

      The purpose of this activity is to determine if the buyer has specific service expectations for your IT organization. By identifying, documenting, and agreeing on what services your IT organization will be responsible for, you can obtain a final agreement to protect you as the selling organization.

      1. Buyers should not assume certain services will be provided. Organize a meeting with IT leaders and the company M&A teams to determine what services will be provided.
      2. The next slide has a series of questions that you can start from. Ensure you get detailed information about each of the services.
      3. Once you fully understand the buyer’s IT expectations, create an SLA in the next activity and obtain sign-off from both organizations.

      Questions to ask the buyer

      1. What services would you like my IT organization to provide?
      2. How long do you anticipate those services will be provided to you?
      3. How do you expect your staff/employees to communicate requests or questions to my staff/employees?
      4. Are there certain days or times that you expect these services to be delivered?
      5. How many staff do you expect should be available to support you?
      6. What should be the acceptable response time on given service requests?
      7. When it comes to the services you require, what level of support should we provide?
      8. If a service requires escalation to Level 2 or Level 3 support, are we still expected to support this service? Or are we only Level 1 support?
      9. What preventative security methods does your organization have to protect our environment during this agreement period?

      3.2.5 Create a service/ transaction agreement

      6 hours

      Input: Buyer's expectations, Separation roadmap

      Output: SLA for the purchasing organization

      Materials: Service Catalog Internal Service Level Agreement Template, M&A Separation Project Plan Tool (SharePoint), M&A Separation Project Plan Tool (Excel)

      Participants: IT executive/CIO, IT senior leadership, Company M&A team, Purchasing company M&A team, Purchasing company IT leadership

      The purpose of this activity is to determine if the buyer has specific service expectations for your IT organization post-transaction that your IT organization is agreeing to provide.

      1. Document the expected services and the related details in a service-level agreement.
      2. Provide the SLA to the purchasing organization.
      3. Obtain sign-off from both organizations on the level of service that is expected of IT.
      4. Update the M&A Separation Project Management Tool Excel or SharePoint document to reflect any additional items that the purchasing organization identified.

      *For organizations being purchased in their entirety, this activity may not be relevant.

      Modify the Service Catalog Internal Service Level Agreement with the agreed-upon terms of the SLA.

      Importance of estimating separation costs

      Change is the key driver of separation costs

      Separation costs are dependent on the following:
      • Meeting synergy targets – whether that be cost saving or growth related.
        • Employee-related costs, licensing, and reconfiguration fees play a huge part in meeting synergy targets.
      • Adjustments related to compliance or regulations – especially if there are changes to legal entities, reporting requirements, or risk mitigation standards.
      • Governance or third party–related support required to ensure timelines are met and the separation is a success.
      Separation costs vary by industry type.
      • Certain industries may have separation costs made up of mostly one type, differing from other industries, due to the complexity and demands of the transaction. For example:
        • Healthcare separation costs are mostly driven by regulatory, safety, and quality standards, as well as consolidation of the research and development function.
        • Energy and Utilities tend to have the lowest separation costs due to most transactions occurring within the same sector rather than as cross-sector investments. For example, oil and gas transactions tend to be for oil fields and rigs (strategic fixed assets), which can easily be added to the buyer’s portfolio.

      Separation costs are more related to the degree of change required than the size of the transaction.

      3.2.6 Estimate separation costs

      3-4 hours

      Input: Separation tasks, Transition team, Valuation of current IT environment, Valuation of target IT environment, Outputs from data room, Technical debt, Employees

      Output: List of anticipated costs required to support IT separation

      Materials: Separation task checklist, Separation roadmap, M&A Sell Playbook

      Participants: IT executive/CIO, IT senior leadership, Company M&A team, Transition team

      The purpose of this activity is to estimate the costs that will be associated with the separation. Identify and communicate a realistic figure to the larger M&A team within your company as early in the process as possible. This ensures that the funding required for the transaction is secured and budgeted for in the overarching transaction.

      1. On the associated slide in the M&A Sell Playbook, input:
        • Task
        • Domain
        • Cost type
        • Total cost amount
        • Level of certainty around the cost
      2. Provide a copy of the estimated costs to the company’s M&A team. Also provide any additional information identified earlier to help them understand the importance of those costs.

      Record the results in the M&A Sell Playbook.

      Employee transition planning

      Considering employee impact will be a huge component to ensure successful separation

      • Meet With Leadership
      • Plan Individual and Department Redeployment
      • Plan Individual and Department Layoffs
      • Monitor and Manage Departmental Effectiveness
      • For employees, the transition could mean:
        • Changing from their current role to a new role to meet requirements and expectations throughout the transition.
        • Being laid off because the role they are currently occupying has been made redundant.
      • It is important to plan for what the M&A separation needs will be and what the IT operational needs will be.
      • A lack of foresight into this long-term plan could lead to undue costs and headaches trying to retain critical staff, rehiring positions that were already let go, and keeping redundant employees longer then necessary.

      Info-Tech Insight

      Being transparent throughout the process is critical. Do not hesitate to tell employees the likelihood that their job may be made redundant. This will ensure a high level of trust and credibility for those who remain with the organization after the transaction.

      3.2.7 Create an employee transition plan

      3-4 hours

      Input: IT strategy, IT organizational design

      Output: Employee transition plans

      Materials: M&A Sell Playbook, Whiteboard, Sticky notes, Markers

      Participants: IT executive/CIO, IT senior leadership, Company M&A team, Transition team

      The purpose of this activity is to create a transition plan for employees.

      1. Transition planning can be done at specific individual levels or more broadly to reflect a single role. Consider these four items in the transition plan:
        • Understand the direction of the employee transitions.
        • Identify employees that will be involved in the transition (moved or laid off).
        • Prepare to meet with employees.
        • Meet with employees.
      2. For each employee that will be facing some sort of change in their regular role, permanent or temporary, create a transition plan.
      3. For additional information on transitioning employees, review the blueprint Streamline Your Workforce During a Pandemic.

      **Note that if someone’s future role is a layoff, then there is no need to record anything for skills needed or method for skill development.

      Record the results in the M&A Sell Playbook.

      3.2.8 Create functional workplans for employees

      3-4 hours

      Input: Prioritized separation tasks, Employee transition plan, Separation RACI, Costs for activities, Activity owners

      Output: Employee functional workplans

      Materials: M&A Sell Playbook, Learning and development tools

      Participants: IT executive/CIO, IT senior leadership, IT management team, Company M&A team, Transition team

      The purpose of this activity is to create a functional workplan for the different employees so that they know what their key role and responsibilities are once the transaction occurs.

      1. First complete the transition plan from the previous activity (3.2.7) and the separation roadmap. Have these documents ready to review throughout this process.
      2. Identify the employees who will be transitioning to a new role permanently or temporarily. Creating a functional workplan is especially important for these employees.
      3. Identify the skills these employees need to have to support the separation. Record this in the corresponding slide in the M&A Sell Playbook.
      4. For each employee, identify someone who will be a point of contact for them throughout the transition.

      It is recommended that each employee have a functional workplan. Leverage the IT managers to support this task.

      Record the results in the M&A Sell Playbook.

      Metrics for separation

      Valuation & Due Diligence

      • % Defects discovered in production
      • $ Cost per user for enterprise applications
      • % In-house-built applications vs. enterprise applications
      • % Owners identified for all data domains
      • # IT staff asked to participate in due diligence
      • Change to due diligence
      • IT budget variance
      • Synergy target

      Execution & Value Realization

      • % Satisfaction with the effectiveness of IT capabilities
      • % Overall end-customer satisfaction
      • $ Impact of vendor SLA breaches
      • $ Savings through cost-optimization efforts
      • $ Savings through application rationalization and technology standardization
      • # Key positions empty
      • % Frequency of staff turnover
      • % Emergency changes
      • # Hours of unplanned downtime
      • % Releases that cause downtime
      • % Incidents with identified problem record
      • % Problems with identified root cause
      • # Days from problem identification to root cause fix
      • % Projects that consider IT risk
      • % Incidents due to issues not addressed in the security plan
      • # Average vulnerability remediation time
      • % Application budget spent on new build/buy vs. maintenance (deferred feature implementation, enhancements, bug fixes)
      • # Time (days) to value realization
      • % Projects that realized planned benefits
      • $ IT operational savings and cost reductions that are related to synergies/divestitures
      • % IT staff–related expenses/redundancies
      • # Days spent on IT separation
      • $ Accurate IT budget estimates
      • % Revenue growth directly tied to IT delivery
      • % Profit margin growth

      3.2.9 Align project metrics with identified tasks

      3-4 hours

      Input: Prioritized separation tasks, Employee transition plan, Separation RACI, Costs for activities, Activity owners, M&A goals

      Output: Separation-specific metrics to measure success

      Materials: Separation roadmap, M&A Sell Playbook

      Participants: IT executive/CIO, IT senior leadership, Transition team

      The purpose of this activity is to understand how to measure the success of the separation project by aligning metrics to each identified task.

      1. Review the M&A goals identified by the business. Your metrics will need to tie back to those business goals.
      2. Identify metrics that align to identified tasks and measure achievement of those goals. For each metric you consider, ask the following questions:
        • What is the main goal or objective that this metric is trying to solve?
        • What does success look like?
        • Does the metric promote the right behavior?
        • Is the metric actionable? What is the story you are trying to tell with this metric?
        • How often will this get measured?
        • Are there any metrics it supports or is supported by?

      Record the results in the M&A Sell Playbook.

      By the end of this mid-transaction phase you should:

      Have successfully evaluated your IT people, processes, and technology to determine a roadmap forward for separating or selling.

      Key outcomes from the Due Diligence & Preparation phase
      • Participate in due diligence activities to comply with regulatory and auditing standards and prepare employees for the transition.
      • Create a separation roadmap that considers the tasks that will need to be completed and the resources required to support separation.
      Key deliverables from the Due Diligence & Preparation phase
      • Drive value with a due diligence charter
      • Gather data room artifacts
      • Measure staff engagement
      • Assess culture
      • Create a carve-out roadmap
      • Prioritize separation tasks
      • Establish the separation roadmap
      • Identify the buyer’s IT expectations
      • Create a service/transaction agreement
      • Estimate separation costs
      • Create an employee transition plan
      • Create functional workplans for employees
      • Align project metrics with identified tasks

      M&A Sell Blueprint

      Phase 4

      Execution & Value Realization

      Phase 1Phase 2Phase 3

      Phase 4

      • 1.1 Identify Stakeholders and Their Perspective of IT
      • 1.2 Assess IT’s Current Value and Future State
      • 1.3 Drive Innovation and Suggest Reduction Opportunities
      • 2.1 Establish the M&A Program Plan
      • 2.2 Prepare IT to Engage in the Separation or Sale
      • 3.1 Engage in Due Diligence and Prepare Staff
      • 3.2 Prepare to Separate
      • 4.1 Execute the Transaction
      • 4.2 Reflection and Value Realization

      This phase will walk you through the following activities:

      • Monitor service agreements
      • Continually update the project plan
      • Confirm separation costs
      • Review IT’s transaction value
      • Conduct a transaction and separation SWOT
      • Review the playbook and prepare for future transactions

      This phase involves the following participants:

      • IT executive/CIO
      • IT senior leadership
      • Vendor management team
      • IT transaction team
      • Company M&A team

      Workshop Overview

      Contact your account representative for more information.
      workshops@infotech.com 1-888-670-8889

      Pre-Work

      Day 1

      Day 2

      Day 3

      Engage in Separation

      Day 4

      Establish the Transaction FoundationDiscover the Motivation for IntegrationPlan the Separation RoadmapPrepare Employees for the TransitionEngage in SeparationAssess the Transaction Outcomes (Must be within 30 days of transaction date)

      Activities

      • 0.1 Identify the rationale for the company's decision to pursue a divestiture/sale.
      • 0.2 Identify key stakeholders and determine the IT transaction team.
      • 0.3 Gather and evaluate the M&A strategy, future-state operating model, and governance.
      • 1.1 Review the business rationale for the divestiture/sale.
      • 1.2 Identify pain points and opportunities tied to the divestiture/sale.
      • 1.3 Establish the separation strategy.
      • 1.4 Create the due diligence charter.
      • 2.1 Prioritize separation tasks.
      • 2.2 Establish the separation roadmap.
      • 2.3 Establish and align project metrics with identified tasks.
      • 2.4 Estimate separation costs.
      • 3.1 Measure staff engagement
      • 3.2 Assess the current culture and identify the goal culture.
      • 3.3 Create an employee transition plan.
      • 3.4 Create functional workplans for employees.
      • S.1 Complete the separation by regularly updating the project plan.
      • S.2 Assess the service/technical transaction agreement.
      • 4.1 Confirm separation costs.
      • 4.2 Review IT’s transaction value.
      • 4.3 Conduct a transaction and separation SWOT.
      • 4.4 Review the playbook and prepare for future transactions.

      Deliverables

      1. IT strategy
      2. IT operating model
      3. IT governance structure
      4. M&A transaction team
      1. Business context implications for IT
      2. Separation strategy
      3. Due diligence charter
      1. Separation roadmap and associated resourcing
      1. Engagement assessment
      2. Culture assessment
      3. Employee transition plans and workplans
      1. Evaluate service/technical transaction agreement
      2. Updated separation project plan
      1. SWOT of transaction
      2. M&A Sell Playbook refined for future transactions

      What is the Execution & Value Realization phase?

      Post-transaction state

      Once the transaction comes to a close, it’s time for IT to deliver on the critical separation tasks. As the selling organization in this transaction, you need to ensure you have a roadmap that properly enables the ongoing delivery of your IT environment while simultaneously delivering the necessary services to the purchasing organization.

      Throughout the separation transaction, some of the most common obstacles IT should prepare for include difficulty separating the IT environment, loss of key personnel, disengaged employees, and security/compliance issues.

      Post-transaction, the business needs to understands the value they received by engaging in the transaction and the ongoing revenue they might obtain as a result of the sale. You also need to ensure that the IT environment is functioning and mitigating any high-risk outcomes.

      Goal: To carry out the planned separation activities and deliver the intended value to the business.

      Execution Prerequisite Checklist

      Before coming into the Execution & Value Realization phase, you must have addressed the following:

      • Understand the rationale for the company's decisions to pursue a sale or divestiture and what opportunities or pain points the sale should alleviate.
      • Identify the key roles for the transaction team.
      • Identify the M&A governance.
      • Determine target metrics.
      • Select a separation strategy framework.
      • Conduct a RACI for key transaction tasks for the transaction team.
      • Create a carve-out roadmap.
      • Prioritize separation tasks.
      • Establish the separation roadmap.
      • Create employee transition plans.

      Before coming into the Execution & Value Realization phase, we recommend addressing the following:

      • Create vision and mission statements.
      • Establish guiding principles.
      • Create a future-state operating model.
      • Identify the M&A operating model.
      • Document the communication plan.
      • Examine the business perspective of IT.
      • Identify key stakeholders and outline their relationship to the M&A process.
      • Establish a due diligence charter.
      • Be able to valuate the IT environment and communicate IT’s value to the business.
      • Gather and present due diligence data room artifacts.
      • Measure staff engagement.
      • Assess and plan for culture.
      • Estimate separation costs.
      • Create functional workplans for employees.
      • Identify the buyer’s IT expectations.
      • Create a service/ transaction agreement.

      Separation checklists

      Prerequisite Checklist
      • Build the project plan for separation and prioritize activities
        • Plan first day
        • Plan first 30/100 days
        • Plan first year
      • Create an organization-aligned IT strategy
      • Identify critical stakeholders
      • Create a communication strategy
      • Understand the rationale for the sale or divestiture
      • Develop IT's sale/divestiture strategy
        • Determine goal opportunities
        • Create the mission and vision statements
        • Create the guiding principles
        • Create program metrics
      • Consolidate reports from due diligence/data room
      • Conduct culture assessment
      • Create a transaction team
      • Establish a service/technical transaction agreement
      • Plan and communicate culture changes
      • Create an employee transition plan
      • Assess baseline engagement
      Business
      • Design an enterprise architecture
      • Document your business architecture
      • Meet compliance and regulatory standards
      • Identify and assess all of IT's risks
      Applications
      • Prioritize and address critical applications
        • CRM
        • HRIS
        • Financial
        • Sales
        • Risk
        • Security
        • ERP
        • Email
      • Develop method of separating applications
      • Model critical applications that have dependencies on one another
      • Identify the infrastructure capacity required to support critical applications
      • Prioritize and address critical applications
      Leadership/IT Executive
      • Build an IT budget
      • Structure operating budget
      • Structure capital budget
      • Identify the workforce demand vs. capacity
      • Establish and monitor key metrics
      • Communicate value realized/cost savings
      Data
      • Confirm data strategy
      • Confirm data governance
      • Build a data architecture roadmap
      • Analyze data sources and domains
      • Evaluate data storage (on-premises vs. cloud)
      • Develop an enterprise content management strategy and roadmap
      • Ensure cleanliness/usability of data sets
      • Identify data sets that can remain operational if reduced/separated
      • Develop reporting and analytics capabilities
      • Confirm data strategy
      Operations
      • Manage sales access to customer data
      • Determine locations and hours of operation
      • Separate/terminate phone lists and extensions
      • Split email address books
      • Communicate helpdesk/service desk information

      Separation checklists (continued)

      Infrastructure
      • Manage organization domains
      • Consolidate data centers
      • Compile inventory of vendors, versions, switches, and routers
      • Review hardware lease or purchase agreements
      • Review outsourcing/service provider agreements
      • Review service-level agreements
      • Assess connectivity linkages between locations
      • Plan to migrate to a single email system if necessary
      • Determine network access concerns
      Vendors
      • Establish a sustainable vendor management office
      • Review vendor landscape
      • Identify warranty options
      • Identify the licensing grant
      • Rationalize vendor services and solutions
      People
      • Design an IT operating model
      • Design your future IT organizational structure
      • Conduct a RACI for prioritized activities
      • Conduct a culture assessment and identify goal IT culture
      • Build an IT employee engagement program
      • Determine critical roles and systems/process/products they support
      • Define new job descriptions with meaningful roles and responsibilities
      • Create employee transition plans
      • Create functional workplans
      Projects
      • Identify projects to be on hold
      • Communicate project intake process
      • Reprioritize projects
      Products & Services
      • Redefine service catalog
      • Ensure customer interaction requirements are met
      • Select a solution for product lifecycle management
      • Plan service-level agreements
      Security
      • Conduct a security assessment
      • Develop accessibility prioritization and schedule
      • Establish an information security strategy
      • Develop a security awareness and training program
      • Develop and manage security governance, risk, and compliance
      • Identify security budget
      • Build a data privacy and classification program
      IT Processes
      • Evaluate current process models
      • Determine productivity/capacity levels of processes
      • Identify processes to be changed/terminated
      • Establish a communication plan
      • Develop a change management process
      • Establish/review IT policies
      • Evaluate current process models

      Execution & Value Realization

      Step 4.1

      Execute the Transaction

      Activities

      • 4.1.1 Monitor service agreements
      • 4.1.2 Continually update the project plan

      This step will walk you through the following activities:

      • Monitor service agreements
      • Continually update the project plan

      This step involves the following participants:

      • IT executive/CIO
      • IT senior leadership
      • Vendor management team
      • IT transaction team
      • Company M&A team

      Outcomes of Step

      Successfully execute the separation of the IT environments and update the project plan, strategizing against any roadblocks as they come.

      Key concerns to monitor during separation

      If you are entering the transaction at this point, consider and monitor the following three items above all else.

      Your IT environment, reputation as an IT leader, and impact on key staff will depend on monitoring these aspects.

      • Risk & Security. Make sure that the channels of communication between the purchasing organization and your IT environment are properly determined and protected. This might include updating or removing employees’ access to certain programs.
      • Retaining Employees. Employees who do not see a path forward in the organization or who feel that their skills are being underused will be quick to move on. Make sure they are engaged before, during, and after the transaction to avoid losing employees.
      • IT Environment Dependencies. Testing the IT environment several times and obtaining sign-off from auditors that this has been completed correctly should be completed well before the transaction occurs. Have a strong architecture outlining technical dependencies.

      For more information, review:

      • Reduce and Manage Your Organization’s Insider Threat Risk
      • Map Technical Skills for a Changing Infrastructure Operations Organization
      • Build a Data Architecture Roadmap

      4.1.1 Monitor service agreements

      3-6 months

      Input: Original service agreement, Risk register

      Output: Service agreement confirmed

      Materials: Original service agreement

      Participants: IT executive/CIO, IT senior leadership, External organization IT senior leadership

      The purpose of this activity is to monitor the established service agreements on an ongoing basis. Your organization is most at risk during the initial months following the transaction.

      1. Ensure the right controls exist to prevent the organization from unnecessarily opening itself up to risks.
      2. Meet with the purchasing organization/subsidiary three months after the transaction to ensure that everyone is satisfied with the level of services provided.
      3. This is not a quick and completed activity, but one that requires ongoing monitoring. Repeatedly identify potential risks worth mitigating.

      For additional information and support for this activity, see the blueprint Build an IT Risk Management Program.

      4.1.2 Continually update the project plan

      Reoccurring basis following transition

      Input: Prioritized separation tasks, Separation RACI, Activity owners

      Output: Updated separation project plan

      Materials: M&A Separation Project Plan Tool (SharePoint), M&A Separation Project Plan Tool (Excel)

      Participants: IT executive/CIO, IT senior leadership, IT transaction team, Company M&A team

      The purpose of this activity is to ensure that the project plan is continuously updated as your transaction team continues to execute on the various components outlined in the project plan.

      1. Set a regular cadence for the transaction team to meet, update the project plan, review the status of the various separation task items, and strategize how to overcome any roadblocks.
      2. Employ governance best practices in these meetings to ensure decisions can be made effectively and resources allocated strategically.

      Record the updates in the M&A Separation Project Management Tool (SharePoint).

      Record the updates in the M&A Separation Project Management Tool (Excel).

      Execution & Value Realization

      Step 4.2

      Reflection and Value Realization

      Activities

      • 4.2.1 Confirm separation costs
      • 4.2.2 Review IT’s transaction value
      • 4.2.3 Conduct a transaction and separation SWOT
      • 4.2.4 Review the playbook and prepare for future transactions

      This step involves the following participants:

      • IT executive/CIO
      • IT senior leadership
      • Transition team
      • Company M&A team

      Outcomes of Step

      Review the value that IT was able to generate around the transaction and strategize about how to improve future selling or separating transactions.

      4.2.1 Confirm separation costs

      3-4 hours

      Input: Separation tasks, Carve-out roadmap, Transition team, Previous RACI, Estimated separation costs

      Output: Actual separation costs

      Materials: M&A Sell Playbook

      Participants: IT executive/CIO, IT senior leadership, Transaction team, Company M&A team

      The purpose of this activity is to confirm the associated costs around separation. While the separation costs would have been estimated previously, it’s important to confirm the costs that were associated with the separation in order to provide an accurate and up-to-date report to the company’s M&A team.

      1. Taking all the original items identified previously in activity 3.2.6, identify if there were changes in the estimated costs. This can be an increase or a decrease.
      2. Ensure that each cost has a justification for why the cost changed from the original estimation.

      Record the results in the M&A Sell Playbook.

      Track cost savings and revenue generation

      Throughout the transaction, the business would have communicated its goals, rationales, and expectations for the transaction. Sometimes this is done explicitly, and other times the information is implicit. Either way, IT needs to ensure that metrics have been defined and are measuring the intended value that the business expects. Ensure that the benefits realized to the organization are being communicated regularly and frequently.

      1. Define Metrics: Select metrics to track synergies through the separation.
        1. You can track value by looking at percentages of improvement in process-level metrics depending on the savings or revenue being pursued.
        2. For example, if the value being pursued is decreasing costs, metrics could range from capacity to output, highlighting that the output remains high despite smaller IT environments.
      2. Prioritize Value-Driving Initiatives: Estimate the cost and benefit of each initiative's implementation to compare the amount of business value to the cost. The benefits and costs should be illustrated at a high level. Estimating the exact dollar value of fulfilling a synergy can be difficult and misleading.
          Steps
        • Determine the benefits that each initiative is expected to deliver.
        • Determine the high-level costs of implementation (capacity, time, resources, effort).
      3. Track Cost Savings and Revenue Generation: Develop a detailed workplan to resource the roadmap and track where costs are saved and revenue is generated as the initiatives are undertaken.

      4.2.2 Review IT’s transaction value

      3-4 hours

      Input: Prioritized separation tasks, Separation RACI, Activity owners, M&A company goals

      Output: Transaction value

      Materials: M&A Sell Playbook

      Participants: IT executive/CIO, IT senior leadership, Company's M&A team

      The purpose of this activity is to track how your IT organization performed against the originally identified metrics.

      1. If your organization did not have the opportunity to identify metrics, determine from the company M&A what those metrics might be. Review activity 3.2.9 for more information on metrics.
      2. Identify whether the metric (which should support a goal) was at, below, or above the original target metric. This is a very critical task for IT to complete because it allows IT to confirm that they were successful in the transaction and that the business can count on them in future transactions.
      3. Be sure to record accurate and relevant information on why the outcomes (good or bad) are supporting the M&A goals set out by the business.

      Record the results in the M&A Sell Playbook.

      4.2.3 Conduct a transaction and separation SWOT

      2 hours

      Input: Separation costs, Retention rates, Value that IT contributed to the transaction

      Output: Strengths, weaknesses, opportunities, and threats

      Materials: Flip charts, Markers, Sticky notes

      Participants: IT executive/CIO, IT senior leadership, Business transaction team

      The purpose of this activity is to assess the positive and negative elements of the transaction.

      1. Consider the internal and external elements that could have impacted the outcome of the transaction.
        • Strengths. Internal characteristics that are favorable as they relate to your development environment.
        • Weaknesses Internal characteristics that are unfavorable or need improvement.
        • Opportunities External characteristics that you may use to your advantage.
        • Threats External characteristics that may be potential sources of failure or risk.

      Record the results in the M&A Sell Playbook.

      M&A Sell Playbook review

      With an acquisition complete, your IT organization is now more prepared then ever to support the business through future M&As

      • Now that the transaction is more than 80% complete, take the opportunity to review the key elements that worked well and the opportunities for improvement.
      • Critically examine the M&A Sell Playbook your IT organization created and identify what worked well to help the transaction and where your organization could adjust to do better in future transactions.
      • If your organization were to engage in another sale or divestiture under your IT leadership, how would you go about the transaction to make sure the company meets its goals?

      4.2.4 Review the playbook and prepare for future transactions

      4 hours

      Input: Transaction and separation SWOT

      Output: Refined M&A playbook

      Materials: M&A Sell Playbook

      Participants: IT executive/CIO

      The purpose of this activity is to revise the playbook and ensure it is ready to go for future transactions.

      1. Using the outputs from the previous activity, 4.2.3, determine what strengths and opportunities there were that should be leveraged in the next transaction.
      2. Likewise, determine which threats and weaknesses could be avoided in the future transactions.
        Remember, this is your M&A Sell Playbook, and it should reflect the most successful outcome for you in your organization.

      Record the results in the M&A Sell Playbook.

      By the end of this post-transaction phase you should:

      Have completed the separation post-transaction and be fluidly delivering the critical value that the business expected of IT.

      Key outcomes from the Execution & Value Realization phase
      • Ensure the separation tasks are being completed and that any blockers related to the transaction are being removed.
      • Determine where IT was able to realize value for the business and demonstrate IT’s involvement in meeting target goals.
      Key deliverables from the Execution & Value Realization phase
      • Monitor service agreements
      • Continually update the project plan
      • Confirm separation costs
      • Review IT’s transaction value
      • Conduct a transaction and separation SWOT
      • Review the playbook and prepare for future transactions

      Summary of Accomplishment

      Problem Solved

      Congratulations, you have completed the M&A Sell Blueprint!

      Rather than reacting to a transaction, you have been proactive in tackling this initiative. You now have a process to fall back on in which you can be an innovative IT leader by suggesting how and why the business should engage in a separation or sale transaction. You have:

      • Created a standardized approach for how your IT organization should address divestitures or sales.
      • Retained critical staff and complied with any regulations throughout the transaction.
      • Delivered on the separation project plan successfully and communicated IT’s transaction value to the business.

      Now that you have done all of this, reflect on what went well and what can be improved if you were to engage in a similar divestiture or sale again.

      If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

      Contact your account representative for more information
      workshops@infotech.com 1-888-670-8899

      Research Contributors and Experts

      Ibrahim Abdel-Kader
      Research Analyst | CIO
      Info-Tech Research Group       		Brittany Lutes
      Senior Research Analyst | CIO
      Info-Tech Research Group
      John Annand
      Principal Research Director | Infrastructure
      Info-Tech Research Group       		Scott Bickley
      Principal Research Director | Vendor Management
      Info-Tech Research Group
      Cole Cioran
      Practice Lead | Applications
      Info-Tech Research Group       		Dana Daher
      Research Analyst | Strategy & Innovation
      Info-Tech Research Group
      Eric Dolinar
      Manager | M&A Consulting
      Deloitte Canada       		Christoph Egel
      Director, Solution Design & Deliver
      Cooper Tire & Rubber Company
      Nora Fisher
      Vice President | Executive Services Advisory
      Info-Tech Research Group       		Larry Fretz
      Vice President | Industry
      Info-Tech Research Group

      Research Contributors and Experts

      David Glazer
      Vice President of Analytics
      Kroll       		Jack Hakimian
      Senior Vice President | Workshops and Delivery
      Info-Tech Research Group
      Gord Harrison
      Senior Vice President | Research & Advisory
      Info-Tech Research Group       		Valence Howden
      Principal Research Director | CIO
      Info-Tech Research Group
      Jennifer Jones
      Research Director | Industry
      Info-Tech Research Group       		Nancy McCuaig
      Senior Vice President | Chief Technology and Data Office
      IGM Financial Inc.
      Carlene McCubbin
      Practice Lead | CIO
      Info-Tech Research Group       		Kenneth McGee
      Research Fellow | Strategy & Innovation
      Info-Tech Research Group
      Nayma Naser
      Associate
      Deloitte       		Andy Neill
      Practice Lead | Data & Analytics, Enterprise Architecture
      Info-Tech Research Group

      Research Contributors and Experts

      Rick Pittman
      Vice President | Research
      Info-Tech Research Group       		Rocco Rao
      Research Director | Industry
      Info-Tech Research Group
      Mark Rosa
      Senior Vice President & Chief Information Officer
      Mohegan Gaming and Entertainment       		Tracy-Lynn Reid
      Research Lead | People & Leadership
      Info-Tech Research Group
      Jim Robson
      Senior Vice President | Shared Enterprise Services (retired)
      Great-West Life       		Steven Schmidt
      Senior Managing Partner Advisory | Executive Services
      Info-Tech Research Group
      Nikki Seventikidis
      Senior Manager | Finance Initiative & Continuous Improvement
      CST Consultants Inc.       		Allison Straker
      Research Director | CIO
      Info-Tech Research Group
      Justin Waelz
      Senior Network & Systems Administrator
      Info-Tech Research Group       		Sallie Wright
      Executive Counselor
      Info-Tech Research Group

      Bibliography

      “5 Ways for CIOs to Accelerate Value During Mergers and Acquisitions.” Okta, n.d. Web.

      Altintepe, Hakan. “Mergers and acquisitions speed up digital transformation.” CIO.com, 27 July 2018. Web.

      “America’s elite law firms are booming.” The Economist, 15 July 2021. Web.

      Barbaglia, Pamela, and Joshua Franklin. “Global M&A sets Q1 record as dealmakers shape post-COVID world.” Nasdaq, 1 April 2021. Web.

      Boyce, Paul. “Mergers and Acquisitions Definition: Types, Advantages, and Disadvantages.” BoyceWire, 8 Oct. 2020. Web.

      Bradt, George. “83% Of Mergers Fail -- Leverage A 100-Day Action Plan For Success Instead.” Forbes, 27 Jan. 2015. Web.

      Capgemini. “Mergers and Acquisitions: Get CIOs, IT Leaders Involved Early.” Channel e2e, 19 June 2020. Web.

      Chandra, Sumit, et al. “Make Or Break: The Critical Role Of IT In Post-Merger Integration.” IMAA Institute, 2016. Web.

      Deloitte. “How to Calculate Technical Debt.” The Wall Street Journal, 21 Jan. 2015. Web.

      Ernst & Young. “IT As A Driver Of M&A Success.” IMAA Institute, 2017. Web.

      Fernandes, Nuno. “M&As In 2021: How To Improve The Odds Of A Successful Deal.” Forbes, 23 March 2021. Web.

      “Five steps to a better 'technology fit' in mergers and acquisitions.” BCS, 7 Nov. 2019. Web.

      Fricke, Pierre. “The Biggest Opportunity You’re Missing During an M&Aamp; IT Integration.” Rackspace, 4 Nov. 2020. Web.

      Garrison, David W. “Most Mergers Fail Because People Aren't Boxes.” Forbes, 24 June 2019. Web.

      Harroch, Richard. “What You Need To Know About Mergers & Acquisitions: 12 Key Considerations When Selling Your Company.” Forbes, 27 Aug. 2018. Web.

      Hope, Michele. “M&A Integration: New Ways To Contain The IT Cost Of Mergers, Acquisitions And Migrations.” Iron Mountain, n.d. Web.

      “How Agile Project Management Principles Can Modernize M&A.” Business.com, 13 April 2020. Web.

      Hull, Patrick. “Answer 4 Questions to Get a Great Mission Statement.” Forbes, 10 Jan. 2013. Web.

      Kanter, Rosabeth Moss. “What We Can Learn About Unity from Hostile Takeovers.” Harvard Business Review, 12 Nov. 2020. Web.

      Koller, Tim, et al. “Valuation: Measuring and Managing the Value of Companies, 7th edition.” McKinsey & Company, 2020. Web.

      Labate, John. “M&A Alternatives Take Center Stage: Survey.” The Wall Street Journal, 30 Oct. 2020. Web.

      Lerner, Maya Ber. “How to Calculate ROI on Infrastructure Automation.” DevOps.com, 1 July 2020. Web.

      Loten, Angus. “Companies Without a Tech Plan in M&A Deals Face Higher IT Costs.” The Wall Street Journal, 18 June 2019. Web.

      Low, Jia Jen. “Tackling the tech integration challenge of mergers today” Tech HQ, 6 Jan. 2020. Web.

      Lucas, Suzanne. “5 Reasons Turnover Should Scare You.” Inc. 22 March 2013. Web.

      “M&A Trends Survey: The future of M&A. Deal trends in a changing world.” Deloitte, Oct. 2020. Web.

      Maheshwari, Adi, and Manish Dabas. “Six strategies tech companies are using for successful divesting.” EY, 1 Aug. 2020. Web.

      Majaski, Christina. “Mergers and Acquisitions: What's the Difference?” Investopedia, 30 Apr. 2021.

      “Mergers & Acquisitions: Top 5 Technology Considerations.” Teksetra, 21 Jul. 2020. Web.

      “Mergers Acquisitions M&A Process.” Corporate Finance Institute, n.d. Web.

      “Mergers and acquisitions: A means to gain technology and expertise.” DLA Piper, 2020. Web.

      Nash, Kim S. “CIOs Take Larger Role in Pre-IPO Prep Work.” The Wall Street Journal, 5 March 2015. Web.

      O'Connell, Sean, et al. “Divestitures: How to Invest for Success.” McKinsey, 1 Aug. 2015. Web

      Paszti, Laila. “Canada: Emerging Trends In Information Technology (IT) Mergers And Acquisitions.” Mondaq, 24 Oct. 2019. Web.

      Patel, Kiison. “The 8 Biggest M&A Failures of All Time” Deal Room, 9 Sept. 2021. Web.

      Peek, Sean, and Paula Fernandes. “What Is a Vision Statement?” Business News Daily, 7 May 2020. Web.

      Ravid, Barak. “How divestments can re-energize the technology growth story.” EY, 14 July 2021. Web.

      Ravid, Barak. “Tech execs focus on growth amid increasingly competitive M&A market.” EY, 28 April 2021. Web.

      Resch, Scott. “5 Questions with a Mergers & Acquisitions Expert.” CIO, 25 June 2019. Web.

      Salsberg, Brian. “Four tips for estimating one-time M&A integration costs.” EY, 17 Oct. 2019. Web.

      Samuels, Mark. “Mergers and acquisitions: Five ways tech can smooth the way.” ZDNet, 15 Aug. 2018. Web.

      “SAP Divestiture Projects: Options, Approach and Challenges.” Cognizant, May, 2014. Web.

      Steeves, Dave. “7 Rules for Surviving a Merger & Acquisition Technology Integration.” Steeves and Associates, 5 Feb. 2020. Web.

      Tanaszi, Margaret. “Calculating IT Value in Business Terms.” CSO, 27 May 2004. Web.

      “The CIO Playbook. Nine Steps CIOs Must Take For Successful Divestitures.” SNP, 2016. Web.

      “The Role of IT in Supporting Mergers and Acquisitions.” Cognizant, Feb. 2015. Web.

      Torres, Roberto. “M&A playbook: How to prepare for the cost, staff and tech hurdles.” CIO Dive, 14 Nov. 2019. Web.

      “Valuation Methods.” Corporate Finance Institute, n.d. Web.

      Weller, Joe. “The Ultimate Guide to the M&A Process for Buyers and Sellers.” Smartsheet, 16 May 2019. Web.

      Determine Your Zero Trust Readiness

      • Buy Link or Shortcode: {j2store}249|cart{/j2store}
      • member rating overall impact: 9.8/10 Overall Impact
      • member rating average dollars saved: $24,574 Average $ Saved
      • member rating average days saved: 12 Average Days Saved
      • Parent Category Name: Security Strategy & Budgeting
      • Parent Category Link: /security-strategy-and-budgeting

      CISOs pushing for zero trust as their security strategy face several challenges including:

      • Understanding and clarifying the benefits of zero trust for the organization.
      • The inability to verify all business operations are maintaining security best practices.
      • Convincing business units to add more security controls that go against the grain of reducing friction in workflows while still demonstrating these controls support the business.

      Our Advice

      Critical Insight

      • Zero trust must benefit the business and security. Because the road to zero trust is an iterative process, IT security will need to constantly determine how different areas of zero trust will affect core business processes.
      • Zero trust reduces reliance on perimeter security. Zero trust is a strategy that solves how to move beyond the reliance on perimeter security and move controls to where the user accesses resources.
      • Not everyone can achieve zero trust, but everyone can adopt it. Zero trust will be different for every organization and may not be applicable in every control area. This means that zero trust is not a one-size-fits-all approach to IT security. Zero trust is the goal, but some organizations can only get so close to the ideal.

      Impact and Result

      Zero trust is a journey that uses multiple capabilities and requires multiple parties to contribute to an organization’s security. Use Info-Tech’s approach to:

      • Understand zero trust as a strategic platform for building your security roadmap.
      • Assess your current state and determine the benefits of adopting zero trust to help plan your roadmap.
      • Separate vendors from the hype surrounding zero trust to adopt a vendor-agnostic approach to your zero trust planning.

      Determine Your Zero Trust Readiness Research & Tools

      Start here – read the Executive Brief

      Read our concise Executive Brief to find out why you should determine your zero trust readiness, review Info-Tech’s methodology, and understand the ways we can support you in completing this project.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Understand zero trust

      Recognize the zero trust ideal and understand the different zero trust schools of thought.

      2. Assess your zero trust readiness

      Assess and determine the benefits of zero trust and identify and evaluate vendors in the zero trust market.

      • Zero Trust Security Benefit Assessment Tool
      [infographic]

      Develop Meaningful Service Metrics

      • Buy Link or Shortcode: {j2store}399|cart{/j2store}
      • member rating overall impact: 9.5/10 Overall Impact
      • member rating average dollars saved: $20,308 Average $ Saved
      • member rating average days saved: 30 Average Days Saved
      • Parent Category Name: Service Management
      • Parent Category Link: /service-management
      • IT organizations measure services from a technology perspective but rarely from a business goal or outcome perspective.
      • Most organizations do a poor job of identifying and measuring service outcomes over the duration of a service’s lifecycle – never ensuring the services remain valuable and meet expected long-term ROI.

      Our Advice

      Critical Insight

      • Service metrics are critical to ensuring alignment of IT service performance and business service value achievement.
      • Service metrics reinforce positive business and end-user relationships by providing user-centric information that drives responsiveness and consistent service improvement.
      • Poorly designed metrics drive unintended and unproductive behaviors that have negative impacts on IT and produce negative service outcomes.

      Impact and Result

      Effective service metrics will provide the following service gains:

      • Confirm service performance and identify gaps.
      • Drive service improvement to maximize service value.
      • Validate performance improvements while quantifying and demonstrating business value.
      • Ensure service reporting aligns with end-user experience.
      • Achieve and confirm process and regulatory compliance.

      Which will translate into the following relationship gains:

      • Embed IT into business value achievement.
      • Improve the relationship between the business and IT.
      • Achieve higher customer satisfaction (happier end users receiving expected service, the business is able to identify how things are really performing).
      • Reinforce desirable actions and behaviors from both IT and the business.

      Develop Meaningful Service Metrics Research & Tools

      Start here – read the Executive Brief

      Read our concise Executive Brief to find out why you should develop meaningful service metrics, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      • Develop Meaningful Service Metrics – Executive Brief
      • Develop Meaningful Service Metrics – Phases 1-3

      1. Design the metrics

      Identify the appropriate service metrics based on stakeholder needs.

      • Develop Meaningful Service Metrics to Ensure Business and User Satisfaction – Phase 1: Design the Metrics
      • Metrics Development Workbook

      2. Design reports and dashboards

      Present the right metrics in the most interesting and stakeholder-centric way possible.

      • Develop Meaningful Service Metrics to Ensure Business and User Satisfaction – Phase 2: Design Reports and Dashboards
      • Metrics Presentation Format Selection Guide

      3. Implement, track, and maintain

      Run a pilot with a smaller sample of defined service metrics, then continuously validate your approach and make refinements to the processes.

      • Develop Meaningful Service Metrics to Ensure Business and User Satisfaction – Phase 3: Implement, Track, and Maintain
      • Metrics Tracking Tool
      [infographic]

      Workshop: Develop Meaningful Service Metrics

      Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

      1 Design the Metrics

      The Purpose

      Define stakeholder needs for IT based on their success criteria and identify IT services that are tied to the delivery of business outcomes.

      Derive meaningful service metrics based on identified IT services and validate that metrics can be collected and measured.

      Key Benefits Achieved

      Design meaningful service metrics from stakeholder needs.

      Validate that metrics can be collected and measured.

      Activities

      1.1 Determine stakeholder needs, goals, and pain points.

      1.2 Determine the success criteria and related IT services.

      1.3 Derive the service metrics.

      1.4 Validate the data collection process.

      1.5 Validate metrics with stakeholders.

      Outputs

      Understand stakeholder priorities

      Adopt a business-centric perspective to align IT and business views

      Derive meaningful business metrics that are relevant to the stakeholders

      Determine if and how the identified metrics can be collected and measured

      Establish a feedback mechanism to have business stakeholders validate the meaningfulness of the metrics

      2 Design Reports and Dashboards

      The Purpose

      Determine the most appropriate presentation format based on stakeholder needs.

      Key Benefits Achieved

      Ensure the metrics are presented in the most interesting and stakeholder-centric way possible to guarantee that they are read and used.

      Activities

      2.1 Understand the different presentation options.

      2.2 Assess stakeholder needs for information.

      2.3 Select and design the metric report.

      Outputs

      Learn about infographic, scorecard, formal report, and dashboard presentation options

      Determine how stakeholders would like to view information and how the metrics can be presented to aid decision making

      Select the most appropriate presentation format and create a rough draft of how the report should look

      3 Implement, Track, and Maintain Your Metrics

      The Purpose

      Run a pilot with a smaller sample of defined service metrics to validate your approach.

      Make refinements to the implementation and maintenance processes prior to activating all service metrics.

      Key Benefits Achieved

      High user acceptance and usability of the metrics.

      Processes of identifying and presenting metrics are continuously validated and improved.

      Activities

      3.1 Select the pilot metrics.

      3.2 Gather data and set initial targets.

      3.3 Generate the reports and validate with stakeholders.

      3.4 Implement the service metrics program.

      3.5 Track and maintain the metrics program.

      Outputs

      Select the metrics that should be first implemented based on urgency and impact

      Complete the service intake form for a specific initiative

      Create a process to gather data, measure baselines, and set initial targets

      Establish a process to receive feedback from the business stakeholders once the report is generated

      Identify the approach to implement the metrics program across the organization

      Set up mechanism to ensure the success of the metrics program by assessing process adherence and process validity

      Further reading

      Develop Meaningful Service Metrics

      Select IT service metrics that drive business value.

      ANALYST PERSPECTIVE

      Are you measuring and reporting what the business needs to know?

      “Service metrics are one of the key tools at IT’s disposal in articulating and ensuring its value to the business, yet metrics are rarely designed and used for that purpose.

      Creating IT service metrics directly from business and stakeholder outcomes and goals, written from the business perspective and using business language, is critical to ensuring that the services that IT provides are meeting business needs.

      The ability to measure, manage, and improve IT service performance in relation to critical business success factors, with properly designed metrics, embeds IT in the value chain of the business and ensures IT’s focus on where and how it enables business outcomes.”

      Valence Howden,
      Senior Manager, CIO Advisory
      Info-Tech Research Group

      Our understanding of the problem

      This Research Is Designed For:
      • CIO
      • IT VPs
      		 This Research Will Help You:
      • Align business/IT objectives (design top-down or outside-in)
      • Significantly improve the relationship between the business and IT aspects of the organization
      • Reinforce desirable actions and behaviors
      This Research Will Also Assist:
      • Service Level Managers
      • Service Owners
      • Program Owners
      		 This Research Will Help Them
      • Identify unusual deviations from the normal operating state
      • Drive service improvement to maximize service value
      • Validate the value of performance improvements while quantifying and demonstrating benefits realization

      Executive summary

      Situation

      • IT organizations measure services from a technology perspective yet rarely measure services from a business goal/outcome perspective.
      • Most organizations do a poor job of identifying and measuring service outcomes over the duration of a service’s lifecycle – never ensuring the services remain valuable and meet expected long-term ROI.

      Complication

      • IT organizations have difficulty identifying the right metrics to demonstrate the value of IT services to the business in tangible terms.
      • IT metrics, as currently designed, reinforce division between the IT and business perspectives of service performance. They drive siloed thinking and finger-pointing within the IT structure, and prevent IT resources from understanding how their work impacts business value.

      Resolution

      • Our program enables IT to develop the right service metrics to tie IT service performance to business value and user experience.
      • Ensure the metrics you implement have immediate stakeholder value, reinforcing alignment between IT and the business while influencing behavior in the desired direction.
      • Make sure that your metrics are defined in relation to the business goals and drivers, ensuring they will provide actionable outcomes.

      Info-Tech Insight

      1. Service metrics are critical to ensuring alignment of IT service performance and business service value achievement.
      2. Service metrics reinforce positive business and end-user relationships by providing user-centric information that drives responsiveness and consistent service improvement.
      3. Poorly designed metrics drive unintended and unproductive behaviors, which have negative impacts on IT and produce negative service outcomes.

      Service metrics 101

      What are service metrics?

      Service metrics measure IT services in a way that relates to a business outcome. IT needs to measure performance from the business perspective using business language.

      		Why do we need service metrics?

      To ensure the business cares about the metrics that IT produces, start with business needs to make sure you’re measuring the right things. This will give IT the opportunity talk to the right stakeholders and develop metrics that will meet their business needs.

      Service metrics are designed with the business perspective in mind, so they are fully aligned with business objectives.

      Perspectives Matter

      Different stakeholders will require different types of metrics. A CEO may require metrics that provide a snapshot of the critical success of the company while a business manager is more concerned about the performance metrics of their department.

      		What are the benefits of implementing service metrics?

      Service metrics help IT communicate with the business in business terms and enables IT to articulate how and where they provide business value. Business stakeholders can also easily understand how IT services contribute to their success.

      The majority of CIOs feel metrics relating to business value and stakeholder satisfaction require significant improvement

      A significantly higher proportion of CIOs than CEOs feel that there is significant improvement necessary for business value metrics and stakeholder satisfaction reporting. Stacked horizontal bar chart presenting survey results from CIOs and CXOs of 'Business Value Metrics'. Answer options are 'Effective', 'Some Improvement Necessary', 'Significant Improvement Necessary', and 'Not Required'.N=364

      Stacked horizontal bar chart presenting survey results from CIOs and CXOs of 'Stakeholder Satisfaction Reporting'. Answer options are 'Effective', 'Some Improvement Necessary', 'Significant Improvement Necessary', and 'Not Required'.N=364

      (Source: Info-Tech CIO-CXO Alignment Diagnostic Survey)

      Meaningless metrics are a headache for the business

      A major pitfall of many IT organizations is that they often provide pages of technical metrics that are meaningless to their business stakeholders.

      1. Too Many MetricsToo many metrics are provided and business leaders don’t know what to do with these metrics.
      2. Metrics Are Too TechnicalIT provides technical metrics that are hard to relate to business needs, and methods of calculating metrics are not clearly understood, articulated, and agreed on.
      3. Metrics Have No Business ValueService metrics are not mapped to business goals/objectives and they drive incorrect actions or spend.
      		 When considering only CEOs who said that stakeholder satisfaction reporting needed significant improvement, the average satisfaction score goes down to 61.6%, which is a drop in satisfaction of 12%.

      A bar that says 73% dropping to a bar that says 61%. Description above.

      (Source: Info-Tech Research Group CIO-CXO Alignment Diagnostic Survey)

      Poorly designed metrics hurt IT’s image within the organization

      By providing metrics that do not articulate the value of IT services, IT reinforces its role as a utility provider and an outsider to strategic decisions.

      When the CIOs believe business value metrics weren’t required, 50% of their CEOs said that significant improvements were necessary.

      Pie Chart presenting the survey results from CEOs regarding 'Business Value Metrics'. Description above.

      (Source: Info-Tech Research Group CIO-CXO Alignment Diagnostic Survey)
      1. Reinforce the wrong behaviorThe wrong metrics drive us-against-them, siloed thinking within IT, and meeting metric targets is prioritized over providing meaningful outcomes.
      2. Do not reflect user experienceMetrics don’t align with actual business/user experience, reinforcing a poor view of IT services.
      3. Effort ≠ ValueInvesting dedicated resources and effort to the achievement of the wrong metrics will only leave IT more constrained for other important initiatives.

      Articulate meaningful service performance that supports the achievement of business outcomes

      Service metrics measure the performance of IT services and how they enable or drive the activity outcomes.

      A business process consists of multiple business activities. In many cases, these business activities require one or more supporting IT services.

      A 'Business Process' broken down to its parts, multiple 'Business Activities' and their 'IT Services'. For each business process, business stakeholders and their goals and objectives should be identified.

      For each business activity that supports the completion of a business process, define the success criteria that must be met in order to produce the desirable outcome.

      Identify the IT services that are used by business stakeholders for each business activity. Measure the performance of these services from a business perspective to arrive at the appropriate service metrics.

      Differentiate between different types of metrics

      Stakeholders have different goals and objectives; therefore, it is critical to identify what type of metrics should be presented to each stakeholder.

      Business Metrics

      Determine Business Success

      Business metrics are derived from a pure business perspective. These are the metrics that the business stakeholders will measure themselves on, and business success is determined using these metrics.

      Arrow pointing right.

      		Service Metrics

      Manage Service Value to the Business

      Service metrics are used to measure IT service performance against business outcomes. These metrics, while relating to IT services, are presented in business terms and are tied to business goals.

      Arrow pointing right.

      		IT Metrics

      Enable Operational Excellence

      IT metrics are internal to the IT organization and used to manage IT service delivery. These metrics are technical, IT-specific, and drive action for IT. They are not presented to the business, and are not written in business language.

      Implementing service metrics is a key step in becoming a service provider and business partner

      As a prerequisite, IT organizations must have already established a solid relationship with the business and have a clear understanding of its critical business-facing services.

      At the very least, IT needs to have a service-oriented view and understand the specific needs and objectives associated with each stakeholder.

      Visualization of 'Business Relationship Management' with an early point on the line representing 'Service Provider: Establish service-oriented culture and business-centric service delivery', and the end of the line being 'Strategic Partner'.

      Once IT can present service metrics that the business cares about, it can continue on the service provider journey by managing the performance of services based on business needs, determine and influence service demand, and assess service value to maximize benefits to the business.

      Which processes drive service metrics?

      Both business relationship management (BRM) and service level management (SLM) provide inputs into and receive outputs from service metrics.

      Venn Diagram of 'Business Relationship Management', 'Service Metrics', and 'Service Level Management'.

      Business Relationship Management

      BRM works to understand the goals and objectives of the business and inputs them into the design of the service metrics.

      Service Metrics

      BRM leverages service metrics to help IT organizations manage the relationship with the business.

      BRM articulates and manages expectations and ensures IT services are meeting business requirements.

      Which processes drive service metrics?

      Both BRM and SLM provide inputs into and receive outputs from service metrics.

      Venn Diagram of 'Business Relationship Management', 'Service Metrics', and 'Service Level Management'.

      Service Level Management

      SLM works with the business to understand service requirements, which are key inputs in designing the service metrics.

      Service Metrics

      SLM leverages service metrics in overseeing the day-to-day delivery of IT services. It ensures they are provided to meet expected service level targets and objectives.

      Effective service metrics will deliver both service gains and relationship gains

      Effective service metrics will provide the following service gains:

      • Confirm service performance and identify gaps
      • Drive service improvement to maximize service value
      • Validate performance improvements while quantifying and demonstrating business value
      • Ensure service reporting aligns with end-user experience
      • Achieve and confirm process and regulatory compliance
          Which will translate into the following relationship gains:
          • Embed IT into business value achievement
          • Improve relationship between the business and IT
          • Achieve higher customer satisfaction (happier end users receiving expected service, the business is able to identify how things are really performing)
          • Reinforce desirable actions and behaviors from both IT and the business

      Don’t let conventional wisdom become your roadblock

      Conventional Wisdom

      Info-Tech Perspective
      Metrics are measured from an application or technology perspective Metrics need to be derived from a service and business outcome perspective.
      The business doesn’t care about metrics Metrics are not usually designed to speak in business terms about business outcomes. Linking metrics to business objectives creates metrics that the business cares about.
      It is difficult to have a metrics discussion with the business It is not a metrics/number discussion, it is a discussion on goals and outcomes.
      Metrics are only presented for the implementation of the service, not the ongoing outcome of the service IT needs to focus on service outcome and not project outcome.
      Quality can’t be measured Quality must be measured in order to properly manage services.

      Our three-phase approach to service metrics development

      Let Info-Tech guide you through your service metrics journey

      1

      2

      3
      Design Your Metrics Develop and Validate Reporting Implement, Track, and Maintain
      Sample of Phase 1 of Info-Tech's service metric development package, 'Design Your Metrics'. Sample of Phase 2 of Info-Tech's service metric development package, 'Develop and Validate Reporting'. Sample of Phase 3 of Info-Tech's service metric development package, 'Implement, Track, and Maintain'.
      Start the development and creation of your service metrics by keeping business perspectives in mind, so they are fully aligned with business objectives. Identify the most appropriate presentation format based on stakeholder preference and need for metrics. Track goals and success metrics for your service metrics programs. It allows you to set long-term goals and track your results over time.

      CIOs must actively lead the design of the service metrics program

      The CIO must actively demonstrate support for the service metrics program and lead the initial discussions to determine what matters to business leaders.

      1. Lead the initiative by defining the need
        Show visible support and demonstrate importance
      2. Articulate the value to both IT and the business
        Establish the urgency and benefits
      3. Select and assemble an implementation group
        Find the best people to get the job done
      4. Drive initial metrics discussions: goals, objectives, actions
        Lead brainstorming with senior business leaders
      5. Work with the team to determine presentation formats and communication methods
        Identify the best presentation approach for senior stakeholders
      6. Establish a feedback loop for senior management
        Solicit feedback on improvements
      7. Validate the success of the metrics
        Confirm service metrics support business outcomes

      Measure the success of your service metrics

      It is critical to determine if the designed service metrics are fulfilling their intended purpose. The process of maintaining the service metrics program and the outcomes of implementing service metrics need to be monitored and tracked.

      Validating Service Metrics Design

      Target Outcome

      Related Metrics
      The business is enabled to identify and improve service performance to their end customer # of improvement initiatives created based on service metrics
      $ cost savings/revenue generated due to actions derived from service metrics

      Procedure to validate the usefulness of IT metrics

      # / % of service metrics added/removed per year

      Alignment between IT and business objectives and processes Business’ satisfaction with IT

      Measure the success of your service metrics

      It is critical to determine if the designed service metrics are fulfilling their intended purpose. The process of maintaining the service metrics program and the outcomes of implementing service metrics need to be monitored and tracked.

      Validating Service Metrics Process

      Target Outcome

      Related Metrics

      Properly defined service metrics aligned with business goals/outcomes
      Easy understood measurement methodologies      		% of services with (or without) defined service metrics

      % of service metrics tied to business goals

      Consistent approach to review and adjust metrics# of service metrics adjusted based on service reviews

      % of service metrics reviewed on schedule

      Demonstrate monetary value and impact through the service metrics program

      In a study done by the Aberdeen Group, organizations engaged in the use of metrics benchmarking and measurement have:
      • 88% customer satisfaction rate
      • 60% service profitability
      • 15% increase in workforce productivity over the last 12 months

      Stock image of a silhouette of three people's head and shoulders.
      (Source: Aberdeen Group. “Service Benchmarking and Measurement.”)

      		A service metric is defined for: “Response time for Business Application A

      The expected response time has not been achieved and this is visible in the service metrics. The reduced performance has been identified as having an impact of $250,000 per month in lost revenue potential.

      The service metric drove an action to perform a root-cause analysis, which identified a network switch issue and drove a resolution action to fix the technology and architect redundancy to ensure continuity.

      The fix eliminated the performance impact, allowing for recovery of the $250K per month in revenue, improved end-user confidence in the organization, and increased use of the application, creating additional revenue.

      Implementing and measuring a video conferencing service

      CASE STUDY
      Industry: Manufacturing | Source: CIO interview and case material
      Situation

      The manufacturing business operates within numerous countries and requires a lot of coordination of functions and governance oversight. The company has monthly meetings, both regional and national, and key management and executives travel to attend and participate in the meetings.

      Complication

      While the meetings provide a lot of organizational value, the business has grown significantly and the cost of business travel has started to become prohibitive.

      Action

      It was decided that only a few core meetings would require onsite face-to-face meetings, and for all other meetings, the company would look at alternative means. The face-to-face aspect of the meetings was still considered critical so they focused on options to retain that aspect.

      The IT organization identified that they could provide a video conferencing service to meet the business need. The initiative was approved and rolled out in the organization.

      Result:

      IT service metrics needed to be designed to confirm that the expected value outcome of the implementation of video conferencing was achieved.

      Under the direction of the CIO, the business goals and needs driving use of the service (i.e. reduction in travel costs, efficiency, no loss of positive outcome) were used to identify success criteria and key questions to confirm success.

      With this information, the service manager was able to implement relevant service metrics in business language and confirmed an 80% adoption rate and a 95% success rate in term meetings running as expected and achieving core outcomes.

      Use these icons to help direct you as you navigate this research

      Use these icons to help guide you through each step of the blueprint and direct you to content related to the recommended activities.

      A small monochrome icon of a wrench and screwdriver creating an X.

      This icon denotes a slide where a supporting Info-Tech tool or template will help you perform the activity or step associated with the slide. Refer to the supporting tool or template to get the best results and proceed to the next step of the project.

      A small monochrome icon depicting a person in front of a blank slide.

      This icon denotes a slide with an associated activity. The activity can be performed either as part of your project or with the support of Info-Tech team members, who will come onsite to facilitate a workshop for your organization.

      Info-Tech offers various levels of support to best suit your needs

      DIY Toolkit

      Guided Implementation

      Workshop

      Consulting
      "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

      Diagnostics and consistent frameworks used throughout all four options

      Develop meaningful service metrics to ensure business and user satisfaction

      1. Design the Metrics 2. Design Reports and Dashboards 3. Implement, Track, and Maintain
      Supporting Tool icon

      Best-Practice Toolkit
      1. Defining stakeholder needs for IT based on their success criteria
      2. Derive meaningful service metrics based on identified IT services and validate with business stakeholders
      3. Validate metrics can be collected and measured
      4. Determine calculation methodology
      1. Presentation format selected based on stakeholder needs and preference for information
      2. Presentation format validated with stakeholders
      1. Identify metrics that will be presented first to the stakeholders based on urgency or impact of the IT service
      2. Determine the process to collect data, select initial targets, and integrate with SLM and BRM functions
      3. Roll out the metrics implementation for a broader audience
      4. Establish roles and timelines for metrics maintenance

      Guided Implementations
      • Design metrics based on business needs
      • Validate the metrics
      • Select presentation format
      • Review metrics presentation design
      • Select and implement pilot metrics
      • Determine rollout process and establish maintenance/tracking mechanism
      Associated Activity icon

      Onsite Workshop

      		 Module 1:
      Derive Service Metrics From Business Goals       		Module 2:
      Select and Design Reports and Dashboards       		Module 3:
      Implement, Track, and Maintain Your Metrics to Ensure Success
      Phase 1 Outcome:
      • Meaningful service metrics designed from stakeholder needs
      		 Phase 2 Outcome:
      • Appropriate presentation format selected for each stakeholder
      		 Phase 3 Outcome:
      • Metrics implemented and process established to maintain and track program success

      Workshop overview

      Contact your account representative or email Workshops@InfoTech.com for more information.
      Workshop Day 1 Workshop Day 2 Workshop Day 3 Workshop Day 4
      Design the Metrics
      Determine Presentation Format and Implement Metrics
      Gather Service Level Requirements
      Monitor and Improve Service Levels

      Activities
      • 1.1 Determine stakeholder needs
      • 1.2 Determine success criteria and key performance indicators
      • 1.3 Derive metrics
      • 1.4 Validate the metric collection
      • 2.1 Discuss stakeholder needs/preference for data and select presentation format
      • 2.2 Select and design the metric report
      • Requirements
      • 3.1 Determine the business requirements
      • 3.2 Negotiate service levels
      • 3.3 Align operational level agreements (OLAs) and supplier contracts
      • 4.1 Conduct service report and perform service review
      • 4.2 Communicate service review
      • 4.3 Remediate issues using action plan
      • 4.4 Proactive prevention

      Deliverables
      1. Metrics Development Workbook
      1. Metrics Presentation Format Selection Guide
      2. Metrics Tracking Tool
      1. Service Level Management SOP
      2. Service Level Agreement
      1. Service Level Report
      2. Service Level Review
      3. Business Satisfaction Report

      Develop Meaningful Service Metrics to Ensure Business and User Satisfaction

      PHASE 1

      Design the Metrics

      Step (1): Design the Metrics

      PHASE 1 PHASE 2 PHASE 3

      1.1

      Derive the Service Metrics

      1.2

      Validate the Metrics

      2.1

      Determine Reporting Format

      3.1

      Select Pilot Metrics

      3.2

      Activate and Maintain Metrics

      This step involves the following participants:

      • CIO
      • Business Relationship Manager (BRM)
      • Service Level Manager (SLM)

      Outcomes of this step

      • Defined stakeholder needs for IT based on their success criteria
      • Identified IT services that are tied to the delivery of business outcomes
      • Derived meaningful service metrics based on identified IT services and validated with business stakeholders
      • Validated that metrics can be collected and measured
      • Determined calculation methodology

      Phase 1 outline

      Associated Activity icon Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

      Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

      Guided Implementation 1: Design the Metrics

      Proposed Time to Completion (in weeks): 4 weeks
      Step 1.1: Design Metrics Step 1.2: Validate the Metrics
      Start with an analyst kick-off call:
      • Determine the stakeholder and their needs
      • Identify IT services that are tied to the delivery of business outcomes
      • Derive the service metrics
      		 Review findings with analyst:
      • For the selected metrics, identify the data source for collection
      • Validate whether or not the data can be created
      • Create a calculation method for the metrics
      Then complete these activities…
      • Using the methodology provided, identify additional stakeholders and map out their success criteria, including KPIs to determine the appropriate service metrics
      		 Then complete these activities…
      • Determine whether the designed metrics are measurable, and if so, how
      With these tools & templates:
      • Metrics Development Workbook
      		 With these tools & templates:
      • Metrics Development Workbook

      Design your service metrics – overview

      Figure representing 'CIO'. Step 1
      Derive your service metrics

      Metrics Worksheet

      		Figure representing 'SLM' and/or 'BRM'. Step 2
      Validate your metrics

      Metrics Worksheet

      		Figures representing 'CIO', 'SLM', and/or 'BRM'. Step 3
      Confirm with stakeholders

      Metrics Tracking Sheet

      		A star.

      Defined IT Service Metrics

      Deriving the right metrics is critical to ensuring that you will generate valuable and actionable service metrics.

      Derive your service metrics from business objectives and needs

      Service metrics must be designed with the business perspective in mind so they are fully aligned with business objectives.

      Thus, IT must start by identifying specific stakeholder needs. The more IT understands about the business, the more relevant the metrics will be to the business stakeholders.

      1. Who are your stakeholders?
      2. What are their goals and pain points?
      3. What do the stakeholders need to know?
      4. What do I need to measure?
      5. Derive your service metrics

      Derive your service metrics

      Supporting Tool icon 1.1 Metrics Development Workbook

      This workbook guides the development and creation of service metrics that are directly tied to stakeholder needs.

      This process will ensure that your service metrics are designed with the business perspective in mind so they are fully aligned with business objectives.

      1. Who are the relevant stakeholders?
      2. What are the goals and pain points of your stakeholders?
      3. What do the stakeholders need to know?
      4. What does IT need to measure?
      5. What are the appropriate IT metrics?

      Download the Metrics Development Workbook.

      		Sample of Info-Tech's Metrics Development Workbook.

      Determine your stakeholders

      Supporting Tool icon 1.1 0.5 Hour

      Who are your stakeholders?

      1. Identify the primary stakeholders of your service metrics. Stakeholders are the people who have a very specific need to know about how IT services affect their business outcomes. Different stakeholders can have different perspective on the same IT service metric.Most often, the primary target of service metrics are the business stakeholders, e.g. VP of a business unit.
      2. Identify any additional stakeholders. The CIO is also a stakeholder since they are effectively the business relationship manager for the senior leaders.

      Video Conferencing Case Study
      Manufacturing company

      For this phase, we will demonstrate how to derive the service metrics by going through the steps in the methodology.

      At a manufacturing company, the CIO’s main stakeholder is the CEO, whose chief concern is to improve the financial position of the company.

      Identify goals and pain points of your stakeholders

      Supporting Tool icon 1.2 0.5 Hour

      What are their goals and pain points?

      1. Clearly identify each stakeholder’s business goals and outcomes. These would be particular business goals related to a specific business unit.
      2. Identify particular pain points for each business unit to understand what is preventing them from achieving the desirable business outcome.

      VC Case Study

      One of the top initiatives identified by the company to improve financial performance was to reduce expense.

      Because the company has several key locations in different states, company executives used to travel extensively to carry out meetings at each location.

      Therefore, travel expenses represent a significant proportion of operational expenses and reducing travel costs is a key goal for the company’s executives.

      What do the stakeholders need to know?

      Supporting Tool icon 1.3 0.5 Hour

      What do the stakeholders need to know?

      1. Identify the key things that the stakeholders would need to know based on the goals and pain points derived from the previous step.These are your success criteria and must be met to successfully achieve the desired goals.

      VC Case Study

      The CEO needs to have assurance that without executives traveling to each location, remote meetings can be as effective as in-person meetings.

      These meetings must provide the same outcome and allow executives to collaborate and make similar strategic decisions without the onsite, physical presence.

      Therefore, the success criteria are:

      • Reduced travel costs
      • Effective collaboration
      • High-quality meetings

      What do I need to measure?

      Supporting Tool icon 1.4 1 Hour

      What does IT need to measure?

      1. Identify the IT services that are leveraged to achieve the business goals and success criteria.
      2. Identify the users of those services and determine the nature of usage for each group of users.
      3. Identify the key indicators that must be measured for those services from an IT perspective.

      VC Case Study

      The IT department decides to implement the video conferencing service to reduce the number of onsite meetings. This technology would allow executives to meet remotely with both audio and video and is the best option to replicate a physical meeting.

      The service is initially available to senior executives and will be rolled out to all internal users once the initial implementation is deemed successful.

      To determine the success of the service, the following needs to be measured:

      1. Outcomes of VC meetings
      2. Quality of the VC meetings
      3. Reduction in travel expenses

      Derive service metrics

      Supporting Tool icon 1.5 0.5 Hour

      Derive your service metrics

      1. Derive the service metrics that are meaningful to business stakeholders based on the IT services and the key indicators identified in the previous steps.
      2. Distinguish between service metrics and business metrics. You may identify some business metrics in addition to the IT metrics, and although these are important, IT doesn’t own the process of tracking and reporting business metrics.

      VC Case Study

      In the previous step, IT identified that it must measure the outcomes of VC meetings, quality of the VC meetings, and the reduction in travel expenses. From these, the appropriate service metrics can be derived to answer the needs of the CEO.

      IT needs to measure:

      1. Percent of VC meetings successfully delivered
      2. Growth of number of executive meetings conducted via VC
      Outcomes

      IT also identified the following business metrics:

      1. Reduction in percent of travel expense/spend
      2. Reduction in lost time due to travel

      Validate your metrics

      Once appropriate service metrics are derived from business objectives, the next step is to determine whether or not it is viable to actually measure the metrics.

      Can you measure it? The first question IT must answer is whether the metric is measurable. IT must identify the data source, validate its ability to collect the data, and specify the data requirement. Not all metrics can be measured!
      How will you measure it? If the metric is measurable, the next step is to create a way to measure the actual data. In most cases, simple formulas that can be easily understood are the best approach.
      Define your actions Metrics must be used to drive or reinforce desirable outcomes and behaviors. Thus, IT must predetermine the necessary actions associated with the different metric levels, thresholds, or trends.

      Determine if you can measure the identified metric

      Supporting Tool icon 1.6 0.5 Hour

      INSTRUCTIONS

      1. Determine what data sources are available. Make sure that you know where the information you need is captured, or will need to be captured. This would include:
        • A ticket/request system
        • An auto discovery tool
        • A configuration management database ( CMDB)
      2. Confirm that IT has the ability to collect the information.
        • If the necessary data is already contained in an identified data source, then you can proceed.
        • If not, consider whether it’s possible to gather the information using current sources and systems.
        • Understand the constraints and cost/ROI to implement new technology or revise processes and data gathering to produce the data.

      VC Case Study

      Using the metric derived from the video conferencing service example, IT wants to measure the % of VC meetings successfully delivered.

      What are the data sources?

      • Number of VC meetings that took place
      • Number of service incidents
      • User survey

      Determine if you can measure the identified metric

      Supporting Tool icon 1.6 0.5 Hour

      INSTRUCTIONS

      1. Understand your data requirements
        • To produce relevant metrics from your data, you need to ensure the level of quality and currency that provides you with useful information. You need to define:
          • The level of detail that has to be captured to make the data useful.
          • The consistency of the data, and how it needs to be entered or gathered.
          • The accuracy of the data. This includes how current the data needs to be, how quickly changes have to be made, and how data quality will be verified.

      VC Case Study

      Data requirement for percent of successful VC meetings:

      • Level of detail – user category, location, date/time,
      • Consistency – how efficiently are VC-related incidents opened and closed? Is the data collected and stored consistently?
      • Accuracy – is the information entered accurately?

      Create the calculation to measure it

      Supporting Tool icon 1.7 0.5 Hour

      Determine how to calculate the metrics.

      INSTRUCTIONS
      1. Develop the calculations that will be used for each accepted metric. The measurement needs to be clear and straightforward.
      2. Define the scope and assumptions for each calculation, including:
        • The defined measurement period (e.g. monthly, weekly)
        • Exclusions (e.g. nonbusiness hours, during maintenance windows)

      VC Case Study

      Metric: Percent of VC meetings delivered successfully

      IT is able to determine the total number of VC meetings that took place and the number of VC service requests to the help desk.

      That makes it possible to use the following formula to determine the success percentage of the VC service:

      ((total # VC) – (# of VC with identified incidents)) / (total # VC) * 100

      Define the actions to be taken for each metric

      Supporting Tool icon 1.7 1.5 Hour

      INSTRUCTIONS

      Centered on the defined metrics and their calculations, IT can decide on the actions that should be driven out of each metric based on one of the following scenarios:
      • Scenario 1: Ad hoc remedial action and root-cause investigation. If the reason for the result is unknown, determining root cause or identifying trends is required to determine required actions.
      • Scenario 2: Predefined remedial action. A set of predetermined actions associated with different results. This is useful when the meaning of the results is clear and points to specific issues within the environment.
      • Scenario 3: Nonremedial action. The metrics may produce a result that reinforces or supports company direction and strategy, or identifies an opportunity that may drive a new initiative or idea.

      VC Case Study

      If the success rate of the VC meetings is below 90%, IT needs to focus on determining if there is a common cause and identify if this is a consistent downward trend.

      A root-cause analysis is performed that identifies that network issues are causing difficulties, impacting the connection quality and usability of the VC service.

      Validate the confirmed metrics with the business

      Supporting Tool icon 1.8 1 Hour

      INPUT: Selected service metrics, Discussion with the business

      OUTPUT: Validated metrics with the business

      Materials: Metrics with calculation methodology

      Participants: IT and business stakeholders, Service owners

      INSTRUCTIONS

      1. Once you have derived the appropriate metrics and established that the metrics are measurable, you must go back to the targeted stakeholders and validate that the selected metrics will provide the right information to meet their identified goals and success criteria.
      2. Add confirmed metrics to the Metrics Tracking Tool, in the Metrics Tracking Plan tab.
      Service Metric Corresponding
      Business Goal       		Measurement
      Method       		Defined Actions

      Example: Measuring the online banking service at a financial institution

      Who are IT’s stakeholders? The financial institution provides various banking solutions to its customers. Retail banking is a core service offered by the bank and the VP of retail banking is a major stakeholder of IT.
      What are their goals and pain points? The VP of retail banking’s highest priorities are to increase revenue, increase market share, and maintain the bank’s brand and reputation amongst its customers.
      What do they need to know? In order to measure success, the VP of retail banking needs to determine performance in attracting new clients, retaining clients, expanding into new territory, and whether they have increased the number of services provided to existing clients.
      What does IT need to measure? The recent implementation of an online banking service is a key initiative that will keep the bank competitive and help retail banking meet its goals. The key indicators of this service are: the total number of clients, the number of products per client, percent of clients using online banking, number of clients by segment, service, territory.
      Derive the service metrics Based on the key indicators, IT can derive the following service metrics:
      1. Number of product applications originated from online banking
      2. Customer satisfaction/complaints
      As part of the process, IT also identified some business metrics, such as the number of online banking users per month or the number of times a client accesses online banking per month.

      Design service metrics to track service performance and value

      CASE STUDY
      Industry: Manufacturing | Source: CIO
      Challenge Solution Results
      The IT organization needed to generate metrics to show the business whether the video conferencing service was being adopted and if it was providing the expected outcome and value.

      Standard IT metrics were technical and did not provide a business context that allowed for easy understanding of performance and decision making.

      		The IT organization, working through the CIO and service managers, sat down with the key business stakeholders of the video conferencing service.

      They discussed the goals for the meeting and defined the success criteria for those goals in the context of video conference meeting outcomes.

      The success criteria that were discussed were then translated into a set of questions (key performance indicators) that if answered, would show that the success criteria were achieved.

      		The service manager identified what could be measured to answer the defined questions and eliminated any metrics that were either business metrics or non-IT related.

      The remaining metrics were identified as the possible service metrics, and the ability to gather the information and produce the metric was confirmed.

      Service metrics were defined for:

      1. Percent of video conference meetings delivered successfully
      2. Growth in the number of executive meetings conducted via video conference

      If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

      Book a workshop with our Info-Tech analysts:

      Photo of Valence Howden, Senior Manager, CIO Advisory, Info-Tech Research Group.
      • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
      • Info-Tech analyst will join you and your team onsite at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.
      • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

      The following are sample activities that will be conducted by Info-Tech analysts with your team:

      1.1

      		 Sample of activity 1.1 'Determine your stakeholders'. Determine stakeholder needs, goals, and pain points

      The onsite analyst will help you select key stakeholders and analyze their business objectives and current pain points.

      1.2

      		 Sample of activity 1.2 'Identify goals and pain points of your stakeholders'. Determine the success criteria and related IT services

      The analyst will facilitate a discussion to uncover the information that these stakeholders care about. The group will also identify the IT services that are supporting these objectives.

      If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

      Book a workshop with our Info-Tech analysts:

      1.5

      		 Sample of activity 1.5 'Derive service metrics'. Derive the service metrics

      Based on the key performance indicators obtained in the previous page, derive meaningful business metrics that are relevant to the stakeholders.

      1.6

      		 Sample of activity 1.6 'Determine if you can measure the identified metric'. Validate the data collection process

      The analyst will help the workshop group determine whether the identified metrics can be collected and measured. If so, a calculation methodology is created.

      1.7

      		 Sample of activity 1.7 'Create the caluclation to measure it'. Validate metrics with stakeholders

      Establish a feedback mechanism to have business stakeholders validate the meaningfulness of the metrics.

      Develop Meaningful Service Metrics to Ensure Business and User Satisfaction

      PHASE 2

      Design Reports and Dashboards

      Step (2): Design Reports and Dashboards

      PHASE 1PHASE 2PHASE 3

      1.1

      Derive the Service Metrics

      1.2

      Validate the Metrics

      2.1

      Determine Reporting Format

      3.1

      Select Pilot Metrics

      3.2

      Activate and Maintain Metrics

      This step involves the following participants:

      • Business Relationship Manager
      • Service Level Manager
      • Business Stakeholders

      Outcomes of this step

      • Presentation format selected based on stakeholder needs and preference for information
      • Presentation format validated with stakeholders

      Phase 2 outline

      Associated Activity icon Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

      Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

      Guided Implementation 2: Design Reports and Dashboards

      Proposed Time to Completion (in weeks): 3 weeks
      Step 2.1: Select Presentation Format Step 2.2: Review Design
      Start with an analyst kick-off call:
      • Review the different format of metrics presentation and discuss the pros/cons of each format
      • Discuss stakeholder needs/preference for data
      • Select the presentation format
      		 Review findings with analyst:
      • Discuss stakeholder feedback based on selected presentation format
      • Modify and adjust the presentation format as needed
      Then complete these activities…
      • Design the metrics using the selected format
      		 Then complete these activities…
      • Finalize the design for metrics presentation
      With these tools & templates:
      • Metrics Presentation Format Selection Guide
      		 With these tools & templates:
      • Metrics Presentation Format Selection Guide

      Design the reports – overview

      Figure representing 'SLM' and/or 'BRM'. Step 1
      Understand the pros and cons of different reporting styles       		Figure representing 'SLM' and/or 'BRM'. Step 2
      Determine your reporting and presentation style

      Presentation Format Selection

      		Figure representing 'SLM' and/or 'BRM'. Step 3
      Design your metrics reports       		A star.

      Validated Service Reports

      The design of service metrics reporting is critically important. The reporting style must present the right information in the most interesting and stakeholder-centric way possible to ensure that it is read and used.

      The reports must also display information in a way that generates actions. If your stakeholders cannot make decisions, kick off activities, or ask questions based on your reports, then they have no value.

      Determine the right presentation format for your metrics

      Most often, metrics are presented in the following ways:

      Dashboard
      (PwC. “Mega-Trends and Implications.”)
      Sample of the 'Dashboard' metric presentation format.       		Infographic
      (PwC. “Healthcare’s new entrants.”)
      Sample of the 'Infographic' metric presentation format.
      Report
      (PwC Blogs. “Northern Lights.”)
      Sample of the 'Report' metric presentation format.       		Scorecard
      (PwC. “Annual Report 2015.”)
      Sample of the 'Scorecard' metric presentation format.

      Understand the advantages and disadvantages of each reporting style – Dashboard

      A dashboard is a reporting method that provides a dynamic at-a-glance view of key metrics from the perspective of key stakeholders. It provides a quick graphical way to process important performance information in real time.

      Features

      Typically web-based

      Dynamic data that is updated in real time

      		Advantage

      Aggregates a lot of information into a single view

      Presents metrics in a simplistic style that is well understood

      Provides a quick point-in-time view of performance

      Easy to consume visual presentation style

      		Disadvantage

      Complicated to set up well.
      Requires additional technology support: programming, API, etc.

      Promotes a short-term outlook – focus on now, no historical performance and no future trends. Doesn’t provide the whole picture and story.

      Existing dashboard tools are often not customized enough to provide real value to each stakeholder.

      Dashboards present real-time metrics that can be accessed and viewed at any time

      Sample of the 'Dashboard' metric presentation format.
      (Source: PwC. “Mega-Trends and Implications.”)       		Metrics presented through online dashboards are calculated in real time, which allows for a dynamic, current view into the performance of IT services at any time.

      Understand the advantages and disadvantages of each reporting style – Infographic

      An infographic is a graphical representation of metrics or data, which is used to show information quickly and clearly. It’s based on the understanding that people retain and process visual information more readily than written details.

      Features

      Turns dry into attractive –transforms data into eye-catching visual memory that is easier to retain

      Can be used as the intro to a formal report

      There are endless types of infographics

      		Advantage

      Easily consumable

      Easy to retain

      Eye catching

      Easily shared

      Spurs conversation

      Customizable

      		Disadvantage

      Require design expertise and resources

      Can be time consuming to generate

      Could be easily misinterpreted

      Message can be lost with poor design

      Infographics allow for completely unique designs

      Sample of the 'Infographic' metric presentation format.
      (Source: PwC. “Healthcare’s new entrants…”)       		There is no limit when it comes to designing an infographic. The image used here visually articulates the effects of new entrants pulling away the market.

      Understand the advantages and disadvantages of each reporting style – Formal Report

      A formal report is a more structured and official reporting style that contains detailed research, data, and information required to enable specific business decisions, and to help evaluate performance over a defined period of time.

      Definition

      Metrics can be presented as a component of a periodic, formal report

      A physical document that presents detailed information to a particular audience

      		Advantage

      More detailed, more structured and broader reporting period

      Formal, shows IT has put in the effort

      Effectively presents a broader and more complete story

      Targets different stakeholders at the same time

      		Disadvantage

      Requires significant effort and resources

      Higher risk if the report does not meet the expectation of the business stakeholder

      Done at a specific time and only valuable for that specific time period

      Harder to change format

      Formal reports provide a detailed view and analysis of performance

      Sample of the 'Formal Report' metric presentation format.
      (Source: PwC Blogs. “Northern Lights: Where are we now?”)       		An effective report incorporates visuals to demonstrate key improvements.

      Formal reports can still contain visuals, but they are accompanied with detailed explanations.

      Understand the advantages and disadvantages of each reporting style – Scorecard

      A scorecard is a graphic view of the progress and performance over time of key performance metrics. These are in relation to specified goals based on identified critical stakeholder objectives.

      Features

      Incorporates multiple metrics effectively.

      Scores services against the most important organizational goals and objectives. Scorecards may tie back into strategy and different perspectives of success.

      		Advantage

      Quick view of performance against objectives

      Measure against a set of consistent objectives

      Easily consumable

      Easy to retain

      		Disadvantage

      Requires a lot of forethought

      Scorecards provide a time-bound summary of performance against defined goals

      Sample of the 'Scorecard' metric presentation format.
      (PwC. “Annual Report 2015.”)       		Scorecards provide a summary of performance that is directly linked to the organizational KPIs.

      Determine your report style

      Supporting Tool icon 2.1 Metrics Presentation Format Selection Guide

      In this section, you will determine the optimal reporting style for the service metrics.

      This guide contains four questions, which will help IT organizations identify the most appropriate presentation format based on stakeholder preference and needs for metrics.

      1. Who is the relevant stakeholder?
      2. What are the defined actions for the metric?
      3. How frequently does the stakeholder need to see the metric?
      4. How does the stakeholder like to receive information?
      		 Sample of Info-Tech's Metrics Presentation Format Selection Guide.
      Download the Metrics Presentation Format Selection Guide.

      Determine your best presentation option

      Supporting Tool icon 2.1 2 Hours

      INPUT: Identified stakeholder and his/her role

      OUTPUT: Proper presentation format based on need for information

      Materials: Metrics Presentation Format Selection Guide

      Participants: BRM, SLM, Program Manager

      After deciding on the report type to be used to present the metric, the organization needs to consider how stakeholders will consume the metric.

      There are three options based on stakeholder needs and available presentation options within IT.

      1. Paper-based presentation is the most traditional form of reporting and works well with stakeholders who prefer physical copies. The report is produced at a specific time and requires no additional IT capability.
      2. Online documents stored on webpages, SharePoint, or another knowledge management system could be used to present the metrics. This allows the report to be linked to other information and easily shared.
      3. Online dashboards and graphics can be used to have dynamic, real-time reporting and anytime access. These webpages can be incorporated into an intranet and allow the user to view the metrics at any time. This will require IT to continuously update the data in order to maintain the accuracy of the metrics.

      Design your metric reports with these guidelines in mind

      Supporting Tool icon 2.2 30 Minutes
      1. Stakeholder-specificThe report must be driven by the identified stakeholder needs and preferences and articulate the metrics that are important to them.
      2. ClarityTo enable decision making and drive desired actions, the metrics must be clear and straightforward. They must be presented in a way that clearly links the performance measurement to the defined outcome without leading to different interpretations of the results.
      3. SimplicityThe report must be simple to read, understand, and analyze. The language of the report must be business-centric and remove as much complexity as possible in wording, imaging, and context.

      Be sure to consider access rights for more senior reports. Site and user access permissions may need to be defined based on the level of reporting.

      Metrics reporting on the video conferencing service

      CASE STUDY
      Industry: Manufacturing | Source: CIO Interview
      The Situation

      The business had a clear need to understand if the implementation of video conferencing would allow previously onsite meetings to achieve the same level of effectiveness.

      Reporting Context

      Provided reports had always been generated from an IT perspective and the business rarely used the information to make decisions.

      The metrics needed to help the business understand if the meetings were remaining effective and be tied into the financial reporting against travel expenses, but there would be limited visibility during the executive meetings.

      Approach

      The service manager reviewed the information that he had gathered to confirm how often they needed information related to the service. He also met with the CIO to get some insight into the reports that were already being provided to the business, including the ones that were most effective.

      Considerations

      The conversations identified that there was no need for a dynamic real-time view of the performance of the service, since tracking of cost savings and utility would be viewed monthly and quarterly. They also identified that the item would be discussed within a very small window of time during the management meetings.

      The Solution

      It was determined that the best style of reporting for the metric was an existing scorecard that was produced monthly, using some infographics to ensure that the information is clear at a glance to enable quick decision making.

      If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

      Book a workshop with our Info-Tech analysts:

      Photo of Valence Howden, Senior Manager, CIO Advisory, Info-Tech Research Group.
      • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
      • Info-Tech analyst will join you and your team onsite at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.
      • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

      The following are sample activities that will be conducted by Info-Tech analysts with your team:

      2.1

      		 Sample of presentation format option slide 'Determine the right presentation format for your metrics'. Understand the different presentation options

      The onsite analyst will introduce the group to the communication vehicles of infographic, scorecard, formal report, and dashboard.

      2.1

      		 Sample of activity 2.1 'Determine your best presentation option'. Assess stakeholder needs for information

      For selected stakeholders, the analyst will facilitate a discussion on how stakeholders would like to view information and how the metrics can be presented to aid decision making.

      If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

      Book a workshop with our Info-Tech analysts:

      2.2

      		 Sample of activity 2.2 'Design your metric reports with these guidelines in mind'. Select and design the metric report

      Based on the discussion, the working group will select the most appropriate presentation format and create a rough draft of how the report should look.

      Develop Meaningful Service Metrics to Ensure Business and User Satisfaction

      PHASE 3

      Implement, Track, and Maintain Your Metrics

      Step (3): Implement, Track, and Maintain Your Metrics

      PHASE 1PHASE 2PHASE 3

      1.1

      Derive the Service Metrics

      1.2

      Validate the Metrics

      2.1

      Determine Reporting Format

      3.1

      Select Pilot Metrics

      3.2

      Activate and Maintain Metrics

      This step involves the following participants:

      • Service Level Manager
      • Business Relationship Manager
      • Service Metrics Program Manager

      Activities in this step

      • Determine the first batch of metrics to be implemented as part of the pilot program
      • Create a process to collect and validate data, determine initial targets, and integrate with SLM and BRM functions
      • Present the metric reports to the relevant stakeholders and incorporate the feedback into the metric design
      • Establish a standard process and roll out the implementation of metrics in batches
      • Establish a process to monitor and track the effectiveness of the service metrics program and make adjustments when necessary

      Phase 3 outline

      Associated Activity icon Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

      Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

      Guided Implementation 3: Implement, Track, and Maintain Your Metrics

      Proposed Time to Completion (in weeks): 4 weeks
      Step 3.1: Select and Launch Pilot Metrics Step 3.2: Track and Maintain the Metrics
      Start with an analyst kick-off call:
      • Identify metrics that will be presented first to the stakeholders based on urgency or impact of the IT service
      • Determine the process to collect data, select initial targets, and integrate with SLM and BRM functions
      		 Review findings with analyst:
      • Review the success of metrics and discuss feedback from stakeholders
      • Roll out the metrics implementation to a broader audience
      • Establish roles and timelines for metrics maintenance
      Then complete these activities…
      • Document the first batch of metrics
      • Document the baseline, initial targets
      • Create a plan to integrate with SLM and BRM functions
      		 Then complete these activities…
      • Create a document that defines how the organization will track and maintain the success of the metrics program
      • Review the metrics program periodically
      With these tools & templates:
      • Metrics Tracking Tool
      		 With these tools & templates:
      • Metrics Tracking Tool

      Implement, Track, and Maintain the Metrics

      Figure representing 'SLM' and/or 'BRM'. Step 1
      Run your pilot

      Metrics Tracking Tool

      		Figure representing 'SLM' and/or 'BRM'. Step 2
      Validate success

      Metrics Tracking Tool

      		Figure representing 'SLM' and/or 'BRM'. Step 3
      Implement your metrics program in batches

      Metrics Tracking Tool

      		A star.

      Active Service Metrics Program

      Once you have defined the way that you will present the metrics, you are ready to run a pilot with a smaller sample of defined service metrics.

      This allows you to validate your approach and make refinements to the implementation and maintenance processes where necessary, prior to activating all service metrics.

      Track the performance of your service metrics

      Supporting Tool icon 3.1

      The Metrics Tracking Tool will enable you to track goals and success metrics for your service metrics programs. It allows you to set long-term goals and track your results over time.

      There are three sections in this tool:
      1. Metrics Tracking Plan. Identify the metrics to be tracked and their purpose.
      2. Metrics Tracking Actuals. Monitor and track the actual performance of the metrics.
      3. Remediation Tracking. Determine and document the steps that need to be taken to correct a sub-performing metric.
      		 Sample of Info-Tech's Metrics Tracking Tool.

      Select pilot metrics

      Supporting Tool icon 3.1 30 Minutes

      INPUT: Identified services, Business feedback

      OUTPUT: Services with most urgent need or impact

      Materials: Service catalog or list of identified services

      Participants: BRM, SLM, Business representatives

      To start the implementation of your service metrics program and drive wider adoption, you need to run a pilot using a smaller subset of metrics.

      INSTRUCTIONS

      To determine the sample for the pilot, consider metrics that:

      • Are related to critical business services and functions
        • or
      • Address known/visible pain points for the business
        • or
      • Were designed for supportive or influential stakeholders

      Metrics that meet two or more criteria are ideal for the pilot

      Collect and validate data

      Supporting Tool icon 3.2 1 Hour

      INPUT: Identified metrics

      OUTPUT: A data collection mythology, Metrics tracking

      Materials: Metrics

      Participants: SLM, BRM, Service owner

      You will need to start collection and validation of your identified data in order to calculate the results for your pilot metrics.

      INSTRUCTIONS

      1. Initiate data collection
        • Use the data sources identified during the design phase and initiate the data collection process.
      2. Determine start date
        • If historical data can be retrieved and gathered, determine how far back you want your measurements to start.
      3. Compile data and validate
        • Ensure that the information is accurate and up to date. This will require some level of data validation and audit.
      4. Run the metric
        • Use the defined calculation and source data to generate the metrics result.
      5. Record metrics results
        • Use the metrics tracking sheet to track the actual results.

      Determine initial targets

      Supporting Tool icon 3.3 1 Hour

      INPUT: Historical data/baseline data

      OUTPUT: Realistic initial target for improvement

      Materials: Metrics Tracking Tool

      Participants: BRM, SLM, Service owner

      INSTRUCTIONS

      Identify an initial service objective based on one or more of the following options:

      1. Establish an initial target using historical data and trends of performance.
      2. Establish an initial target based on stakeholder-identified requirements and expectations.
      3. Run the metrics report over a defined period of time and use the baseline level of achievement to establish an initial target.

      The target may not always be a number - it could be a trend. The initial target will be changed after review with stakeholders

      Integrate with SLM and BRM processes

      Supporting Tool icon 3.4 1 Hour

      INPUT: SLM and BRM SOPs or responsibility documentations

      OUTPUT: Integrate service metrics into the SLM/BRM role

      Materials: SLM / BRM reports

      Participants: SLM, BRM, CIO, Program manager, Service manager

      The service metrics program is usually initiated, used, and maintained by the SLM and BRM functions.

      INSTRUCTIONS

      Ensure that the metrics pilot is integrated with those functions by:

      1. Engaging with SLM and BRM functions/resources
        • Identify SLM and BRM resources associated with or working on the services where the metrics are being piloted
        • Obtain their feedback on the metrics/reporting
      2. Integrating with the existing reporting and meeting cycles
        • Ensure the metrics will be calculated and available for discussion at standing meetings and with existing reports
      3. Establishing the metrics review and validation cycle for these metrics
        • Confirm the review and validation period for the metrics in order to ensure they remain valuable and actionable

      Generate reports and present to stakeholders

      Supporting Tool icon 3.5 1 Hour

      INPUT: Identified metrics, Selected presentation format

      OUTPUT: Metrics reports that are ready for distribution

      Materials: Metrics Presentation Format Selection Guide

      Participants: BRM, SLM, CIO, Business representatives

      INSTRUCTIONS

      Once you have completed the calculation for the pilot metrics:

      1. Confirm the report style for the selected metrics (as defined in Phase 2)
      2. Generate the reporting for the pilot metrics
      3. Present the pilot metric reports to the identified BRM and SLM resources who will present the reporting to the stakeholders
      4. Gather feedback from Stakeholders on metrics - results and process
      5. Create and execute remediation plans for any actions identified from the metrics
      6. Initiate the review cycle for metrics (to ensure they retain value)

      Plan the rollout and implementation of the metrics reporting program

      Supporting Tool icon 3.6 1 Hour

      INPUT: Feedback from pilot, Services in batch

      OUTPUT: Systematic implementation of metrics

      Materials: Metrics Tracking Tool

      Participants: BRM, SLM, Program manager

      Upon completion of the pilot, move to start the broader implementation of metrics across the organization:

      INSTRUCTIONS

      1. Identify the service metrics that you will implement. They can be selected based on multiple criteria, including:
        • Organizational area/business unit
        • Service criticality
        • Pain points
        • Stakeholder engagement (detractors, supporters)
      2. Create a rollout plan for implementation in batches, identifying expected launch timelines, owners, targeted stakeholders, and communications plans
      3. Use the implementation plan from the pilot to roll out each batch of service metrics:
        • Collect and validate data
        • Determine target(s)
        • Integrate with BRM and SLM
        • Generate and communicate reports to stakeholders

      Maintain the service metrics

      Supporting Tool icon 3.7 1.5 Hour

      INPUT: Feedback from business stakeholders

      OUTPUT: Modification to individual metrics or to the process

      Materials: Metrics Tracking Tool, Metrics Development Workbook

      Participants: CIO, BRM, SLM, Program manager, Service owner

      Once service metrics and reporting become active, it is necessary to determine the review time frame for your metrics to ensure they remain useful.

      INSTRUCTIONS

      1. Confirm and establish a review time frame with stakeholders (e.g. annually, bi-annually, after organizational or strategic changes).
      2. Meet with stakeholders by the review date to discuss the value of existing metrics and validate:
        • Whether the goals associated with the metrics are still valid
        • If the metric is still necessary
        • If there is a more effective way to present the metrics
      3. Track actions based on review outcomes and update the remediation tracking sheet.
      4. Update tracking sheet with last complete review date.

      Maintain the metrics

      Supporting Tool icon 3.7

      Based on the outcome of the review meeting, decide what needs to be done for each metric, using the following options:

      Add

      A new metric is required or an existing metric needs large-scale changes (example: calculation method or scope).
      Triggers metrics design as shown in phases 1 and 2.

      		Change

      A minor change is required to the presentation format or data. Note: a major change in a metric would be performed through the Add option.

      Remove

      The metric is no longer required, and it needs to be removed from reporting and data gathering. A final report date for that metric should be determined.

      		Maintain

      The metric is still useful and no changes are required to the metric, its measurement, or how it’s reported.

      Ensuring metrics remain valuable

      VC CASE STUDY
      Industry: Manufacturing | Source: CIO Interview

      Reviewing the value of active metrics

      When the video conferencing service was initially implemented, it was performed as a pilot with a group of executives, and then expanded for use throughout the company. It was understood that prior to seeing the full benefit in cost reduction and increased efficiency and effectiveness, the rate of use and adoption had to be understood.

      The primary service metrics created for the service were based on tracking the number of requests for video conference meetings that were received by the IT organization. This identified the growth in use and could be used in conjunction with financial metrics related to travel to help identify the impact of the service through its growth phase.

      Once the service was adopted, this metric continued to be tracked but no longer showed growth or expanded adoption.

      The service manager was no longer sure this needed to be tracked.

      Key Activity

      The metrics around requests for video conference meetings were reviewed at the annual metrics review meeting with the business. The service manager asked if the need for the metric, the goal of tracking adoption, was still important for the business.

      The discussion identified that the adoption rate was over 80%, higher than anticipated, and that there was no value in continuing to track this metric.

      Based on the discussion, the adoption metrics were discontinued and removed from data gathering and reporting, while a success rate metric was added (how many meetings ran successfully and without issue) to ensure the ongoing value of the video conferencing service.

      If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

      Book a workshop with our Info-Tech analysts:

      Photo of Valence Howden, Senior Manager, CIO Advisory, Info-Tech Research Group.
      • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
      • Info-Tech analyst will join you and your team onsite at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.
      • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

      The following are sample activities that will be conducted by Info-Tech analysts with your team:

      3.1

      		 Sample of activity 3.1 'Select pilot metrics'. Select the pilot metrics

      The onsite analyst will help the workshop group select the metrics that should be first implemented based on the urgency and impact of these metrics.

      3.2

      		 Sample of activity 3.2 'Collect and validate data'. Gather data and set initial targets

      The analyst will help the group create a process to gather data, measure baselines, and set initial targets.

      If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

      Book a workshop with our Info-Tech analysts:

      3.5

      		 Sample of activity 3.5 'Generate reports and present to stakeholders'. Generate the reports and validate with stakeholders

      The Info-Tech analyst will help the group establish a process to receive feedback from the business stakeholders once the report is generated.

      3.6

      		 Sample of activity 3.6 'Plan the rollout and implementation of the metrics reporting program'. Implement the service metrics program

      The analyst will facilitate a discussion on how to implement the metrics program across the organization.

      3.7

      		 Sample of activity 3.7 'Maintain the service metrics'. Track and maintain the metrics program

      Set up a mechanism to ensure the success of the metrics program by assessing process adherence and process validity.

      Insight breakdown

      Insight 1

      Service metrics are critical to ensuring alignment of IT service performance and business service value achievement.

      Insight 2

      Service metrics reinforce positive business and end-user relationships by providing user-centric information that drives responsiveness and consistent service improvement.

      Insight 3

      Poorly designed metrics drive unintended and unproductive behaviors that have negative impacts on IT and produce negative service outcomes.

      Summary of accomplishment

      Knowledge Gained

      • Follow a methodology to identify metrics that are derived from business objectives.
      • Understand the proper presentation format based on stakeholder needs for information.
      • Establish a process to ensure the metrics provided will continue to provide value and aid decision making.

      Processes Optimized

      • Metrics presentation to business stakeholders
      • Metrics maintenance and tracking

      Deliverables Completed

      • Metrics Development Workbook
      • Metrics Presentation Format Selection Guide
      • Metrics Tracking Tool

      Research contributors and experts

      Name Organization
      Joe Evers Joe Evers Consulting
      Glen Notman Associate Partner, Citihub
      David Parker Client Program Manager, eHealth Ontario
      Marianne Doran Collins CIO, The CIO-Suite, LLC
      Chris Kalbfleisch Manager, Service Management, eHealth Ontario
      Joshua Klingenberg BHP Billiton Canada Inc.

      Related Info-Tech research

      Stock image of a menu. Design & Build a User-Facing Service Catalog
      The user-facing service catalog is the go-to place for IT service-related information.
      Stock image of a laptop keyboard. Unleash the True Value of IT by Transforming Into a Service Provider
      Earn your seat at the table and influence business strategy by becoming an IT service provider.

      Bibliography

      Pollock, Bill. “Service Benchmarking and Measurement: Using Metrics to Drive Customer Satisfaction and Profits.” Aberdeen Group. June 2009. http://722consulting.com/ServiceBenchmarkingandMeasurement.pdf

      PwC. “Mega-Trends and Implications.” RMI Discussion. LinkedIn SlideShare. September 2015. http://www.slideshare.net/AnandRaoPwC/mega-trends-and-implications-to-retirement

      PwC. “Healthcare’s new entrants: Who will be the industry’s Amazon.com?” Health Research Institute. April 2014. https://www.pwc.com/us/en/health-industries/healthcare-new-entrants/assets/pwc-hri-new-entrant-chart-pack-v3.pdf

      PwC. “Northern Lights: Where are we now?” PwC Blogs. 2012. http://pwc.blogs.com/files/12.09.06---northern-lights-2--summary.pdf

      PwC. “PwC’s key performance indicators

      Maximize Value From Your Value-Added Reseller (VAR)

      • Buy Link or Shortcode: {j2store}215|cart{/j2store}
      • member rating overall impact: 10.0/10 Overall Impact
      • member rating average dollars saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
      • member rating average days saved: Read what our members are saying
      • Parent Category Name: Vendor Management
      • Parent Category Link: /vendor-management

      Organizations need to understand their value-added reseller (VAR) portfolio and the greater VAR landscape to better:

      • Manage the VAR portfolio.
      • Understand additional value each VAR can provide.
      • Maximize existing VAR commitments.
      • Evaluate the VARs’ performance.

      Our Advice

      Critical Insight

      VARs typically charge more for products because they are in some way adding value. If you’re not leveraging any of the provided value, you’re likely wasting money and should use a basic commodity-type reseller for procurement.

      Impact and Result

      This project will provide several benefits to Vendor Management and Procurement:

      • Defined VAR value and performance tracking.
      • Manageable portfolio of VARs that fully benefit the organization.
      • Added training, licensing advice, faster quoting, and invoicing resolution.
      • Reduced deployment and logistics costs.

      Maximize Value From Your Value-Added Reseller (VAR) Research & Tools

      Start here – read the Executive Brief

      Read our informative Executive Brief to find out why you should maximize value from your value-added reseller, review Info-Tech’s methodology, and understand the three ways to better manage your VARs improve performance and reduce costs.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Organize and prioritize

      Organize all your VARs and create a manageable portfolio detailing their value, specific, product, services, and certifications.

      • Maximize Value From Your Value-Added Reseller – Phase 1: Organize and Prioritize
      • VAR Listing and Prioritization Tool

      2. “EvaluRate” your VARs

      Create an in-depth evaluation of the VARs’ capabilities.

      • Maximize Value From Your Value-Added Reseller – Phase 2: EvaluRate Your VARs
      • VAR Features Checklist Tool
      • VAR Profile and EvaluRation Tool

      3. Consolidate and reduce

      Assess each VAR for low performance and opportunity to increase value or consolidate to another VAR and reduce redundancy.

      • Maximize Value From Your Value-Added Reseller – Phase 3: Consolidate and Reduce

      4. Maximize their value

      Micro-manage your primary VARs to ensure performance to commitments and maximize their value.

      • Maximize Value From Your Value-Added Reseller – Phase 4: Maximize Their Value
      • VAR Information and Scorecard Workbook
      [infographic]

      Run Better Meetings

      • Buy Link or Shortcode: {j2store}287|cart{/j2store}
      • member rating overall impact: N/A
      • member rating average dollars saved: N/A
      • member rating average days saved: N/A
      • Parent Category Name: Voice & Video Management
      • Parent Category Link: /voice-video-management

      Your newly hybrid workplace will include virtual, hybrid, and physical meetings, presenting several challenges:

      • The experience for onsite and remote attendees is not equal.
      • Employees are experiencing meeting and video fatigue.
      • Meeting rooms are not optimized for hybrid meetings.
      • The fact is that many people have not successfully run hybrid meetings before.

      Our Advice

      Critical Insight

      • Successful hybrid workplace plans must include planning around hybrid meetings. Seamless hybrid meetings are the result of thoughtful planning and documented best practices.

      Impact and Result

      • Identify your current state and the root cause of unsatisfactory meetings.
      • Review and identify meetings best practices around meeting roles, delivery models, and training.
      • Improve the technology that supports meetings.
      • Use Info-Tech’s quick checklists and decision flowchart to accelerate meeting planning and cover your bases.

      Run Better Meetings Research & Tools

      Start here – read the Executive Brief

      Read our concise Executive Brief to find out why you should run better meetings, review Info-Tech’s methodology, and understand the ways we can support you in completing this project.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Identify the current state of meetings

      Understand the problem before you try to fix it. Before you can improve meetings, you need to understand what your norms and challenges currently are.

      • Checklist: Run a Virtual or Hybrid Meeting

      2. Publish best practices for how meetings should run

      Document meeting roles, expectations, and how meetings should run. Decide what kind of meeting delivery model to use and develop a training program.

      • Meeting Challenges and Best Practices
      • Meeting Type Decision Flowchart (Visio)
      • Meeting Type Decision Flowchart (PDF)

      3. Improve meeting technology

      Always be consulting with users: early in the process to set a benchmark, during and after every meeting to address immediate concerns, and quarterly to identify trends and deeper issues.

      • Team Charter
      • Communications Guide Poster Template
      [infographic]

      Workshop: Run Better Meetings

      Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

      1 Identify Current State of Meetings

      The Purpose

      Understand the current state of meetings in your organization.

      Key Benefits Achieved

      What you need to keep doing and what you need to change

      Activities

      1.1 Brainstorm meeting types.

      1.2 Document meeting norms.

      1.3 Document and categorize meeting challenges.

      Outputs

      Documented challenges with meetings

      Meeting norms

      Desired changes to meeting norms

      2 Review and Identify Best Practices

      The Purpose

      Review and implement meeting best practices.

      Key Benefits Achieved

      Defined meeting best practices for your organization

      Activities

      2.1 Document meeting roles and expectations.

      2.2 Review common meeting challenges and identify best practices.

      2.3 Document when to use a hybrid meeting, virtual meeting, or an in-person meeting.

      2.4 Develop a training program.

      Outputs

      Meeting roles and expectations

      List of meeting best practices

      Guidelines to help workers choose between a hybrid, virtual, or in-person meeting

      Training plan for meetings

      3 Improve Meeting Technology

      The Purpose

      Identify opportunities to improve meeting technology.

      Key Benefits Achieved

      A strategy for improving the underlying technologies and meeting spaces

      Activities

      3.1 Empower virtual meeting attendees.

      3.2 Optimize spaces for hybrid meetings.

      3.3 Build a team of meeting champions.

      3.4 Iterate to build and improve meeting technology.

      3.5 Guide users toward each technology.

      Outputs

      Desired improvements to meeting rooms and meeting technology

      Charter for the team of meeting champions

      Communications Guide Poster

      Reduce Time to Consensus With an Accelerated Business Case

      • Buy Link or Shortcode: {j2store}286|cart{/j2store}
      • member rating overall impact: 9.5/10 Overall Impact
      • member rating average dollars saved: $12,999 Average $ Saved
      • member rating average days saved: 5 Average Days Saved
      • Parent Category Name: Business Analysis
      • Parent Category Link: /business-analysis
      • Enterprise application initiatives are complex, expensive, and require a significant amount of planning before initiation.
      • A financial business case is sometimes used to justify these initiatives.
      • Once the business case (and benefits therein) are approved, the case is forgotten, eliminating a critical check and balance of benefit realization.

      Our Advice

      Critical Insight

      1. Frame the conversation.

      Understand the audience and forum for the business case to best frame the conversation.

      2. Time-box the process of building the case.

      More time should be spent on performing the action rather than building the case.

      3. The business case is a living document.

      The business case creates the basis for review of the realization of the proposed business benefits once the procurement is complete.

      Impact and Result

      • Understand the drivers for decision making in your organization, and the way initiatives are evaluated.
      • Compile a compelling business case that provides decision makers with sufficient information to make decisions confidently.
      • Evaluate proposed enterprise application initiatives “apples-to-apples” using a standardized and repeatable methodology.
      • Provide a mechanism for tracking initiative performance during and after implementation.

      Reduce Time to Consensus With an Accelerated Business Case Research & Tools

      Start here – read the Executive Brief

      Read our concise Executive Brief to find out why you should build a business case for enterprise application investments, review Info-Tech’s methodology, and understand how we can support you in completing this project.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Gather the required information

      Complete the necessary preceding tasks to building the business case. Rationalize the initiative under consideration, determine the organizational decision flow following a stakeholder assessment, and conduct market research to understand the options.

      • Reduce Time to Consensus With an Accelerated Business Case – Phase 1: Gather the Required Information
      • Business Case Readiness Checklist
      • Business Case Workbook
      • Request for Information Template
      • Request for Quotation Template

      2. Conduct the business case analysis

      Conduct a thorough assessment of the initiative in question. Define the alternatives under consideration, identify tangible and intangible benefits for each, aggregate the costs, and highlight any risks.

      • Reduce Time to Consensus With an Accelerated Business Case – Phase 2: Conduct the Business Case Analysis

      3. Make the case

      Finalize the recommendation based on the analysis and create a business case presentation to frame the conversation for key stakeholders.

      • Reduce Time to Consensus With an Accelerated Business Case – Phase 3: Make the Case
      • Full-Form Business Case Presentation Template
      • Summary Business Case Presentation Template
      • Business Case Change Log
      • Business Case Close-Out Form
      [infographic]

      Workshop: Reduce Time to Consensus With an Accelerated Business Case

      Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

      1 Plan for Business Case Development

      The Purpose

      Complete the necessary preceding tasks to building a strong business case.

      Key Benefits Achieved

      Alignment with business objectives.

      Stakeholder buy-in.

      Activities

      1.1 Map the decision flow in your organization.

      1.2 Define the proposed initiative.

      1.3 Define the problem/opportunity statement.

      1.4 Clarify goals and objectives expected from the initiative.

      Outputs

      Decision traceability

      Initiative summary

      Problem/opportunity statement

      Business objectives

      2 Build the Business Case Model

      The Purpose

      Put together the key elements of the business case including alternatives, benefits, and costs.

      Key Benefits Achieved

      Rationalize the business case.

      Activities

      2.1 Design viable alternatives.

      2.2 Identify the tangible and intangible benefits.

      2.3 Assess current and future costs.

      2.4 Create the financial business case model.

      Outputs

      Shortlisted alternatives

      Benefits tracking model

      Total cost of ownership

      Impact analysis

      3 Enhance the Business Case

      The Purpose

      Determine more integral factors in the business case such as ramp-up time for benefits realization as well as risk assessment.

      Key Benefits Achieved

      Complete a comprehensive case.

      Activities

      3.1 Determine ramp-up times for costs and benefits.

      3.2 Identify performance measures and tracking.

      3.3 Assess initiative risk.

      Outputs

      Benefits realization schedule

      Performance tracking framework

      Risk register

      4 Prepare the Business Case

      The Purpose

      Finalize the recommendation and formulate the business case summary and presentation.

      Key Benefits Achieved

      Prepare the business case presentation.

      Activities

      4.1 Choose the alternative to be recommended.

      4.2 Create the detailed and summary business case presentations.

      4.3 Present and incorporate feedback.

      4.4 Monitor and close out.

      Outputs

      Final recommendation

      Business case presentation

      Final sign-off

      Design a VIP Experience for Your Service Desk

      • Buy Link or Shortcode: {j2store}480|cart{/j2store}
      • member rating overall impact: N/A
      • member rating average dollars saved: N/A
      • member rating average days saved: N/A
      • Parent Category Name: Service Desk
      • Parent Category Link: /service-desk
      • VIPs and executives expect to get immediate service for every IT issue, no matter how minor, and the service desk is constantly in reactive mode trying to quickly resolve these issues.
      • VIPs don’t understand or have input into service desk processes, procedures, and SLAs, especially when it comes to prioritization of their issues over other tickets.
      • The C-suite calls the CIO directly with every issue they have, tying them up and forcing them to redirect resources with little notice.
      • VIP tickets sit in the queue too long without a response or resolution, and VIPs are dissatisfied with the service they receive.

      Our Advice

      Critical Insight

      • Service desk and IT leaders are unclear on VIPs' service delivery expectations or the best support model to meet their needs while continuing to meet SLAs for the rest of the organization.
      • Deploying resources to service VIPs ahead of other users or more critical problems can result in inappropriate prioritization of issues and poor service delivery to the rest of the organization.
      • The reality for most organizations is that VIPs need special treatment; but providing VIP service shouldn’t come at the expense of good service delivery for the rest of the organization.

      Impact and Result

      • Stop being reactive to VIP requests and start planning for them so you can formally define the service and set expectations.
      • Talk to all relevant stakeholders to clarify their expectations before choosing a VIP service delivery model. Once you have designed your model, define and document the VIP service processes and procedures and communicate them to your stakeholders so everyone is clear on what is in and out of scope.
      • Once you’ve launched the service, track and report on key service desk metrics associated with VIP requests so you can properly allocate resources, budget accurately, evaluate the effectiveness of the service and demonstrate it to executives.

      Design a VIP Experience for Your Service Desk Research & Tools

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Design a VIP Experience for Your Service Desk Storyboard – A guide to defining your VIP service desk support model

      Follow the seven steps outlined in this blueprint to design a VIP support model that best suits your organization, then communicate and evaluate the service to ensure it delivers results.

      • Design a VIP Experience for Your Service Desk Storyboard

      2. Service Desk VIP Procedures Template – A customizable template to document your service desk procedures for handling VIP tickets.

      This template is designed to assist with documenting your service desk procedures for handling VIP or executive tickets. It can be adapted and customized to reflect your specific support model and procedures.

      • Service Desk VIP Procedures Template

      3. VIP Support Process Workflow Example – A Visio template to document your process for resolving VIP tickets.

      This Visio template provides an example of a VIP support process, with every step involved in resolving or fulfilling VIP service desk tickets. Use this as an example to follow and a template to document your own process.

      • VIP Support Process Workflow Example

      4. VIP Support Service Communication Template – A customizable PowerPoint template to communicate and market the service to VIP users.

      This template can be customized to use as an executive presentation to communicate and market the service to VIP users and ensure everyone is on the same page.

      • VIP Support Service Communication Template
      [infographic]

      Further reading

      Design a VIP Experience for Your Service Desk

      Keep the C-suite satisfied without sacrificing service to the rest of the organization.

      Analyst Perspective

      Stop being reactive to VIP demands and formalize their service offering.

      Natalie Sansone, PHD

      Natalie Sansone, PHD

      Research Director,
      Infrastructure & Operations
      Info-Tech Research Group

      In a perfect world, executives wouldn’t need any special treatment because the service desk could rapidly resolve every ticket, regardless of the submitter, keeping satisfaction levels high across the board.

      But we know that’s not the case for most organizations. Executives and VIPs demand higher levels of service because the reality in most companies is that their time is worth more. And any IT leader who’s had a VIP complain about their service knows that their voice also carries more weight than that of a regular dissatisfied user.

      That said, most service desks feel strapped for resources and don’t know how to improve service for VIPs without sacrificing service to the rest of the organization.

      The key is to stop being reactive to VIP demands and formalize your VIP service procedures so that you can properly set expectations for the service, monitor and measure it, and continually evaluate it to make changes if necessary.

      A VIP offering doesn’t have to mean a white glove concierge service, either – it could simply mean prioritizing VIP tickets differently. How do you decide which level of service to offer? Start by assessing your specific needs based on demand, gather requirements from relevant stakeholders, choose the right approach to fit your business needs and capabilities, clearly define and document all aspects of the service then communicate it so that everyone is on the same page as to what is in and out of scope, and continually monitor and evaluate the service to make changes and improvements as needed.

      Executive Summary

      Your Challenge

      • VIPs and executives expect to get immediate service for every IT issue, no matter how minor, and the service desk is constantly in reactive mode trying to quickly resolve these issues.
      • VIPs don’t understand or have input into service desk processes, procedures, and SLAs, especially when it comes to prioritization of their issues over other tickets.
      • The C-suite calls the CIO directly with every issue they have, tying them up and forcing them to redirect resources with little notice.
      • VIP tickets sit in the queue too long without a response or resolution, and VIPs are dissatisfied with the service they receive.

      Common Obstacles

      • Service desk and IT leaders are unclear on the expectations that VIPs have for service delivery, or they disagree about the best support model to meet their needs while continuing to meet SLAs for the rest of the organization.
      • Service desk teams with limited resources are unsure how best to allocate those resources to handle VIP tickets in a timely manner.
      • There aren’t enough resources available at the service desk to provide the level of service that VIPs expect for their issues.
      • Deploying resources to service VIPs ahead of other users can result in inappropriate prioritization of issues and poor service delivery to the rest of the organization

      Info-Tech's Approach

      • Stop being reactive to VIP requests and start planning for them so you can formally define the service and set expectations.
      • Talk to all relevant stakeholders to clarify their expectations before choosing a VIP service delivery model.
      • Define and document the VIP service processes and procedures, including exactly what is in and out of scope.
      • Track and report on metrics associated with VIP requests so you can properly allocate resources and budget for the service.
      • Continually evaluate the service to expand, reduce, or redefine it, as necessary.

      Info-Tech Insight

      The reality for most organizations is that VIPs need special treatment. But providing VIP service shouldn’t come at the expense of good service delivery for the rest of the organization. To be successful with your approach, formalize the VIP offering to bring consistency and clear expectations for both users and the IT staff delivering the service.

      Do any of these scenarios sound familiar?

      All these familiar scenarios can occur when the service desk treats VIP issues reactively and doesn’t have a defined, documented, and agreed-upon VIP process in place.
      • A VIP calls because their personal printer isn’t working, but you also have a network issue affecting payroll being able to issue paychecks. The VIP wants their issue fixed immediately despite there being a workaround and a higher priority incident needing resources.
      • The COO calls the CIO after hours about issues they’re having with their email. The CIO immediately deploys a field tech back to the office to help the COO. Once the tech arrives, the COO says the issue could have waited until the morning.
      • The company president wants IT to spend a day at their house setting up their new personal laptop to be able to connect into the office before their vacation tomorrow. It would take away one FTE from an already understaffed service desk.
      • The CEO brings their child’s new iPhone in and asks the service desk if they have time to set it up as a favor today. The service desk manager instructs the T2 apps specialist to drop his other tickets to work on this immediately.
      • Two tickets come in at the same time – one is from an SVP who can’t log in to Teams and has an online meeting in half an hour, and the other is for a department of 10 who can’t access the network. The service desk doesn’t know who to help first.

      Different organizations can take very different approaches to VIP requests

      CASE STUDIES

      Providing VIP support helped this company grow

      Allocating a dedicated VIP technician slowed down service delivery for this company

      Situation

      		 A SaaS company looking to build and scale its services and customers decided to set up a VIP support program, which involved giving their most valuable customers white glove treatment to ensure they had a great experience, became long-term customers, and thus had a positive influence on others to build up the company’s customer base. VIPs were receiving executive-level support with a dedicated person for VIP tickets. The VIPs were happy with the service, but the VIP technician’s regular work was frequently impeded by having to spend most of her time doing white glove activities. The service desk found that in some cases, more critical work was slipping as a result of prioritizing all executive tickets.

      Resolution

      		 First, they defined who would receive VIP support, then they clearly defined the service, including what VIP support includes, who gets the service, and what their SLAs for service are. They found that the program was an effective way to focus their limited resources on the customers with the highest value potential to increase sales.
      While this model differs from an IT service desk VIP support program, the principles of dedicating resources to provide elevated support to your most important and influential customers for the benefit and growth of the company as a whole remain the same.       		The service desk decided to remove the VIP function. They demonstrated that the cost per contact was too high for dedicated executive support, and reallocating that dedicated technician to the service desk would improve the resolution time of all business incidents and requests. VIPs could still receive prioritized support through the escalation process, but they would contact the regular service desk with their issues. VIPs approved the change, and as a result of removing the dedicated support function, the service desk reduced average incident resolution times by 28% and request fulfillment times by 33%.

      A well-designed and communicated VIP support service can deliver many benefits

      The key to deciding whether a VIP service is right for your organization is to first analyze your needs, match them against your resources, then clearly define and document exactly what is in scope for the service.

      A successfully designed VIP service will lead to:

      • Executives and VIPs can easily contact the service desk and receive exceptional support and customer service from a knowledgeable technician, increasing their trust in the service desk.
      • All service desk tickets are prioritized appropriately and effectively in order to maximize overall ticket resolution and fulfillment times.
      • All users have a clear understanding of how to get in touch with the service desk and expected SLAs for specific ticket types.
      • Critical, business-impacting issues still receive priority service ahead of minor tickets submitted by a VIP.
      • All service desk technicians are clear on processes and procedures for prioritizing and handling VIP tickets.
      • Executives are satisfied with the service they receive and the value that IT provides
      • Reduced VIP downtime, contributing to overall organization productivity and growth.

      A poorly designed or reactive VIP service will lead to:

      • VIPs expect immediate service for non-critical issues, including after-hours.
      • VIPs circumvent the correct process and contact the CIO or service desk manager directly for all their issues.
      • Service desk resources stretched thin, or poor allocation of resources leads to degraded service for the majority of users.
      • More critical business issues are pushed back in order to fix non-critical executive issues.
      • Service desk is not clear how to prioritize tickets and always addresses VIP tickets first regardless of priority.
      • The service desk automatically acts on VIP tickets even when the VIP doesn’t require it or realize they’re getting a different level of service.
      • Non-VIP users are aware of the different service levels and try to request the same priority for their tickets. Support costs are over budget.

      Follow Info-Tech’s approach to design a successful VIP support model

      Follow the seven steps in this blueprint to design a VIP support model that works for your organization:
      1. Understand the support models available, from white glove service to the same service for everyone.
      2. Gather business requirements from all relevant stakeholders.
      3. Based on your business needs, choose the right approach.
      4. Define and document all details of the VIP service offering.
      5. Communicate and market the offering to VIPs so they’re aware of what’s in scope.
      6. Monitor volume and track metrics to evaluate what’s working.
      7. Continually improve or modify the service as needed over time.

      Blueprint deliverables

      The templates listed below are designed to assist you with various stages of this project. This storyboard will direct you when and how to complete them.

      Service Desk VIP Procedures Template

      Use this template to assist with documenting your service desk procedures for handling VIP or executive tickets.

      VIP Support Process Workflow Example

      Use this Visio template to document your process for resolving or fulfilling VIP tickets, from when the ticket is submitted to when it’s closed.

      VIP Support Service Communication Template

      Use this template to customize your executive presentation to communicate and market the service to VIP users.

      Insight Summary

      Key Insight

      The reality for most organizations is that VIPs need special treatment. But providing VIP service shouldn’t be at the expense of good service delivery for the rest of the organization. To be successful with your approach, formalize the VIP offering to bring consistency and clear expectations for both users and the IT staff delivering the service.

      Additional insights:

      Insight 1

      		 VIP service doesn’t have to mean concierge service. There are different levels and models of VIP support that range in cost and level of service provided. Carefully evaluate your needs and capacity to choose the approach that works best for your organization.

      Insight 2

      		 This service is for your most valued users, so design it right from the start to ensure their satisfaction. Involve stakeholders from the beginning, incorporate their feedback and requirements, keep them well-informed about the service, and continually collect and act on feedback to deliver the intended value.

      Insight 3

      		 Intentional, continual monitoring and measurement of the program must be part of your strategy. If your metrics or feedback show that something isn’t working, fix it. If you find that the perceived value isn’t worth the high cost of the program, make changes. Even if everything seems to be working fine, identify ways to improve it or make it more efficient.

      Step 1: Understand the different support models

      Step overview:

      • Understand the support models available, from white glove service to the same service for everyone

      First, define what “VIP support” means in your organization

      VIP support from the service desk usually refers to an elevated level of service (i.e. faster, after-hours, off-site, and/or with more experienced resources) that is provided to those at the executive level of the organization.

      A VIP typically includes executives across the business (e.g. CIO, CEO, CxO, VPs) and sometimes the executive assistants who work directly with them. However, it can also include non-executive-level but critical business roles in some organizations.

      The level of VIP service provided can differ from receiving prioritization in the queue to having a dedicated, full-time technician providing “white glove” service.

      Info-Tech Insight

      You don’t have to use the term “VIP”, as long as you clearly define the terms you are using. Some organizations use the term “VIR” to refer to very important roles rather than people, and some define “critical users” to reflect who should receive prioritized service, for example.

      There are essentially two options for VIP support, but multiple determining factors

      While the details are more specific, your options for VIP support really come down to two: they either receive some kind of enhanced service (either from a dedicated support team or through prioritization from the regular support team) or they don’t. Which option you choose will depend on a wide range of factors, some of which are represented in the diagram below. Factors such as IT budget, size of organization help determine which VIP support model you choose: Enhanced, or the same as everyone else. With enhanced service, you can opt to a dedicated support team or same support team but with prioritized service.

      Option 1: Same service for everyone

      What does it look like?

      VIP tickets are prioritized in the same way as every other ticket – with an assessment by impact and urgency. This allows every ticket to be prioritized appropriately according to how big the impact of the issue is and how quickly it needs to be resolved – regardless of who the submitter is. This means that VIPs with very urgent issues will still receive immediate support, as would a non-VIP user with a critical issue.

      Who is it best suited for?

      • Small organizations and IT teams.
      • Executives don’t want special treatment.
      • Not enough service desk resources or budget to provide prioritized or dedicated VIP service.
      • Service desk is already efficient and meeting SLAs for all requests and incidents.

      Pros

      • Highest level of consistency in service because the same process is followed for all user groups.
      • Ensures that service doesn’t suffer for non-VIP users for teams with a limited number of service desk staff.
      • No additional cost.
      • Potential to argue for more resources if executive service expectations aren’t met.

      Cons

      • Does not work if executives expect or require elevated service regardless of issue type.
      • Potential for increase in management escalations or complaints from dissatisfied executives. Some may end up jumping the queue as a result, which results in unstandardized VIP treatment only for some users.

      Info-Tech Insight

      Don’t design a VIP service solely out of fear that VIPs will be unhappy with the standard level of support the service desk provides. In some cases, it is better to focus your efforts on improving your standard support for everyone rather than only for a small percentage of users, especially if providing that elevated VIP support would further deteriorate service levels for the rest of the organization.

      Option 2: Prioritized service for VIPs

      What does it look like?

      • VIPs still go through the service desk but receive higher priority than non-VIP tickets.
      • Requests from VIP submitters are still evaluated using the standard prioritization matrix but are bumped up in urgency or priority. More critical issues can still take precedence.
      • Existing service desk resources are still used to resolve the request, but requests are just placed closer to the “front of the line.”
      • VIP users are identified in the ticketing system and may have a separate number to call or are routed differently/skip the queue within the ACD/IVR.

      Who is it best suited for?

      • Organizations that want or need to give VIPs expedited or enhanced service, but that don’t have the resources to dedicate to a completely separate VIP service desk team.

      Pros

      • Meets the need of executives for faster service.
      • Balances the need for prioritized service to VIPs while not sacrificing resources to handle most user requests.
      • All tickets still go through a single point of contact to be triaged and monitored by the service desk.
      • Easy to measure and compare performance of VIP service vs. standard service because processes are the same.

      Cons

      • Slight cost associated with implementing changes to phone system if necessary.
      • Makes other users aware that VIPs receive “special treatment” – some may try to jump the queue themselves.
      • May not meet the expectations of some executives who prefer dedicated, face-to-face resources to resolve their issues.

      Info-Tech Insight

      If you’re already informally bumping VIP tickets up the queue, this may be the most appropriate model for you. Bring formalization to your process by clearly defining exactly where VIP tickets fit in your prioritization matrix to ensure they are handled consistently and that VIPs are aware of the process.

      Option 3: Dedicated VIP service

      What does it look like?

      • VIPs contact a dedicated service desk and receive immediate/expedited support, often face to face.
      • Often a separate phone number or point of contact.
      • Similar to concierge service or “white glove” service models.
      • At least one dedicated FTE with good customer service skills and technical knowledge who builds trust with executives.

      Who is it best suited for?

      • Larger enterprises with many VIP users to support, but where VIPs are geographically clustered (as geography sprawls, the cost of the service will spiral).
      • IT organizations with enough resources on the service desk to support a dedicated VIP function.
      • Organizations where executives require immediate, in-person support.

      Pros

      • Most of the time, this model results in the fastest service delivery to executives.
      • Most personal method of delivering support with help often provided in person and from familiar, trusted technicians.
      • Usually leads to the highest level of satisfaction with the service desk from executives.

      Cons

      • Most expensive model; usually requires at least one dedicated, experienced FTE to support and sometimes after-hours support.
      • Essentially two separate service desks; can result in a disconnect between staff.
      • Career path and cross-training opportunities for the dedicated staff may be limited; role can be exhausting.
      • Reporting on the service can be more complicated and tickets are often logged after the fact.
      • If not done well, quality of service can suffer for the rest of the organization.

      Info-Tech Insight

      This type of model is essential in many large enterprises where the success of the company can depend on VIPs having access to dedicated support to minimize downtime as much as possible. However, it also requires the highest level of planning and dedication to get right. Without carefully documented processes and procedures and highly trained staff to support the model, it will fail to deliver the expected benefits.

      Step 2: Capture business needs

      Step overview:

      • Analyze your data and gather requirements to determine whether there is a need for a VIP service.

      Assess current state and metrics

      You can’t define your target state without a clear understanding of your current state. Analyze your ticket data and reports to identify the type and volume of VIP requests the service desk receives and how well you’re able to meet these requests with your current resources and structure.

      Analyze ticket data

      • What volume of tickets are you supporting? How many of those tickets come from VIP users?
      • What is your current resolution time for incidents and requests? How well are you currently meeting SLAs?
      • How quickly are executive/VIP tickets being resolved? How long do they have to wait for a response?
      • How many after-hours requests do you receive?

      Assess resourcing

      • How many users do you support; what percentage of them would be identified as VIP users?
      • How many service desk technicians do you have at each tier?
      • How well are you currently meeting demand? Would you be able to meet demand if you dedicated one or more Tier 2 technicians to VIP support?
      • If you would need to hire additional resources, is there budget to do so?

      Use the data to inform your assessment

      • Do you have a current problem with service delivery to VIPs and/or all users that needs to be addressed by changing the VIP support model?
      • Do you have the demand to support the need for a VIP service?
      • Do you have the resources to support providing VIP service?

      Leverage Info-Tech’s tools to inform your assessment

      Analyze your ticket data and reports to understand how well you’re currently meeting SLAs, your average response and resolution times, and the volume and type of requests you get from VIPs in order to understand the need for changing your current model. If you don’t have the ticket data to inform your assessment, leverage Info-Tech’s Service Desk Ticket Analysis Tool.

      Service Desk Ticket Analysis Tool

      Use this tool to identify trends and patterns in your ticket data. The ticket summary dashboard contains multiple reports analyzing how tickets come in, who requests them, who resolves them, and how long it takes to resolve them.

      If you need help understanding how well your current staff is able to handle your current ticket volume, leverage Info-Tech’s Service Desk Staffing Calculator to analyze demand and ticket volume trends. While not specifically designed to analyze VIP tickets, you could run the assessment separately for VIP volume if you have that data available.

      Service Desk Staffing Calculator

      Use this tool to help you estimate the optimal resource allocation to support your demand over time.

      Engage stakeholders to understand their requirements

      Follow your organization’s requirements gathering process to identify and prioritize stakeholders, conduct stakeholder interviews, and identify, track, and prioritize their requirements and expectations for service delivery.

      Gather requirements from VIP stakeholders

      1. Identify which stakeholders need to be consulted.
      2. Prioritize stakeholders in terms of influence and interest in order to identify who to engage in the requirements gathering process.
      3. Build a plan for gathering the requirements of key stakeholders in terms of VIP service delivery.
      4. Conduct requirements gathering and record the results of each stakeholder interaction.
      5. Analyze and summarize the results to determine the top expectations and requirements for VIP service desk support.

      If your organization does not have a defined requirements gathering process or template, leverage Info-Tech tools and templates:

      The Improve Requirements Gathering blueprint can be adapted from software requirements gathering to service desk.

      The PMO Requirements Gathering Tool can be adapted from interviewing stakeholders on their PMO requirements to service desk requirements.

      Info-Tech Insight

      Don’t guess at what your VIPs need or want – ask them and involve them in the service design. Many IT leaders sacrifice overall service quality to prioritize VIPs, thinking they expect immediate service. However, they later find out that the VIPs just assumed the service they were receiving was the standard service and many of their issues can wait.

      Identify additional challenges and opportunities by collecting perceptions of business users and stakeholders

      Formally measuring perceptions from your end users and key business stakeholders will help to inform your needs and determine how well the service desk is currently meeting demands from both VIP users and the entire user base.

      CIO Business Vision

      Info-Tech's CIO Business Vision program is a low-effort, high-impact program that will give you detailed report cards on the organization’s satisfaction with IT’s core services. Use these insights to understand your key business stakeholders, find out what is important to them, and improve your interactions.

      End User Satisfaction

      Info-Tech’s End User Satisfaction Program helps you measure end-user satisfaction and importance ratings of core IT services, IT communications, and business enablement to help you decide which IT service capabilities need to be addressed to meet the demands of the business.

      Learn more about Info-Tech’s CIO Business Vision or End User Satisfaction Program .

      Step 3: Choose the right approach

      Step overview:

      • Based on your assessment from Step 2, decide on the best way to move forward with your VIP service model.

      Use your assessment results to choose the most appropriate support model

      The table below is a rough guide for how the results of your assessments may line up to the most appropriate model for your organization:

      Example assessment results for: Dedicated service, prioritized service, and same servce based off of the assessment source: Ticket analysis, staffing analysis, or stakeholder.

      Info-Tech Insight

      If you’re in the position of deciding how to improve service to VIPs, it’s unlikely that you will end up choosing the “same service” model. If your data analysis tells you that you are currently meeting every metric target for all users, this may actually indicate that you’re overstaffed at the service desk.

      If you choose a specialized VIP support model, ensure there is a strong, defined need before moving forward

      Do not proceed if:

      • Your decision is purely reactive in response to a perceived need or challenges you’re currently experiencing
      • The demand is coming from a single dissatisfied executive without requirements from other VIPs being collected.
      • Your assessment data does not support the demand for a dedicated VIP function.
      • You don’t have the resources or support required to be successful in the approach.

      Proceed with a VIP model if:

      • You’re prepared to scale and support the model over the long term.
      • Business stakeholders have clearly expressed a need for improved VIP service.
      • Data shows that there is a high volume of urgent requests from VIPs.
      • You have the budget and resources required to support an enhanced VIP service delivery model.

      Step 4: Design the service offering

      Step overview:

      • Define and document all processes, procedures, and responsibilities relevant to the VIP support offering.

      Clearly define the service and eligible users

      Once you’ve decided on the most appropriate model, clearly describe the service and document who is eligible to receive it.

      1. Define exactly what the service is before going into the procedural details. High-level examples to start from are provided below:

      Prioritized Service Model

      When a designated VIP user contacts the service desk with a question, incident, or service request, their ticket will be prioritized over non-VIP tickets following the prioritization matrix. This process has been designed in accordance with business needs and requirements, as defined VIP users have more urgent demands on their time and the impact of downtime is greater as it has the potential to impact the business. However, all tickets, VIP tickets included, must still be prioritized by impact and urgency. Incidents that are more critical will still be resolved before VIP tickets in accordance with the prioritization process.

      Dedicated Service Model

      VIP support is a team of dedicated field technicians available to provide an elevated level of service including deskside support for executives and designated VIP users. VIP users have the ability to contact the VIP support service through a dedicated phone number and will receive expedited ticket handling and resolution by dedicated Tier 2 specialists with experience dealing with executives and their unique needs and requirements. This process has been designed in accordance with business needs and requirements.

      2 Identify VIP-eligible users

      • Define who qualifies as a VIP to receive VIP support or be eligible to contact the dedicated VIP service desk/concierge desk.
      • If other users or EAs can submit tickets on behalf of VIPs, identify those individuals as well.
      • Review the list and cut back if necessary. Less is usually more here, especially when starting out. If everyone is a VIP, then no one is truly a VIP.
      • Identify who maintains ownership over the list of eligible VIP users and how any changes to the list or requests for changes will be handled.
      • Ensure that all VIP-eligible users are clearly identified in the ITSM system.

      Map out the VIP process in a workflow

      Use a visual workflow to document the process for resolving or fulfilling VIP tickets, from when the ticket is submitted to when it gets closed.

      Your workflow should address the following:

      • How should the ticket be prioritized?
      • When are escalations necessary?
      • What happens if a user requests VIP service but is not defined as eligible?
      • Should the user verify that the issue is resolved before the ticket is closed?
      • What automatic notifications or communications need to go out and when?
      • What manual communications or notifications need to be sent out (e.g. when a ticket is escalated or reassigned)?
      VIP Support Process Example.

      Use the VIP Support Process Workflow Example as a template to map out your own process.

      Define and document all VIP processes and procedures

      Clearly describe the service and all related processes and procedures so that both the service delivery team and users are on the same page.

      Define all aspects of the service so that every VIP request will follow the same standardized process and VIPs will have clear expectations for the service they receive. This may include:

      • How VIPs should contact the service desk
      • How VIP tickets will be prioritized
      • SLAs and service expectations for VIP tickets
      • Ticket resolution or fulfillment steps and process
      • Escalation points and contacts
      • After-hours requests process

      If VIP user requests receive enhanced priority, for example, define exactly how those requests should be prioritized using your prioritization matrix. An example is found below and in the Service Desk VIP Procedures Template.

      Prioritization matrix for classification of incidents and requests.

      Use Info-Tech’s Service Desk VIP Procedures Template as a guide

      This template is designed to assist with documenting your service desk procedures for handling VIP or executive tickets. The template is not meant to cover all possible VIP support models but is an example of one support model only. It should be adapted and customized to reflect your specific support model and procedures.

      It includes the following sections:

      1. VIP support description/overview
      2. VIP support entitlement (who is eligible)
      3. Procedures
        • Ticket submission and triage
        • Ticket prioritization
        • SLAs and escalation
        • VIP ticket resolution process
        • After-hours requests
      4. Monitoring and reporting

      Download the Service Desk VIP Procedures Template

      Allocate resources or assign responsibilities specific to VIP support

      Regardless of the support model you choose, you’ll need to be clear on service desk agents’ responsibilities when dealing with VIP users.
      • Clarify the expectations of any service desk agent who will be handling VIP tickets; they should demonstrate excellent customer service skills and expertise, respect for the VIP and the sensitivity of their data, and prompt service.
      • Use a RACI chart to clarify responsibility and accountability for VIP-specific support tasks.
      • If you will be moving to a dedicated VIP support team, clearly define the responsibilities of any new roles or tasks. Sample responsibilities can be found on the right.
      • If you will be changing the role of an existing service desk agent to become focused solely on providing VIP support, clarify how the responsibilities of other service desk agents may change too, if at all.
      • Be clear on expectations of agents for after-hours support, especially if there will be a change to the current service provision.

      Sample responsibilities for a dedicated VIP support technician/specialist may include:

      • Resolve support tickets for all eligible VIP users following established processes and procedures.
      • Provide both onsite and remote support to executives.
      • Quickly and effectively diagnose and resolve technical issues with minimal disruption to the executive team.
      • Establish trust with executives/VIPs by maintaining confidentiality and privacy while providing technical support.
      • Set up, monitor, and support high-priority meetings, conferences, and events.
      • Demonstrate excellent communication and customer service skills when providing support to executives.
      • Coordinate more complex support issues with higher level support staff and track tickets through to resolution when needed.
      • Learn new technology and software ahead of implementation to train and support executive teams for use.
      • Conduct individual or group training as needed to educate on applications or how to best use technology to enhance productivity.
      • Proactively manage, maintain, update, and upgrade end-user devices as needed.

      Configure your ITSM tool to support your processes

      Configure your tool to support your processes, not the other way around.
      • Identify and configure VIP users in the system to ensure that they are easily identifiable in the system (e.g. there may be a symbol beside their name).
      • Configure automations or build ticket templates that would automatically set the urgency or priority of VIP tickets.
      • Configure any business rules or workflows that apply to the VIP support process.
      • Define any automated notifications that need to be sent when a VIP ticket is submitted, assigned, escalated, or resolved (e.g. notify service desk manager or a specific DL).
      • Define metrics and customize dashboards and reports to monitor VIP tickets and measure the success of the VIP service.
      • Configure any SLAs that apply only to VIPs to ensure displayed SLAs are accurate.

      Step 5: Launch the service

      Step overview:

      • Communicate and market the service to all relevant stakeholders so everyone is on the same page as to how it works and what’s in scope.

      Communicate the new or revised service to relevant stakeholders ahead of the launch

      If you did your due diligence, the VIP service launch won’t be a surprise to executives. However, it’s critical to

      continue the engagement and communicate the details of the service well to ensure there are no misperceptions about the

      service when it launches.

      Goals of communicating and marketing the service:

      1. Create awareness and understanding of the purpose of the VIP service and what it means for eligible users.
      2. Solidify commitment and buy-in for the service from all stakeholders.
      3. Ensure that all users know how to access the service and any changes to the way they should interact with the service desk.
      4. Set expectations for new/revised service levels.
      5. Reduce and address any concerns about the change in process.

      Info-Tech Insight

      This step isn’t only for the launch of new services. Even if you’re enhancing or right-sizing an existing VIP service, take the opportunity to market the improvements, remind users of the correct processes, and collect feedback.

      Leverage Info-Tech’s communication template to structure your presentation

      This template can be customized to use as an executive presentation to communicate and market the service to VIP users. It includes:

      • Key takeaways
      • Current-state assessment
      • Requirements gathering and feedback results
      • Objectives for the service
      • Anticipated benefits
      • Service entitlement
      • How the service works
      • Escalations and feedback contacts
      • Timeline of next steps

      Info-Tech Insight

      If you’re launching a dedicated concierge service for VIPs, highlight the exclusivity of the service in your marketing to draw users in. For example, if eligible VIPs get a separate number to call, expedited SLAs, or access to more tenured service desk experts, promote this added value of the service.

      Download the VIP Support Service Communication Template

      Step 6: Monitor and measure

      Step overview:

      • Measure and monitor the success of the program by tracking and reporting on targeted metrics.

      Evaluate and demonstrate the success of the program with key metrics

      Targeted metrics to evaluate the success of the VIP program will be critical to understanding and demonstrating whether the service is delivering the intended value. Track key metrics to:

      • Track if and how well you’re meeting your defined SLAs for VIP support.
      • Measure demand for VIP support (i.e. ticket volume and types of tickets) and evaluate against resource supply to determine whether a staffing adjustment is needed to meet demand.
      • Measure the cost of providing the VIP service in order to report back to executives.
      • Leverage real data to quantitatively demonstrate that you’re providing enhanced service to VIPs if there is an escalation or negative feedback from one individual.
      • Monitor service delivery to non-VIP users to ensure that service to the rest of the organization isn’t impacted by the VIP service
      • Evaluate the types of ticket that are submitted to the VIP service to inform training plans, self-service options, device upgrades, or alternatives to reduce future volume.

      Info-Tech Insight

      If your data definitively shows the VIP offering delivers enhanced service levels, publish these results to business leadership. A successful VIP service is a great accomplishment to market and build credibility for the service desk.

      Tie metrics to critical success factors

      Apart from your regular service desk metrics, identify the top metrics to tie to the key performance indicators of the program’s success factors.

      Sample Critical Success Factors

      • Increased executive satisfaction with the service desk
      • Improved response and resolution times to VIP tickets
      • Demand for the service is matched by supply

      Sample Metrics

      • End-user satisfaction scores on VIP tickets
      • Executive satisfaction with the service desk as measured on a broader annual survey
      • Response and resolution times for VIP tickets
      • Percentage of SLAs met for VIP tickets
      • VIP ticket volume
      • Average speed of answer for VIP calls

      Download Define Service Desk Metrics that Matter and the Service Desk Metrics Workbook for help defining CSFs, KPIs, and key metrics

      Step 7: Continually improve

      Step overview:

      • Continually evaluate the program to identify opportunities for improvement or modifications to the service support model.

      Continually evaluate the service to identify improvements

      Executives are happy, resolution times are on target – now what? Even if everything seems to be working well, never stop monitoring, measuring, and evaluating the service. Not only can metrics change, but there can also always be ways to improve service.

      • Continual improvement should be a mindset – there are always opportunities for improvement, and someone should be responsible for identifying and tracking these opportunities so that they actually get done.
      • Just as you asked for feedback and involvement from VIPs (and their assistants who may submit tickets on their behalf) in designing the service, you should continually collect that feedback and use it to inform improvements to the service.
      • End-user satisfaction surveys, especially broader, more targeted surveys, are also a great source of improvement ideas.
      • Even if end users don’t perceive any need for improvement, IT should still assess how they can make their own processes more efficient or offer alternatives to make delivery easier.

      Download Info-Tech’s Build a Continual Improvement Program blueprint to help you build a process around continual improvement, and use the Continual Improvement Register tool to help you identify and prioritize improvement initiatives.

      Info-Tech Insight

      Don’t limit your continual improvement efforts to the VIP service. Once you’ve successfully elevated the VIP service, look to how you can apply elements of that service to elevate support to the rest of the organization. For example, through providing a roaming service desk, a concierge desk, a Genius-Bar-style walk-in service, etc.

      Expand, reduce, or modify as needed

      Don’t stop with a one-time program evaluation. Continually use your metrics to evaluate whether the service offering needs to change to better suit the needs of your executives and organization. It may be fine as is, or you may find you need to do one of the following:

      Expand

      • If the service offering has been successful and/or your data shows underuse of VIP-dedicated resources, you may be able to expand the offering to identify additional roles as VIP-eligible.
      • Be cautious not to expand the service too widely; not only should it feel exclusive to VIPs, but you need to be able to support it.
      • Also consider whether elements that have been successful in the VIP program (e.g. a concierge desk, after-hours support) should be expanded to be offered to non-VIPs.

      Reduce

      • If VIPs are not using the service as much as anticipated or data shows supply outweighs demand, you may consider scaling back the service to save costs and resources.
      • However, be careful in how you approach this – it shouldn’t negatively impact service to existing users.
      • Rather, evaluate costly services like after-hours support and whether it’s necessary based on demand, adjust SLAs if needed, or reallocate service desk resources or responsibilities. For example, if demand doesn’t justify a dedicated service desk technician, either add non-VIP tasks to their responsibilities or consider moving to a prioritized model.

      Modify

      • The support model doesn’t need to be set in stone. If elements aren’t working, change them! If the entire support model isn’t working, reevaluate if it’s the best model for your organization.
      • Don’t make decisions in a vacuum, though. Just as executives were involved in decision-making at the outset, continually gather their feedback and use it to inform the service design.

      Related Info-Tech Research

      Standardize the Service Desk

      This project will help you build and improve essential service desk processes, including incident management, request fulfillment, and knowledge management to create a sustainable service desk.

      Optimize the Service Desk With a Shift-Left Strategy

      This project will help you build a strategy to shift service support left to optimize your service desk operations and increase end-user satisfaction.

      Build a Continual Improvement Plan

      This project will help you build a continual improvement plan for the service desk to review key processes and services and manage the progress of improvement initiatives.

      Deliver a Customer Service Training Program to Your IT Department

      This project will help you deliver a targeted customer service training program to your IT team to enhance their customer service skills when dealing with end users, improve overall service delivery, and increase customer satisfaction.

      Works Cited

      Munger, Nate. “Why You Should Provide VIP Customer Support.” Intercom, 13 Jan. 2016. Accessed Jan. 2023.

      Ogilvie, Ryan. “We Did Away With VIP Support and Got More Efficient.” HDI, 17 Sep. 2020. Accessed Jan. 2023.

      Optimize Your Software Selection Process: Why 5 and 30 Are the Magic Numbers

      • Buy Link or Shortcode: {j2store}607|cart{/j2store}
      • member rating overall impact: N/A
      • member rating average dollars saved: N/A
      • member rating average days saved: N/A
      • Parent Category Name: Selection & Implementation
      • Parent Category Link: /selection-and-implementation
      • Software selection takes forever. The process of choosing even the smallest apps can drag on for years: sometimes in perpetuity. Software selection teams are sprawling, leading to scheduling slowdowns and scope creep. Moreover, cumbersome or ad hoc selection processes lead to business-driven software selection.

      Our Advice

      Critical Insight

      • Maximize project effectiveness with a five-person team. Project satisfaction and effectiveness is stagnant or decreases once the team grows beyond five people.
      • Tight project timelines are critical. Keep stakeholders engaged with a defined application selection timeline that moves the project forward briskly – 30 days is optimal.
      • Empower both IT and end users with a standardized selection process to consistently achieve high satisfaction coming out of software selection projects.

      Impact and Result

      • Shatter stakeholder expectations with truly rapid application selections.
      • Put the “short” back in shortlist by consolidating the vendor shortlist up-front and reducing downstream effort.
      • Identify high-impact software functionality by evaluating fewer use cases.
      • Lock in hard savings and do not pay list price by using data-driven tactics.

      Optimize Your Software Selection Process: Why 5 and 30 Are the Magic Numbers Research & Tools

      Discover the Magic Numbers

      Increase project satisfaction with a five-person core software selection team that will close out projects within 30 days.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      • Optimize Your Software Selection Process: Why 5 and 30 Are the Magic Numbers Storyboard

      1. Align and eliminate elapsed time

      Ensure a formal selection process is in place and make a concerted effort to align stakeholder calendars.

      2. Reduce low-impact activities

      Reduce time spent watching vendor dog and pony shows, while reducing the size of your RFPs or skipping them entirely.

      3. Focus on high-impact activities

      Narrow the field to four contenders prior to in-depth comparison and engage in accelerated enterprise architecture oversight.

      4. Use these rapid and essential selection tools

      Focus on key use cases rather than lists of features.

      • The Software Selection Workbook
      • The Vendor Evaluation Workbook
      • The Guide to Software Selection: A Business Stakeholder Manual

      5. Engage Two Viable Vendors in Negotiation

      Save more by bringing two vendors to the final stage of the project and surfacing a consolidated list of demands prior to entering negotiation.

      [infographic]

      Further reading

      Optimize Your Software Selection Process: Why 5 and 30 Are the Magic Numbers

      Select your applications better, faster, and cheaper.

      How to Read This Software Selection Insight Primer

      1. 43,000 Data Points

        2. This report is based on data gathered from a survey of 43,000 real-world IT practitioners.

      2. Aggregating Feedback

        3. The data is compiled from SoftwareReviews (a sister company of Info-Tech Research Group), which collects and aggregates feedback on a wide variety of enterprise technologies.

      3. Insights Backed by Data

        4. The insights, charts, and graphs in this presentation are all derived from data submitted by real end users.

      The First Magic Number Is Five

      The optimal software selection team comprises five people

      • Derived from 43,000 data points. Analysis of thousands of software selection projects makes it clear a tight core selection team accelerates the selection process.
      • Five people make up the core team. A small but cross-functional team keeps the project moving without getting bogged down on calendar alignment and endless back-and-forth.
      • It is a balancing act. Having too few stakeholders on the core selection team will lead to missing valuable information, while having too many will lead to delays and politically driven inefficiencies.

      There Are Major Benefits to Narrowing the Selection Team Size to Five

      Limit the risk of ineffective “decision making by committee”

      Expedite resolution of key issues and accelerate crucial decisions

      Achieve alignment on critical requirements

      Streamline calendar management

      Info-Tech Insight

      Too many cooks spoil the broth: create a highly focused selection team that can devote the majority of its time to the project while it’s in flight to demonstrate faster time to value.

      Arm Yourself With Data to Choose the Right Plays for Selection

      Software selection takes forever. The process of choosing even the smallest apps can drag on for years: sometimes in perpetuity.

      Organizations keep too many players on the field, leading to scheduling slowdowns and scope creep.

      Keeping the size of the core selection team down, while liaising with more stakeholders and subject matter experts (SMEs), leads to improved results.

      Maximize project effectiveness with a five-person team. Project satisfaction and effectiveness are stagnant or decrease once the team grows beyond five people.

      Cumbersome or ad hoc selection processes lead to business-driven software selection.

      Increase stakeholder satisfaction by using a consistent selection framework that captures their needs while not being a burden.

      Empower both IT and end users with a standardized selection process to consistently achieve high satisfaction coming out of software selection projects.

      The image contains a graph that is titled: A compact selection team can save you weeks. The graph demonstrates time saved with a five person team in comparison to larger teams.

      Project Satisfaction and Effectiveness Are Stagnant Once the Team Grows Beyond Five People

      The image contains a graph to demonstrate project satisfaction and effectiveness being stagnant with a team larger than five.
      • There is only a marginal difference in selection effectiveness when more people are involved, so why include so many? It only bogs down the process!
      • Full-time resourcing: At least one member of the five team members must be allocated to the selection initiative as a full-time resource.

      Info-Tech Insight

      It sounds natural to include as many players as possible in the core selection group; however, expanding the group beyond five people does not lead to an increase in satisfaction. Consider including a general stakeholder feedback working session instead.

      Shorten Project Duration by Capping the Selection Team at Five People

      However, it is important to make all stakeholders feel heard

      The image contains a graph to demonstrate that an increase in time and effort connects with an increase in total number of people involved.

      Exclusion is not the name of the game.

      • Remember, we are talking about the core selection team.
      • Help stakeholders understand their role in the project.
      • Educate stakeholders about your approach to selection.
      • Ensure stakeholders understand why the official selection team is being capped at five people.
      • Soliciting requirements and feedback from a broader array of stakeholders is still critical.

      Large Organizations Benefit From Compact Selection Teams Just as Much as Small Firms

      Think big even if your organization is small

      Small organizations

      Teams smaller than five people are common due to limited resources.

      Medium organizations

      Selection project satisfaction peaks with teams of fewer than two people. Consider growing the team to about five people to make stakeholders feel more included with minimal drops in satisfaction.

      Large organizations

      Satisfaction peaks when teams are kept to three to five people. With many SMEs available, it is critical to choose the right players for your team.

      The image contains a multi bar graph to demonstrate the benefits of compact selection teams depending on the size of the company, small, medium, or large.

      Keep the Core Selection Team to Five People Regardless of the Software Category

      Smaller selection teams yield increased satisfaction across software categories

      Info-Tech Insight

      Core team size remains the same regardless of the application being selected. However, team composition will vary depending on the end users being targeted.

      Think beyond application complexity

      • Our instinct is to vary the size of the core selection team based on perceived application complexity.
      • The data has demonstrated that a small team yields increased satisfaction for applications across a wide array of application complexity profiles.
      • The real differentiator for complex applications will be the number of stakeholders that the core selection team liaise with, particularly for defining strong requirements.

      The image contains a graph to demonstrate satisfaction across software categories increases with smaller selection teams.

      The Second Magic Number Is 30

      Finish the project while stakeholders are still fully engaged in order to maximize satisfaction

      • 30- to 60-day project timelines are critical. Keep stakeholders engaged with a defined application selection timeline that moves the project forward briskly.
      • Strike while the iron is hot. Deliver applications in a timely manner after the initial request. Don’t let IT become the bottleneck for process optimization.
      • Minimize scope creep: As projects drag on in perpetuity, the scope of the project balloons to something that cannot possibly achieve key business objectives in a timely fashion.

      Aggressively Timeboxing the Project Yields Benefits Across Multiple Software Categories

      After four weeks, stakeholder satisfaction is variable

      The image contains a graph to demonstrate that aggressively timeboxing the project yields benefits across multiple software categories.
      Only categories with at least 1,000 responses were included in the analysis.

      Achieve peak satisfaction by allotting 30 days for an application selection project.

      • Spending two weeks or less typically leads to higher levels of satisfaction for each category because it leaves more time for negotiation, implementation, and making sure everything works properly (especially if there is a time constraint).
      • Watch out for the “satisfaction danger zone” once project enters the 6- to 12-week mark. Completing a selection in four weeks yields greater satisfaction.

      Spend Your Time Wisely to Complete the Selection in 30 Days

      Save time in the first three phases of the selection project

      Awareness

      Education & Discovery

      Evaluation

      Reduce Time

      Reduce Time

      Reduce Time

      Save time duplicating existing market research. Save time and maintain alignment with focus groups.

      Save time across tedious demos and understanding the marketplace.

      Save time gathering detailed historical requirements. Instead, focus on key issues.

      Info-Tech Insight – Awareness

      Timebox the process of impact analysis. More time should be spent performing the action than building a business case.

      Info-Tech Insight – Education

      Save time duplicating existing market research. Save time and maintain alignment with focus groups.

      Info-Tech Insight – Evaluation

      Decision committee time is valuable. Get up to speed using third-party data and written collateral. Use committee time to conduct investigative interviews instead. Salesperson charisma and marketing collateral quality should not be primary selection criteria. Sadly, this is the case far too often.

      Limit Project Duration to 30 Days Regardless of the Application Being Selected

      Timeboxing application selection yields increased satisfaction across software categories

      The image contains a graph to demonstrate selection effort in weeks by satisfaction. The graph includes informal and formal methods on the graph across the software categories.

      Info-Tech Insight

      Office collaboration tools are a great case study for increasing satisfaction with decreased time to selection. Given the sharp impetus of COVID-19, many organizations quickly selected tools like Zoom and Teams, enabling remote work with very high end-user satisfaction.

      There are alternative approaches for enterprise-sized applications:

      • New applications that demand rigorous business process improvement efforts may require allotting time for prework before engaging in the 30-day selection project.
      • To ensure that IT is using the right framework, understand the cost and complexity profile of the application you’re looking to select.

      The Data Also Shows That There Are Five Additional Keys to Improving Your Selection Process

      1. ALIGN & ELIMINATE ELAPSED TIME
      • Ensure a formal selection process is in place.
      • Balance the core selection team’s composition.
      • Make a concerted effort to align stakeholder calendars.
      2. REDUCE TIME SPENT ON LOW-IMPACT ACTIVITIES
      • Reduce time spent on internet research. Leverage hard data and experts.
      • Reduce RFP size or skip RFPs entirely.
      • Reduce time spent watching vendor dog and pony shows.
      3. FOCUS ON HIGH- IMPACT ACTIVITIES
      • Narrow the field to four contenders prior to in-depth comparison.
      • Identify portfolio overlap with accelerated enterprise architecture oversight.
      • Focus on investigative interviews and proof of concept projects.
      4. USE RAPID & ESSENTIAL ASSESSMENT TOOLS
      • Focus on key use cases, not lists of features.
      • You only need three essential tools: Info-Tech’s Vendor Evaluation Workbook, Software Selection Workbook, and Business Stakeholder Manual.
      5. ENGAGE TWO VIABLE VENDORS IN NEGOTIATION
      • Save more during negotiation by selecting two viable alternatives.
      • Surface a consolidated list of demands prior to entering negotiation.
      • Communicate your success with the organization.

      1. Align & Eliminate Elapsed Time

      ✓ Ensure a formal selection process is in place.

      ✓ Reduce time by timeboxing the project to 30 days.

      ✓ Align the calendars of the five-person core selection team.

      Improving Your IT Department’s Software Selection Capability Yields Big Results

      Time spent building a better process for software selection is a great investment

      • Enterprise application selection is an activity that every IT department must embark on, often many times per year.
      • The frequency and repeatability of software selection means it is an indispensable process to target for optimization.
      • A formal process is not always synonymous with a well-oiled process.
      • Even if you have a formal selection process already in place, it’s imperative to take a concerted approach to continuous improvement.

      It is critical to improve the selection process before formalizing

      Leverage Info-Tech’s Rapid Application Selection Framework to gain insights on how you can fine-tune and accelerate existing codified approaches to application selection.

      Before Condensing the Selection Team, First Formalize the Software Selection Process

      Software selection processes are challenging

      Vendor selection is politically charged, requiring Procurement to navigate around stakeholder biases and existing relationships.

      Stakeholders

      The process is time consuming and often started too late. In the absence of clarity around requirements, it is easy to default to looking at price instead of best functional and architectural fit.

      Timing

      Defining formal process and methodology

      Formal selection methodologies are repeatable processes that anybody can consistently follow to quickly select new technology.

      Repeatable

      The goal of formalizing the approach is to enable IT to deliver business value consistently while also empowering stakeholders to find tools that meet their needs. Remember! A formal selection process is synonymous with a bureaucratic, overblown approach.

      Driving Value

      Most Organizations Are Already Using a Formal Software Selection Methodology

      Don’t get left behind!

      • A common misconception for software selection is that only large organizations have formal processes.
      • The reality is that organizations of all sizes are making use of formal processes for software selection.
      • Moreover, using a standardized method to evaluate new technology is most likely common practice among your competitors regardless of their size.
      • It is important to remember that the level of rigor for the processes will vary based not only on project size but also on organization size.
      Only categories with at least 1,000 responses were included in the analysis.

      The image contains a double bar graph that compares the sizes of companies using formal or informal evaluation and selection methodology.

      Use a Formal Evaluation and Selection Methodology to Achieve Higher Satisfaction

      A formal selection process does not equal a bloated selection process

      • No matter what process is being used, you should consider implementing a formal methodology to reduce the amount of time required to select the software. This trend continues across different levels of software (commodity, complex, and enterprise).
      • It is worth noting that using a process can actually add more time to the selection process, so it is important to know how to use it properly.
      • Don’t use just one process: you should use a combination, but don’t use more than three when selecting your software.
      The image contains a double bar graph to demonstrate the difference between formal and informal evaluation to achieve a higher satisfaction.

      Hit a Home Run With Your Business Stakeholders

      Use a data-driven approach to select the right application vendor for their needs – fast

      The image contains a screenshot of the data-drive approach. The approach includes: awareness, education & discovery, evaluation, selection, negotiation & configuration.

      Investing time improving your software selection methodology has big returns.

      Info-Tech Insight

      Not all software selection projects are created equal – some are very small; some span the entire enterprise. To ensure that IT is using the right framework, understand the cost and complexity profile of the application you’re looking to select. The Rapid Application Selection Framework approach is best for commodity and mid-tier enterprise applications; selecting complex applications is better handled by the methodology described in Implement a Proactive and Consistent Vendor Selection Process.

      Lock Down the Key Players Before Setting Up the Relevant Timeline

      You are the quarterback of your selection team

      Don’t get bogged down “waiting for the stars to align” in terms of people’s availability: if you wait for the perfect alignment, the project may never get done.

      If a key stakeholder is unavailable for weeks or months due to PTO or other commitments, don’t jeopardize project timelines to wait for them to be free. Find a relevant designate that can act in their stead!

      You don’t need the entire team on the field at once. Keep certain stakeholders on the bench to swap in and out as needed.

      Info-Tech Insight

      Assemble the key stakeholders for project kick-off to synchronize the application selection process and limit elapsed time. Getting all parties on the same page increases output satisfaction and eliminates rework. Save time and get input from key stakeholders at the project kick-off.

      Assemble a Cross-Functional Team for Best Results

      A blend of both worlds gets the best of both worlds from domain expertise (technical and business)

      The image contains a graph labelled: Likeliness to recommend. It is described in the text below.

      How to manage the cross-functional selection team:

      • There should be a combination of IT and businesspeople involved in the selection process, and ideally the ratio would be balanced.
      • No matter what you are looking for, you should never include more than five people in the selection process.
      • You can keep key stakeholders and other important individuals informed with what is going on, but they don’t necessarily have to be involved in the selection process.

      Leverage a Five-Person Team With Players From Both IT and the Business

      For maximum effectiveness, assign at least one resource to the project on a full-time basis

      IT Leader

      Technical IT

      Business Analyst/ Project Manager

      Business Lead

      Process Expert

      This team member is an IT director or CIO who will provide sponsorship and oversight from the IT perspective.

      This team member will focus on application security, integration, and enterprise architecture.

      This team member elicits business needs and translates them into technology requirements.

      This team member will provide sponsorship from the business needs perspective.

      This team member will contribute their domain-specific knowledge around the processes that the new application supports.

      Info-Tech Insight

      It is critical for the selection team to determine who has decision rights. Organizational culture will play the largest role in dictating which team member holds the final say for selection decisions.

      Ensure That Your Project Has the Right Mix of the Core Team and Ancillary Stakeholders

      Who is involved in selecting the new application?

      • Core selection team:
        • The core team ideally comprises just five members.
        • There will be representatives from IT and the specific business function that is most impacted by the application.
        • The team is typically anchored by a business analyst or project management professional.
        • This is the team that is ultimately accountable for ensuring that the project stays on track and that the right vendor is selected.
      • Ancillary stakeholders:
        • These stakeholders are brought into the selection project on an as-needed basis. They offer commentary on requirements and technical know-how.
        • They will be impacted by the project outcome but they do not bear ultimate accountability for selecting the application.
      The image contains an outer circle that lists Ancillary Stakeholders, and an inner selection team that lists core selection teams.

      Tweak the Team Composition Based on the Application Category in Question

      All applications are different. Some categories may require a slightly different balance of business and IT users.

      When to adjust the selection team’s business to IT ratio:

      • Increase the number of business stakeholders for customer-centric applications like customer relationship management and customer service management.
      • Keep projects staffed with more technical resources when selecting internal-facing tools like network monitoring platforms, next-generation firewalls, and endpoint protection systems.
      The image contains a graph to demonstrate how to tweak the team composition based on the application category.

      When to adjust the selection team’s business to IT ratio:

      • Increase the number of business stakeholders for customer-centric applications like customer relationship management and customer service management.
      • Keep projects staffed with more technical resources when selecting internal-facing tools like network monitoring platforms, next-generation firewalls, and endpoint protection systems.

      Balance the Selection Team With Decision Makers and Front-Line Resources

      Find the right balance!

      • Make sure to include key decision makers to increase the velocity of approvals.
      • However, it is critical to include the right number of front-line resources to ensure that end-user needs are adequately reflected in the requirements and decision criteria used for selection.

      The image contains a graph on the team composition with number of decision makers involved.

      Info-Tech Insight

      When selecting their software, organizations have an average of two to four business and IT decision makers/influencers on the core selection team.

      Optimize Meeting Cadence to Complete Selection in 30 Days

      Project Cadence:

      • Execute approximately one phase per week.
      • Conduct weekly checkpoints to move through your formal selection framework.
      • Allot two to four hours per touchpoint.

      The image contains a calendar with the five phases spread put over five weeks.

      Info-Tech Insight

      Use weekly touchpoints with the core selection team to eliminate broken telephone. Hold focus groups and workshops to take a more collaborative, timely, and consensus-driven approach to zero in on critical requirements.

      2. Reduce Time Spent on Low-Impact Activities

      ✓ Reduce time spent on internet research. Leverage hard data and experts.

      ✓ Reduce RFP size or skip RFPs entirely.

      ✓ Reduce time spent watching vendor dog and pony shows.

      Reduce Time Spent on Internet Research by Leveraging Hard Data and Experts

      REDUCE BIAS

      Taking a data-driven approach to vendor selection ensures that decisions are made in a manner that reduces human bias and exposure to misaligned incentives.

      SCORING MODELS

      Create a vendor scoring model that uses several different scored criteria (alignment to needs, alignment to architecture, cost, relationship, etc.) and weight them.

      AGGREGATE EXPERIENCES

      When you leverage services such as SoftwareReviews, you’re relying on amalgamated data from hundreds of others that have already been down this path: benefit from their experience!

      PEER-DRIVEN INSIGHTS

      Formally incorporate a review of Category Reports from SoftwareReviews into your vendor selection process to take advantage of peer-driven expert insights.

      Contact Us

      Info-Tech is just a phone call away. Our expert analysts can guide you to successful project completion at no additional cost to you.

      Bloated RFPs Are Weighing You Down

      Avoid “RFP overload” – parse back deliverables for smaller projects

      1. Many IT and procurement professionals are accustomed to deliverable-heavy application selection projects.
      2. Massive amounts of effort is spent creating onerous RFIs, RFPs, vendor demo scripts, reference guides, and Pugh matrices – with only incremental (if any) benefits.
      3. For smaller projects, focus on creating a minimum viable RFP that sketches out a brief need statement and highlights three or four critical process areas to avoid RFP fatigue.

      Draft a lightweight RFI (or minimum viable RFP) to give vendors a snapshot of your needs while managing effort

      An RFI or MV-RFP is a truncated RFP document that highlights core use cases to vendors while minimizing the amount of time the team has to spend building it.

      You may miss out on the right vendor if:

      • The RFP is too long or cumbersome for the vendor to respond.
      • Vendors believe their time is better spent relationship selling.
      • The RFP is unclear and leads them to believe they won’t be successful.
      • The vendor was forced to guess what you were looking for.

      How to write a successful RFI/MV-RFP:

      • Expend your energy relative to the complexity of the required solution or product you’re seeking.
      • A good MV-RFP is structured as follows: a brief description of your organization, business context, and key requirements. It should not exceed a half-dozen pages in length.
      • Be transparent.
      • This could potentially be a long-term relationship, so don’t try to trick suppliers.
      • Be clear in your expectations and focus on the key aspects of what you’re trying to achieve.

      Use the appropriate Info-Tech template for your needs (RFI, RFQ, or RFP). The Request for Information Template is best suited to the RASF approach.

      If Necessary, Make Sure That You Are Going About RFPs the Right Way

      RFPs only add satisfaction when done correctly

      The image contains a graph to demonstrate RFP and satisfaction.

      Info-Tech Insight

      Prescriptive yet flexible: Avoid RFP overload when selecting customer experience–centric applications, but a formal approach to selection is still beneficial.

      When will an RFP increase satisfaction?

      • Satisfaction is increased when the RFP is used in concert with a formal selection methodology. An RFP on its own does not drive significant value.
      • RFPs that focus on an application’s differentiating features lead to higher satisfaction with the selection process.
      • Using the RFP to evaluate mandatory or standard and/or mandatory features yields neutral results.

      Reduce Time Spent Watching Vendor Dog and Pony Shows

      Salesperson charisma and marketing collateral quality should not be primary selection criteria. Sadly, this is the case far too often.

      Use data to take control back from the vendor

      • Taking a data-driven approach to vendor selection ensures that decisions are made in a manner that reduces human bias and exposure to misaligned incentives.
      • When you leverage services such as SoftwareReviews, you’re relying on amalgamated data from hundreds of others that have already been down this path: benefit from their collective experience!

      Kill the “golf course effect” and eliminate stakeholder bias

      • A leading cause of selection failure is human bias. While rarely malicious, the reality is that decision makers and procurement staff can become unduly biased over time by vendor incentives. Conference passes, box seats, a strong interpersonal relationship – these are all things that may be valuable to a decision maker but have no bearing on the efficacy of an enterprise application.
      • A strong selection process mitigates human bias by using a weighted scoring model and basing decisions on hard data: cost, user satisfaction scores, and trusted third-party data from services such as SoftwareReviews.

      Conduct a Day of Rapid-Fire Investigative Interviews

      Zoom in on high-value use cases and answers to targeted questions

      Make sure the solution will work for your business

      Give each vendor 60 to 90 minutes to give a rapid-fire presentation. We suggest the following structure:

      • 20 minutes: company introduction and vision
      • 20 minutes: one high-value scenario walkthrough
      • 20-40 minutes: targeted Q&A from the business stakeholders and procurement team

      To ensure a consistent evaluation, vendors should be asked analogous questions, and a tabulation of answers should be conducted.

      How to challenge the vendors in the investigative interview

      • Change the visualization/presentation.
      • Change the underlying data.
      • Add additional data sets to the artifacts.
      • Collaboration capabilities.
      • Perform an investigation in terms of finding BI objects and identifying previous changes and examine the audit trail.

      Rapid-Fire Vendor Investigative Interview

      Invite vendors to come onsite (or join you via videoconference) to demonstrate the product and to answer questions. Use a highly targeted demo script to help identify how a vendor’s solution will fit your organization’s particular business capability needs.

      Spend Your Time Wisely and Accelerate the Process

      Join the B2B software selection r/evolution

      Awareness

      Education & Discovery

      Evaluation

      Selection

      Negotiation & Configuration

      Reduce Time

      Reduce Time

      Reduce Time

      Reduce Time

      Reduce Time

      Save time
      duplicating existing market research. Save time and maintain alignment with focus groups.

      Save time across tedious demos and understanding the marketplace.

      Save time gathering detailed historical requirements. Instead, focus on key issues.

      Use your time to validate how the solution will handle mission-critical requirements.

      Spend time negotiating with two viable alternatives to reduce price by up to 50%.

      Use a tier-based model to accelerate commodity and complex selection projects.

      Eliminate elapsed process time with focus groups and workshops.

      3. Focus on High-Impact Activities

      ✓ Narrow the field to four contenders prior to in-depth comparison.

      ✓ Identify portfolio overlap with accelerated enterprise architecture oversight.

      ✓ Focus on investigative interviews and proof of concept projects.

      Narrow the Field to a Maximum of Four Contenders

      Focus time spent on the players that we know can deliver strong value

      1. ACCELERATE SELECTION

      Save time by exclusively engaging vendors that support the organization’s differentiating requirements.

      2. DECISION CLARITY

      Prevent stakeholders from getting lost in the weeds with endless lists of vendors.

      3.CONDENSED DEMOS

      Limiting the project to four contenders allows you to stack demos/investigative interviews into the same day.

      4. LICENSING LEVERAGE

      Keep track of key differences between vendor offerings with a tight shortlist.

      Rapid & Effective Selection Decisions

      Consolidating the Vendor Shortlist Up-Front Reduces Downstream Effort

      Put the “short” back in shortlist!

      • Radically reduce effort by narrowing the field of potential vendors earlier in the selection process. Too many organizations don’t funnel their vendor shortlist until nearing the end of the selection process. The result is wasted time and effort evaluating options that are patently not a good fit.
      • Leverage external data (such as SoftwareReviews) and expert opinion to consolidate your shortlist into a smaller number of viable vendors before the investigative interview stage and eliminate time spent evaluating dozens of RFP responses.
      • Having fewer RFP responses to evaluate means you will have more time to do greater due diligence.

      Rapid Enterprise Architecture Evaluations Are High-Impact Activities

      When accelerating selection decisions, finding the right EA is a balancing act

      • Neglecting enterprise architecture as a shortcut to save time often leads to downstream integration problems and decreases application satisfaction.
      • On the other hand, overly drawn out enterprise architecture evaluations can lead to excessively focusing on technology integration versus having a clear and concise understanding of critical business needs.

      Info-Tech Insight

      Targeting an enterprise architecture evaluation as part of your software selection process that does not delay the selection while also providing sufficient insight into platform fit is critical.

      Key activities for rapid enterprise architecture evaluation include:

      1. Security analysis
      2. Portfolio overlap review + integration assessment
      3. Application standards check

      The data confirms that it is worthwhile to spend time on enterprise architecture

      • Considering software architecture fit up-front to determine if new software aligns with the existing application architecture directly links to greater satisfaction.
      • Stakeholders are most satisfied with their software value when there is a good architectural platform fit.
      • Stakeholders that ranked Architectural Platform Fit lower during the selection process were ultimately more unsatisfied with their software choice.

      The image contains a screenshot of data to demonstrate that it is worthwhile to spend time on enterprise architecture.

      Identify Portfolio Overlap With an Accelerated Enterprise Architecture Assessment

      Develop a clear view of any overlap within your target portfolio subset and clear rationalization/consolidation options

      • Application sprawl is a critical pain point in many organizations. It leads to wasted time, money, and effort as IT (and the business) maintain myriad applications that all serve the same functional purpose.
      • Opportunities are missed to consolidate and streamline associated business process management, training, and end-user adoption activities.
      • Identify which applications in your existing architecture serve a duplicate purpose: these applications are the ones you will want to target for consolidation.
      • As you select a new application, identify where it can be used to serve the goal for application rationalization (i.e. can we replace/retire existing applications in our portfolio by standardizing the new one?).

      Keep the scope manageable!

      • Highlight the major functional processes that are closely related to the application you’re selecting and identify which applications support each.
      • The template below represents a top-level view of a set of customer experience management (CXM) applications. Identify linkages between sets of applications and if they’re uni- or bi-directional.
      The image contains a screenshot of images that demonstrate portfolio overlap with an accelerated enterprise architecture assessment.

      Rapidly Evaluate the Security & Risk Profile for a Right-Sized Enterprise Architecture Evaluation

      There are four considerations for determining the security and risk profile for the new application

      1. Financial Risk
      • Consider the financial impact the new application has on the organization.
        • How significant is the investment in technology?
      • If this application fails to meet its business goals and deliver strong return on investment, will there be a significant amount of financial resources to mitigate the problem?
    • Data Sensitivity Risk
      • Understand the type of data that will be handled/stored by the application.
        • For example, a CRM will house customer personally identifiable information (PII) and an ECM will store confidential business documentation.
      • Determine the consequences of a potential breach (i.e. legal and financial).
    • Application Vulnerability Risk
      • Consider whether the application category has a historically strong security track record.
        • For example, enterprise cloud storage solutions may have a different level of vulnerability than an HRIS platform.
    • Infrastructure Risk
      • Determine whether the new application requires changes to infrastructure or additional security investments to safeguard expanded infrastructure.
      • Consider the ways in which the changes to infrastructure increase the vectors for security breaches.

      Spend More Time Validating Key Issues With Deep Technical Assessments

      The image contains a screenshot of an image of an iceberg. The top part of the iceberg is above water and labelled 40%. The rest of the iceberg is below water and is labelled 60%.

      Conversations With the Vendor

      • Initial conversations with the vendor build alignment on overall application capabilities, scope of work, and pricing.

      Pilot Projects and Trial Environments

      • Conduct a proof of concept project to ensure that the application satisfies your non-functional requirements.
      • Technical assessments not only demonstrate whether an application is compatible with your existing systems but also give your technical resources the confidence that the implementation process will be as smooth as possible.
      • Marketing collateral glosses over actual capabilities and differentiation. Use unbiased third-party data and detailed system training material.

      4. Use Rapid & Essential Assessment Tools

      ✓ Focus on key use cases, not lists of features.

      ✓ You only need three essential tools:

      1. Info-Tech’s Vendor Evaluation Workbook
      2. The Software Selection Workbook
      3. A Business Stakeholder Manual

      Focus on Key Use Cases, Not an Endless Laundry List of Table Stakes Features

      Focus on Critical Requirements

      Failure to differentiate must-have and nice-to-have use cases leads to applications full of non-critical features.

      Go Beyond the Table Stakes

      Accelerate the process by skipping common requirements that we know that every vendor will support.

      Streamline the Quantity of Use Cases

      Working with a tighter list of core use cases increases time spent evaluating the most impactful functionality.

      Over-Customization Kills Projects

      Eliminating dubious “sacred cow” requirements reduces costly and painful platform customization.

      Only Make Use of Essential Selection Artifacts

      Vendor selection projects often demand extensive and unnecessary documentation

      The Software Selection Workbook

      Work through the straightforward templates that tie to each phase of the Rapid Application Selection Framework, from assessing the business impact to requirements gathering.

      The image contains a screenshot of The Software Selection Workbook.

      The Vendor Evaluation Workbook

      Consolidate the vendor evaluation process into a single document. Easily compare vendors as you narrow the field to finalists.

      The image contains a screenshot of The Vendor Evaluation Workbook.

      The Guide to Software Selection: A Business Stakeholder Manual

      Quickly explain the Rapid Application Selection Framework to your team while also highlighting its benefits to stakeholders.

      The image contains a screenshot of The Guide to Software Selection: A Business Stakeholder Manual.

      Software Selection Engagement

      Five advisory calls over a five-week period to accelerate your selection process

      • Expert analyst guidance over five weeks on average to select and negotiate software.
      • Save money, align stakeholders, speed up the process, and make better decisions.
      • Use a repeatable, formal methodology to improve your application selection process.
      • Better, faster results, guaranteed, included in membership.
      The image contains a screenshot of the calendar over 30 days that outlines the five calls.

      Click here to book your selection engagement

      Software Selection Workshop

      With 40 hours of advisory assistance delivered online, select better software, faster.

      • 40 hours of expert analyst guidance.
      • Project and stakeholder management assistance.
      • Save money, align stakeholders, speed up the process, and make better decisions.
      • Better, faster results, guaranteed; $20K standard engagement fee.
      The image contains a screenshot of the calendar over 30 days that outlines the five calls.

      CLICK HERE TO BOOK YOUR WORKSHOP ENGAGEMENT

      5. Select Two Viable Options & Engage Both in Negotiation

      ✓ Save more during negotiation by selecting two viable alternatives.

      ✓ Surface a consolidated list of demands prior to entering negotiation.

      ✓ Communicate your success with the organization.

      Save More During Negotiation by Selecting Two Viable Alternatives

      VENDOR 1

      Build in a realistic plan B that allows you to apply leverage to the incumbent or primary vendor of choice.

      VENDOR 2

      If the top contender is aware that they do not have competition, they will be less inclined to make concessions.

      Maintain momentum with two options

      • Should you realize that the primary contender is no longer a viable option (i.e. security concerns), keeping a second vendor in play enables you to quickly pivot without slowing down the selection project.

      Secure best pricing by playing vendors off each other

      • Vendors are more likely to give concessions on the base price once they become aware that a direct competitor has entered the evaluation.

      Truly commit to a thorough analysis of alternatives

      • By evaluating competitive alternatives, you’ll get a more comprehensive view on market standards for a solution and be able to employ a range of negotiation tactics.

      Focus on 5-10 Specific Contract Change Requests

      Accelerate negotiation by picking your battles

      ANALYZE

      DOCUMENT

      CONSOLIDATE

      PRESENT
      • Parse the contract, order form, and terms & conditions for concerning language.
      • Leverage expertise from internal subject matter experts in addition to relevant legal council.
      • Document all concerns and challenges with the language in the vendor contract in a single spreadsheet.
      • Make vendors more receptive to your cause by going one step beyond writing what the change should be. Provide the reasoning behind the change and even the relevant context.
      • Identify the change requests that are most important for the success of the selection project.
      • Compile a list of the most critical change requests.
      • Consider including nice-to-have requests that you can leverage as strategic concessions.
      • Present the consolidated list of critical change requests to the vendor rather than sharing the entire range of potential changes to the contract.
      • Make sure to include context and background for each request.
      • Eliminate potential delays by proactively establishing a timeline for the vendor’s response.

      Share Stories of Cost Savings With the Organization

      Secure IT’s seat at the table

      Hard cost savings speak louder than words. Executive leadership will see IT as the go-to team for driving business value quickly, yet responsibly.

      Build hype around the new software

      Generate enthusiasm by highlighting the improved user experience provided by the new software that was has just been selected.

      Drive end-user adoption

      Position the cost savings as an opportunity to invest in onboarding. An application is only as valuable as your employees’ ability to effectively use it.

      Keep the process rolling

      Use the momentum from the project and its successful negotiation to roll out the accelerated selection approach to more departments across the organization.

      Overall: The Magic Number Saves You Time and Money

      Software selection takes forever. The process of choosing even the smallest apps can drag on for years: sometimes in perpetuity.

      Organizations keep too many players on the field, leading to scheduling slowdowns and scope creep.

      Keeping the size of the core selection team down, while liaising with more stakeholders and subject matter experts (SMEs), leads to improved results.

      Maximize project effectiveness with a five-person team. Project satisfaction and effectiveness are stagnant or decrease once the team grows beyond five people.

      Cumbersome or ad hoc selection processes lead to business-driven software selection.

      Increase stakeholder satisfaction by using a consistent selection framework that captures their needs while not being a burden.

      Empower both IT and end users with a standardized selection process to consistently achieve high satisfaction coming out of software selection projects.

      The image contains a graph that is titled: A compact selection team can save you weeks. The graph demonstrates time saved with a five person team in comparison to larger teams.

      Key Takeaways for Improving Your Selection Process

      1. ALIGN & ELIMINATE ELAPSED TIME
      • Ensure a formal selection process is in place and reduce time by timeboxing the project to 30 days.
      • Align the calendars of the five-person core selection team to maximize efficiency.

      2. REDUCE TIME SPENT ON LOW-IMPACT ACTIVITIES
      • Go beyond the table stakes and accelerate the process by skipping common requirements that we know that every vendor will support.
      • Only make use of essential selection artifacts.

      3. FOCUS ON HIGH- IMPACT ACTIVITIES
      • Skip the vendor dog and pony shows with investigative interviews.
      • Minimize time spent on novel-sized RFPs; instead highlight three or four critical process areas.

      4. USE RAPID & ESSENTIAL ASSESSMENT TOOLS
      • Consolidating the vendor shortlist up-front reduces downstream effort.
      • Application sprawl is a critical pain point in many organizations that leads to wasted time and money.

      5. ENGAGE TWO VIABLE VENDORS IN NEGOTIATION
      • Build in a realistic plan B that allows you to apply leverage to the incumbent or primary vendor of choice.
      • Pick your battles and focus on 5-10 specific contract change requests.

      Appendix

      This study is based on a survey of 43,000 real-world IT practitioners.

      • SoftwareReviews (a sister company of Info-Tech Research Group) collects and aggregates feedback on a wide variety of enterprise technologies.
      • The practitioners are actual end users of hundreds of different enterprise application categories.
      • The following slides highlight the supplementary data points from the comprehensive survey.

      Methodology

      A comprehensive study based on the responses of thousands of real-world practitioners.

      Qualitative & Secondary

      Using comprehensive statistical techniques, we surveyed what our members identified as key drivers of success in selecting enterprise software. Our goal was to determine how organizations can accelerate selection processes and improve outcomes by identifying where people should spend their time for the best results.

      Large-n Survey

      To determine the “Magic Numbers,” we used a large-n survey: 40,000 respondents answered questions about their applications, selection processes, organizational firmographics, and personal characteristics. We used this data to determine what drives satisfaction not only with the application but with the selection process itself.

      Quantitative Drill-Down

      We used the survey to narrow the list of game-changing practices. We then conducted additional quantitative research to understand why our respondents may have selected the responses they did.

      Define a Sourcing Strategy for Your Development Team

      • Buy Link or Shortcode: {j2store}161|cart{/j2store}
      • member rating overall impact: N/A
      • member rating average dollars saved: N/A
      • member rating average days saved: N/A
      • Parent Category Name: Development
      • Parent Category Link: /development
      • Hiring quality development team resources is becoming increasingly difficult and costly in most domestic markets.
      • Firms are seeking to do more with less and increase their development team throughput.
      • Globalization and increased competition are driving a need for more innovation in your applications.
      • Firms want more cost certainty and tighter control of their development investment.

      Our Advice

      Critical Insight

      • Choosing the right sourcing strategy is not just a question of technical skills! Successful sourcing is based on matching your organization’s culture, knowledge, and experiences to the right choice of internal or external partnership.

      Impact and Result

      • We will help you build a sourcing strategy document for your application portfolio.
      • We will examine your portfolio and organization from three different perspectives to enable you to determine the right approach:
        • From a business perspective, reliance on the business, strategic value of the product, and maturity of product ownership are critical.
        • From an organizational perspective, you must examine your culture for communication processes, conflict resolution methods, vendor management skills, and geographic coverage.
        • From a technical perspective, consider integration complexity, environmental complexity, and testing processes.

      Define a Sourcing Strategy for Your Development Team Research & Tools

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Define a Sourcing Strategy for Your Development Team Storyboard – A guide to help you choose the right resourcing strategy to keep pace with your rapidly changing application and development needs.

      This project will help you define a sourcing strategy for your application development team by assessing key factors about your products and your organization, including critical business, technical, and organizational factors. Use this analysis to select the optimal sourcing strategy for each situation.

      • Define a Sourcing Strategy for Your Development Team Storyboard

      2. Define a Sourcing Strategy Workbook – A tool to capture the results of activities to build your sourcing strategy.

      This workbook is designed to capture the results of the activities in the storyboard. Each worksheet corresponds with an activity from the deck. The workbook is also a living artifact that should be updated periodically as the needs of your team and organization change.

      • Define a Sourcing Strategy Workbook
      [infographic]

      Further reading

      Define a Sourcing Strategy for Your Development Team

      Choose the right resourcing strategy to keep pace with your rapidly changing application and development needs.

      Analyst Perspective

      Choosing the right sourcing strategy for your development team is about assessing your technical situation, your business needs, your organizational culture, and your ability to manage partners!

      Photo of Dr. Suneel Ghei, Principal Research Director, Application Development, Info-Tech Research Group

      Firms today are under continuous pressure to innovate and deliver new features to market faster while at the same time controlling costs. This has increased the need for higher throughput in their development teams along with a broadening of skills and knowledge. In the face of these challenges, there is a new focus on how firms source their development function. Should they continue to hire internally, offshore, or outsource? How do they decide which strategy is the right fit?

      Info-Tech’s research shows that the sourcing strategy considerations have evolved beyond technical skills and costs. Identifying the right strategy has become a function of the characteristics of the organization, its culture, its reliance on the business for knowledge, its strategic value of the application, its vendor management skills, and its ability to internalize external knowledge. By assessing these factors firms can identify the best sourcing mix for their development portfolios.

      Dr. Suneel Ghei
      Principal Research Director, Application Development
      Info-Tech Research Group

      Executive Summary

      Your Challenge
      • Hiring quality development team resources is becoming increasingly difficult and costly in most domestic markets.
      • Firms are seeking to do more with less and increase their development team throughput.
      • Globalization and increased competition is driving a need for more innovation in your applications.
      • Firms want more cost certainty and tighter control of their development investment.
      		 Common Obstacles
      • Development leaders are encouraged to manage contract terms and SLAs rather than build long-term relationships.
      • People believe that outsourcing means you will permanently lose the knowledge around solutions.
      • Moving work outside of the current team creates motivational and retention challenges that can be difficult to overcome.
      		 Info-Tech’s Approach
      • Looking at this from these three perspectives will enable you to determine the right approach:
        1. From a business perspective, reliance on the business, strategic value of the product, and maturity of product ownership are critical.
        2. From an organizational perspective, you must examine your culture for communication processes, conflict resolution methods, vendor management skills, and geographic coverage
        3. From a technical perspective, consider integration complexity, environment complexity, and testing processes.

      Info-Tech Insight

      Choosing the right sourcing strategy is not just a question of technical skills! Successful sourcing is based on matching your organization’s culture, knowledge, and experiences to the right choice of internal or external partnership.

      Define a sourcing strategy for your development team

      Business
      • Business knowledge/ expertise required
      • Product owner maturity
      Technical
      • Complexity and maturity of technical environment
      • Required level of integration
      Organizational
      • Company culture
      • Desired geographic proximity
      • Required vendor management skills
      1. Assess your current delivery posture for challenges and impediments.
      2. Decide whether to build or buy a solution.
      3. Select your desired sourcing strategy based on your current state and needs.
      		 Example sourcing strategy with initiatives like 'Client-Facing Apps' and 'ERP Software' assigned to 'Onshore Dev', 'Outsource Team', 'Offshore Dev', 'Outsource App (Buy)', 'Outsource Dev', or 'Outsource Roles'.

      Three Perspectives +

      Three Steps =

      Your Sourcing Strategy

      Diverse sourcing is used by many firms

      Many firms across all industries are making use of different sourcing strategies to drive innovation and solve business issues.

      According to a report by ReportLinker the global IT services outsourcing market reached US$413.8 billion in 2021.

      In a recent study of Canadian software firms, it was found that almost all firms take advantage of outside knowledge in their application development process. In most cases these firms also use outside resources to do development work, and about half the time they use externally built software packages in their products (Ghei, 2020)!

      Info-Tech Insight

      In today’s diverse global markets, firms that wish to stay competitive must have a defined ability to take advantage of external knowledge and to optimize their IT services spend.

      		Modeling Absorptive Capacity for Open Innovation in the Canadian Software Industry (Source: Ghei, 2020; n=54.)

      56% of software development firms are sourcing applications instead of resources.

      68% of firms are sourcing external resources to develop software products.

      91% of firms are leveraging knowledge from external sources.

      Internal sourcing models

      Insourcing comes in three distinct flavors

      Geospatial map giving example locations for the three internal sourcing models. In this example, 'Head Office' is located in North America, 'Onshore' is 'Located in the same area or even office as your core business resources. Relative Cost: $$$', 'Near Shore' is 'Typically, within 1-3 time zones for ease of collaboration where more favorable resource costs exist. Relative Cost: $$', and 'Offshore' is 'Located in remote markets where significant labor cost savings can be realized. Relative Cost: $'.

      Info-Tech Insight

      Insourcing allows you to stay close to more strategic applications. But choosing the right model requires a strong look inside your organization and your ability to provide business knowledge support to developers who may have different skills and cultures and are in different geographies.

      Outsourcing models

      External sourcing can be done to different degrees

      Outsource Roles
      • Enables resource augmentation
      • Typically based on skills needs
      • Short-term outsourcing with eventual integration or dissolution
      Outsource Teams (or Projects)
      • Use of a full team or multiple teams of vendor resources
      • Meant to be temporary, with knowledge transfer at the end of the project
      Outsource Products
      • Use of a vendor to build, maintain, and support the full product
      • Requires a high degree of contract management skill

      Info-Tech Insight

      Outsourcing represents one of the most popular ways for organizations to source external knowledge and skills. The choice of model is a function of the organization’s ability to support the external resources and to absorb the knowledge back into the organization.

      Defining your sourcing strategy

      Follow the steps below to identify the best match for your organization

      Review Your Current Situation

      Review the issues and opportunities related to application development and categorize them based on the key factors.

      		 Arrow pointing right. Assess Build Versus Buy

      Before choosing a sourcing model you must assess whether a particular product or function should be bought as a package or developed.

      		 Arrow pointing right. Choose the Right Sourcing Strategy

      Based on the research, use the modeling tool to match the situation to the appropriate sourcing solution.

      Step 1.1

      Review Your Current Situation

      Activities
      • 1.1.1 Identify and categorize your challenges

      This step involves the following participants:

      • Product management team
      • Software development leadership team
      • Key stakeholders
      Outcomes of this step

      Review your current delivery posture for challenges and impediments.

      Define a Sourcing Strategy for Your Development Team
      Step 1.1 Step 1.2 Step 1.3

      Review your situation

      There are three key areas to examine in your current situation:

      Business Challenges
      • Do you need to gain new knowledge to drive innovation?
      • Does your business need to enhance its software to improve its ability to compete in the market?
      • Do you need to increase your speed of innovation?

      Technology Challenges

      • Are you being asked to take tighter control of your development budgets?
      • Does your team need to expand their skills and knowledge?
      • Do you need to increase your development speed and capacity?

      Market Challenges

      • Is your competition seen as more innovative?
      • Do you need new features to attract new clients?
      • Are you struggling to find highly skilled and knowledgeable development resources?
      		Stock image of multi-colored arrows travelling in a line together before diverging.

      Info-Tech Insight

      Sourcing is a key tool to solve business and technical challenges and enhance market competitiveness when coupled with a robust definition of objectives and a way to measure success.

      1.1.1 Identify and categorize your challenges

      60 minutes

      Output: List of the key challenges in your software lifecycle. Breakdown of the list into categories to identify opportunities for sourcing

      Participants: Product management team, Software development leadership team, Key stakeholders

      1. What challenge is your firm is facing with respect to your software that you think sourcing can address? (20 minutes)
      2. Is the challenge related to a business outcome, development methodology, or technology challenge? (10 minutes)
      3. Is the challenge due to a skills gap, budget or resource challenge, throughput issue, or a broader organizational knowledge or process issue? (10 minutes)
      4. What is the specific objective for the team/leader in addressing this challenge? (15 minutes)
      5. How will you measure progress and achievement of this objective? (5 minutes)

      Document results in the Define a Sourcing Strategy Workbook

      Identify and categorize your challenges

      Sample table for identifying and categorizing challenges, with column groups 'Challenge' and 'Success Measures' containing headers 'Issue, 'Category', 'Breadth', and 'Stakeholder' in the former, and 'Objective' and 'Measurement' in the latter.

      Step 1.2

      Assess Build Versus Buy

      Activities
      • 1.2.1 Understand the benefits and drawbacks of build versus buy in your organizational context

      This step involves the following participants:

      • Product management team
      • Software development leadership team
      • Key stakeholders

      Outcomes of this step

      Understand in your context the benefits and drawbacks of build versus buy, leveraging Info-Tech’s recommended definitions as a starting point.

      Define a Sourcing Strategy for Your Development Team

      Step 1.1 Step 1.2 Step 1.3

      Look vertically across the IT hierarchy to assess the impact of your decision at every level

      IT Hierarchy with 'Enterprise' at the top, branching out to 'Portfolio', then to 'Solution' at the bottom. The top is 'Strategic', the bottom 'Operational'.

      Regardless of the industry, a common and challenging dilemma facing technology teams is to determine when they should build software or systems in-house versus when they should rely wholly on an outside vendor for delivering on their technology needs.

      The answer is not as cut and dried as one would expect. Any build versus buy decision may have an impact on strategic and operational plans. It touches every part of the organization, starting with individual projects and rolling up to the enterprise strategy.

      Info-Tech Insight

      Do not ignore the impact of a build or buy decision on the various management levels in an IT organization.

      Deciding whether to build or buy

      It is as much about what you gain as it is about what problem you choose to have

      BUILD BUY

      Multi-Source Best of Breed

      Integrate various technologies that provide subset(s) of the features needed for supporting the business functions.

      Vendor Add-Ons & Integrations

      Enhance an existing vendor’s offerings by using their system add-ons either as upgrades, new add-ons, or integrations.
      Pros
      • Flexibility in choice of tools
      • In some cases, cost may be lower
      • Easier to enhance with in-house teams
      		 Cons
      • Introduces tool sprawl
      • Requires resources to understand tools and how they integrate
      • Some of the tools necessary may not be compatible with one another
      		 Pros
      • Reduces tool sprawl
      • Supports consistent tool stack
      • Vendor support can make enhancement easier
      • Total cost of ownership may be lower
      		 Cons
      • Vendor lock-in
      • The processes to enhance may require tweaking to fit tool capability

      Multi-Source Custom

      Integrate systems built in-house with technologies developed by external organizations.

      Single Source

      Buy an application/system from one vendor only.
      Pros
      • Flexibility in choice of tools
      • In some cases, cost may be lower
      • Easier to enhance with in-house teams
      		 Cons
      • May introduce tool sprawl
      • Requires resources to have strong technical skills
      • Some of the tools necessary may not be compatible with one another
      		 Pros
      • Reduces tool sprawl
      • Supports consistent tool stack
      • Vendor support can make enhancement easier
      • Total cost of ownership may be lower
      		 Cons
      • Vendor lock-in
      • The processes to enhance may require tweaking to fit tool capability

      1.2.1 Understand the benefits and drawbacks of build versus buy in your organizational context

      30 minutes

      Output: A common understanding of the different approaches to build versus buy applied to your organizational context

      Participants: Product management team, Software development leadership team, Key stakeholders

      1. Look at the previous slide, Deciding whether to build or buy.
      2. Discuss the pros and cons listed for each approach.
        1. Do they apply in your context? Why or why not?
        2. Are there some approaches not applicable in terms of how you wish to work?
      3. Record the curated list of pros and cons for the different build/buy approaches.
      4. For each approach, arrange the pros and cons in order of importance.

      Document results in the Define a Sourcing Strategy Workbook

      Step 1.3

      Choose the Right Sourcing Strategy

      Activities
      • 1.3.1 Determine the right sourcing strategy for your needs

      This step involves the following participants:

      • Product management team
      • Software development leadership team
      • Key stakeholders

      Outcomes of this step

      Choose your desired sourcing strategy based on your current state and needs.

      Define a Sourcing Strategy for Your Development Team

      Step 1.1 Step 1.2 Step 1.3

      Choose the right sourcing strategy

      • Based on our research, finding the right sourcing strategy for a particular situation is a function of three key areas:
        • Business drivers
        • Organizational drivers
        • Technical drivers
      • Each area has key characteristics that must be assessed to confirm which strategy is best suited for the situation.
      • Once you have assessed the factors and ranked them from low to high, we can then match your results with the best-fit strategy.
      		Business
      • Business knowledge/ expertise required
      • Product owner maturity

      Technical

      • Complexity and maturity of technical environment
      • Required level of integration

      Organizational

      • Your culture
      • Desired geographic proximity
      • Required vendor management skills

      Business drivers

      To choose the right sourcing strategy, you need to assess your key drivers of delivery

      Product Knowledge
      • The level of business involvement required to support the development team is a critical factor in determining the sourcing model.
      • Both the breadth and depth of involvement are critical factors.
      Strategic Value
      • The strategic value of the application to the company is also a critical component.
      • The more strategic the application is to the company, the closer the sourcing should be maintained.
      • Value can be assessed based on the revenue derived from the application and the depth of use of the application by the organization.
      Product Ownership Maturity
      • To support sourcing models that move further from organizational boundaries a strong product ownership function is required.
      • Product owners should ideally be fully allocated to the role and engaged with the development teams.
      • Product owners should be empowered to make decisions related to the product, its vision, and its roadmap.
      • The higher their allocation and empowerment, the higher the chances of success in external sourcing engagements.
      		 Stock image of a person running up a line with a positive trend.

      Case Study: The GoodLabs Studio Experience Logo for GoodLabs Studio.

      INDUSTRY: Software Development | SOURCE: Interview with Thomas Lo, Co-Founder, GoodLabs Studio
      Built to Outsource Development Teams
      • GoodLabs is an advanced software innovation studio that provides bespoke team extensions or turnkey digital product development with high-caliber software engineers.
      • Unlike other consulting firms, GoodLabs works very closely with its customers as a unified team to deliver the most significant impact on clients’ projects.
      • With this approach, it optimizes the delivery of strong software engineering skills with integrated product ownership from the client, enabling long-term and continued success for its clients.
      		 Results
      • GoodLabs is able to attract top engineering talent by focusing on a variety of complex projects that materially benefit from technical solutions, such as cybersecurity, fraud detection, and AI syndrome surveillance.
      • Taking a partnership approach with the clients has led to the successful delivery of many highly innovative and challenging projects for the customers.

      Organizational drivers

      To choose the right sourcing strategy for a particular problem you need to assess the organization’s key capabilities

      Stock photo of someone placing blocks with illustrated professionals one on top of the other. Vendor Management
      • Vendor management is a critical skill for effective external sourcing.
      • This can be assessed based on the organization’s ability to cultivate and grow long-term relationships of mutual value.
      • The longevity and growth of existing vendor relationships can be a good benchmark for future success.
      Absorptive Capacity
      • To effectively make use of external sourcing models, the organization must have a well-developed track record of absorbing outside knowledge.
      • This can be assessed by looking at past cases where external knowledge was sourced and internalized, such as past vendor development engagements or use of open-source code.
      Organizational Culture
      • Another factor in success of vendor engagements and long-term relationships is the matching of organizational cultures.
      • It is key to measure the organization’s current position on items like communication strategy, geographical dispersal, conflict resolution strategy, and hierarchical vs flat management.
      • These factors should be documented and matched with partners to determine the best fit.

      Case Study: WCIRB California Logo for WCIRB California.

      INDUSTRY: Workers Compensation Insurance | SOURCE: Interview with Roger Cottman, Senior VP and CIO, WCIRB California
      Trying to Find the Right Match
      • WCIRB is finding it difficult to hire local resources in California.
      • Its application is a niche product. Since no off-the-shelf alternatives exist, the organization will require a custom application.
      • WCIRB is in the early stages of a digital platform project and is looking to bring in a partner to provide a full development team, with the goal of ideally bringing the application back in-house once it is built.
      • The organization is looking for a local player that will be able to integrate well with the business.
      • It has engaged with two mid-sized players but both have been slow to respond, so it is now considering alternative approaches.
      		 Info-Tech’s Recommended Approach
      • WCIRB is finding that mid-sized players don’t fit its needs and is now looking for a larger player
      • Based on our research we have advised that WCIRB should ensure the partner is geographically close to its location and can be a strategic partner, not simply work on an individual project.

      Technical drivers

      To choose the right sourcing strategy for a particular problem you need to assess your technical situation and capabilities

      Environment Complexity
      • The complexity of your technical environment is a hurdle that must be overcome for external sourcing models.
      • The number of environments used in the development lifecycle and the location of environments (physical, virtual, on-premises, or cloud) are key indicators.
      Integration Requirements
      • The complexity of integration is another key technical driver.
      • The number of integrations required for the application is a good measuring stick. Will it require fewer than 5, 5-10, or more than 10?
      Testing Capabilities
      • Testing of the application is a key technical driver of success for external models.
      • Having well-defined test cases, processes, and shared execution with the business are all steps that help drive success of external sourcing models.
      • Test automation can also help facilitate success of external models.
      • Measure the percentage of test cases that are standardized, the level of business involvement, and the percentage of test cases that are automated.
      		 Stock image of pixelated light.

      Case Study: Management Control Systems (MC Systems) Logo for MC Systems.

      INDUSTRY: Technology Services | SOURCE: Interview with Kathryn Chin See, Business Development and Research Analyst, MC Systems
      Seeking to Outsource Innovation
      • MC Systems is seeking to outsource its innovation function to get budget certainty on innovation and reduce costs. It is looking for a player that has knowledge of the application areas it is looking to enhance and that would augment its own business knowledge.
      • In previous outsourcing experiences with skills augmentation and application development the organization had issues related to the business depth and product ownership it could provide. The collaborations did not lead to success as MC Systems lacked product ownership and the ability to reintegrate the outside knowledge.
      • The organization is concerned about testing of a vendor-built application and how the application will be supported.
      		 Info-Tech’s Recommended Approach
      • To date MC Systems has had success with its outsourcing approach when outsourcing specific work items.
      • It is now looking to expand to outsourcing an entire application.
      • Info-Tech’s recommendation is to seek partners who can take on development of the application.
      • MC Systems will still need resources to bring knowledge back in-house for testing and to provide operational support.

      Choosing the right model
      Legend for the table below using circles with quarters to represent Low (0 quarters) to High (4 quarters).
      Determinant Key Questions to Ask Onshore Nearshore Offshore Outsource Role(s) Outsource Team Outsource Product(s)
      Business Dependence How much do you rely on business resources during the development cycle? Circle with 4 quarters. Circle with 3 quarters. Circle with 1 quarter. Circle with 2 quarters. Circle with 1 quarter. Circle with 0 quarters.
      Absorptive Capacity How successful has the organization been at bringing outside knowledge back into the firm? Circle with 0 quarters. Circle with 1 quarter. Circle with 1 quarter. Circle with 2 quarters. Circle with 1 quarter. Circle with 4 quarters.
      Integration Complexity How many integrations are required for the product to function – fewer than 5, 5-10, or more than 10? Circle with 4 quarters. Circle with 3 quarters. Circle with 3 quarters. Circle with 2 quarters. Circle with 1 quarter. Circle with 0 quarters.
      Product Ownership Do you have full-time product owners in place for the products? Do product owners have control of their roadmaps? Circle with 1 quarter. Circle with 2 quarters. Circle with 3 quarters. Circle with 2 quarters. Circle with 4 quarters. Circle with 4 quarters.
      Organization Culture Fit What are your organization’s communication and conflict resolution strategies? Is your organization geographically dispersed? Circle with 1 quarter. Circle with 1 quarter. Circle with 3 quarters. Circle with 1 quarter. Circle with 3 quarters. Circle with 4 quarters.
      Vendor Mgmt Skills What is your skill level in vendor management? How long are your longest-standing vendor relationships? Circle with 0 quarters. Circle with 1 quarter. Circle with 1 quarter. Circle with 2 quarters. Circle with 3 quarters. Circle with 4 quarters.

      1.3.1 Determine the right sourcing strategy for your needs

      60 minutes

      Output: A scored matrix of the key drivers of the sourcing strategy

      Participants: Development leaders, Product management team, Key stakeholders

      Choose one of your products or product families and assess the factors below on a scale of None, Low, Medium, High, and Full.

      • 3.1 Assess the business factors that drive selection using these key criteria (20 minutes):
        • 3.1.1 Product knowledge
        • 3.1.2 Strategic value
        • 3.1.3 Product ownership
      • 3.2 Assess the organizational factors that drive selection using these key criteria (20 minutes):
        • 3.2.1 Vendor management
        • 3.2.2 Absorptive capacity
        • 3.2.3 Organization culture
      • 3.3 Assess the technical factors that drive selection using these key criteria (20 minutes):
        • 3.3.1 Environments
        • 3.3.2 Integration
        • 3.3.3 Testing

      Document results in the Define a Sourcing Strategy Workbook

      Things to Consider When Implementing

      Once you have built your strategy there are some additional things to consider

      Things to Consider Before Acting on Your Strategy

      By now you understand what goes into an effective sourcing strategy. Before implementing one, there are a few key items you need to consider:

      Example 'Sourcing Strategy for Your Portfolio' with initiatives like 'Client-Facing Apps' and 'ERP Software' assigned to 'Onshore Dev', 'Outsource Team', 'Offshore Dev', 'Outsource App (Buy)', 'Outsource Dev', or 'Outsource Roles'. Start with a pilot
      • Changing sourcing needs to start with one team.
      • Grow as skills develop to limit risk.
      Build an IT workforce plan Enhance your vendor management skills Involve the business early and often
      • The business should feel they are part of the discussion.
      • See our Agile/DevOps Research Center for more information on how the business and IT can better work together.
      Limit sourcing complexity
      • Having too many different partners and models creates confusion and will strain your ability to manage vendors effectively.

      Bibliography

      Apfel, Isabella, et al. “IT Project Member Turnover and Outsourcing Relationship Success: An Inverted-U Effect.” Developments, Opportunities and Challenges of Digitization, 2020. Web.

      Benamati, John, and Rajkumar, T.M. “The Application Development Outsourcing Decision: An Application of the Technology Acceptance Model.” Journal of Computer Information Systems, vol. 42, no. 4, 2008, pp. 35-43. Web.

      Benamati, John, and Rajkumar, T.M. “An Outsourcing Acceptance Model: An Application of TAM to Application Development Outsourcing Decisions.” Information Resources Management Journal, vol. 21, no. 2, pp. 80-102, 2008. Web.

      Broekhuizen, T. L. J., et al. “Digital Platform Openness: Drivers, Dimensions and Outcomes.” Journal of Business Research, vol. 122, July 2019, pp. 902-914. Web.

      Brook, Jacques W., and Albert Plugge. “Strategic Sourcing of R&D: The Determinants of Success.” Business Information Processing, vol. 55, Aug. 2010, pp. 26-42. Web.

      Delen, G. P A.J., et al. “Foundations for Measuring IT-Outsourcing Success and Failure.” Journal of Systems and Software, vol. 156, Oct. 2019, pp. 113-125. Web.

      Elnakeep, Eman, et al. “Models and Frameworks for IS Outsourcing Structure and Dimensions: A Holistic Study.” Lecture notes in Networks and Systems, 2019. Web.

      Ghei, Suneel. Modeling Absorptive Capacity for Open Innovation in the Software Industry. 2020. Faculty of Graduate Studies, Athabasca University, 2020. DBA Dissertation.

      “IT Outsourcing Market Research Report by Service Model, Organization Sizes, Deployment, Industry, Region – Global Forecast to 2027 – Cumulative Impact of COVID-19.” ReportLinker, April 2022. Web.

      Jeong, Jongkil Jay, et al. “Enhancing the Application and Measurement of Relationship Quality in Future IT Outsourcing Studies.” 26th European Conference on Information Systems: Beyond Digitization – Facets of Socio-Tehcnical Change: Proceedings of ECIS 2018, Portsmouth, UK, June 23-28, 2018. Edited by Peter Bednar, et al., 2018. Web.

      Könning, Michael. “Conceptualizing the Effect of Cultural Distance on IT Outsourcing Success.” Proceedings of Australasian Conference on Information Systems 2018, Sydney, Australia, Dec. 3-5, 2018. Edited by Matthew Noble, UTS ePress, 2018. Web.

      Lee, Jae-Nam, et al. “Holistic Archetypes of IT Outsourcing Strategy: A Contingency Fit and Configurational Approach.” MIS Quarterly, vol. 43, no. 4, Dec. 2019, pp. 1201-1225. Web.

      Loukis, Euripidis, et al. “Determinants of Software-as-a-Service Benefits and Impact on Firm Performance.” Decision Support Systems, vol. 117, Feb. 2019, pp. 38-47. Web.

      Martensson, Anders. “Patterns in Application Development Sourcing in the Financial Industry.” Proceedings of the 13th European Conference of Information Systems, 2004. Web.

      Martínez-Sánchez, Angel, et al. “The Relationship Between R&D, the Absorptive Capacity of Knowledge, Human Resource Flexibility and Innovation: Mediator Effects on Industrial Firms.” Journal of Business Research, vol. 118, Sept. 2020, pp. 431-440. Web.

      Moreno, Valter, et al. “Outsourcing of IT and Absorptive Capacity: A Multiple Case Study in the Brazilian Insurance Sector.” Brazilian Business Review, vol. 17, no. 1, Jan.-Feb. 2020, pp. 97-113. Web.

      Ozturk, Ebru. “The Impact of R&D Sourcing Strategies on Basic and Developmental R&D in Emerging Economies.” European Journal of Innovation Management, vol. 21, no. 7, May 2018, pp. 522-542. Web.

      Ribas, Imma, et al. “Multi-Step Process for Selecting Strategic Sourcing Options When Designing Supply Chains.” Journal of Industrial Engineering and Management, vol. 14, no. 3, 2021, pp. 477-495. Web.

      Striteska, Michaela Kotkova, and Viktor Prokop. “Dynamic Innovation Strategy Model in Practice of Innovation Leaders and Followers in CEE Countries – A Prerequisite for Building Innovative Ecosystems.” Sustainability, vol. 12, no. 9, May 2020. Web.

      Thakur-Wernz, Pooja, et al. “Antecedents and Relative Performance of Sourcing Choices for New Product Development Projects.” Technovation, 2020. Web.

      Unify a Mixed Methodology Portfolio

      • Buy Link or Shortcode: {j2store}441|cart{/j2store}
      • member rating overall impact: N/A
      • member rating average dollars saved: N/A
      • member rating average days saved: N/A
      • Parent Category Name: Portfolio Management
      • Parent Category Link: /portfolio-management
      • As portfolio manager, you oversee a portfolio made up of projects using different types of planning and execution methodologies – from traditional Waterfall, to Agile, to hybrid approaches and beyond. The discontinuity between reporting metrics and funding models makes a holistic and perpetually actionable view of the portfolio elusive.
      • Agile’s influence is growing within the organization’s project ecosystem. Even projects that don’t formally use Agile methods often adopt agile tendencies, such as mitigating risk with shorter, more iterative development cycles and increasing collaboration with stakeholders. While this has introduced efficiencies at the project level, it has not translated into business agility, with decision makers still largely playing a passive role in terms of steering the portfolio.
      • Senior management still expects traditional commitments and deadlines, not “sprints” and “velocity.” The reluctance of many Agile purists to adhere to traditional timeline, budget, and scope commitments is not making Agile a particularly popular conversation topic among the organization’s decision-making layer.
      • As portfolio manager, it’s your job to unify these two increasingly fragmented worlds into a unified portfolio.

      Our Advice

      Critical Insight

      • As Agile’s influence grows and project methodologies morph and proliferate, a more engaged executive layer is required than what we see in a traditional portfolio approach. Portfolio owners have to decide what gets worked on at a regular cadence.
      • What’s the difference? In the old paradigm, nobody stopped the portfolio owners from approving too much. Decisions were based on what should be done, rather than what could get done in a given period, with the resources available.
      • The engaged portfolio succeeds by making sure that the right people work on the right things as much as possible. The portfolio owner plays a key, ongoing role in identifying the work that needs to be done, and the portfolio managers optimize the usage of resources.

      Impact and Result

      • Establish universal control points. While the manager of a mixed methodology portfolio doesn’t need to enforce a standardized project methodology, she or he does need to establish universal control points for both intake and reporting at the portfolio level. Use this research to help you define a sustainable process that will work for all types of projects.
      • Scale the approvals process. For a mixed methodology portfolio to work, the organization needs to reconcile different models for approving and starting projects. This blueprint will help you define a right-sized intake process and decision-making paradigm for sprints and project phases alike.
      • Foster ongoing executive engagement. Mixed methodology success is contingent on regular and ongoing executive engagement. Use the tools and templates associated with this blueprint to help get buy-in and commitment upfront, and then to build out portfolio reports and dashboard that will help keep the executive layer informed and engaged long term.

      Unify a Mixed Methodology Portfolio Research & Tools

      Start here – read the Executive Brief

      Read our concise Executive Brief to find out why you should consider an Engaged Agile Portfolio approach, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Get portfolio commitments

      Assess the current state of the portfolio and ensure that portfolio owners and other stakeholders are onboard before you move forward to develop and implement new portfolio processes.

      • Unify a Mixed Methodology Portfolio – Phase 1
      • Mixed Methodology Portfolio Analyzer
      • Mixed Methodology Portfolio Strategy Template
      • Mixed Methodology Portfolio Stakeholder Survey Tool

      2. Define your portfolio processes

      Wireframe standardized portfolio processes for all project methodologies to follow.

      • Unify a Mixed Methodology Portfolio – Phase 2
      • Agile Portfolio Sprint Prioritization Tool
      • Project Methodology Assessment Tool

      3. Implement your processes

      Pilot your new portfolio processes and decision-making paradigm. Then, execute a change impact analysis to inform your communications strategy and implementation plan.

      • Unify a Mixed Methodology Portfolio – Phase 3
      • Process Pilot Plan Template
      • Intake and Prioritization Impact Analysis Tool
      • Resource Management Impact Analysis Tool
      [infographic]

      Workshop: Unify a Mixed Methodology Portfolio

      Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

      1 Assess Current State of the Portfolio

      The Purpose

      Determine the current state of your project execution and portfolio oversight practices.

      Align different types of projects within a unified portfolio.

      Define the best roles and engagement strategies for individual stakeholders as you transition to an Engaged Agile Portfolio.

      Key Benefits Achieved

      A current state understanding of project and portfolio management challenges.

      Bolster the business case for developing an Engaged Agile Portfolio.

      Increase stakeholder and team buy-in.

      Activities

      1.1 Calculate the size of your portfolio in human resource hours.

      1.2 Estimate your project sizes and current project methodology mix.

      1.3 Document the current known status of your in-flight projects.

      1.4 Perform a project execution portfolio oversight survey.

      Outputs

      Your portfolio’s project capacity in resource hours.

      Better understanding of project demand and portfolio mix.

      Current state visibility.

      An objective assessment of current areas of strengths and weaknesses.

      2 Define Your Portfolio Processes

      The Purpose

      Objectively and transparently approve, reject, and prioritize projects.

      Prioritize work to start and stop on a sprint-by-sprint basis.

      Maintain a high frequency of accurate reporting.

      Assess and report the realization of project benefits.

      Key Benefits Achieved

      Improve timeliness and accuracy of project portfolio reporting.

      Make better, faster decisions about when to start and stop work on different projects.

      Increase stakeholder satisfaction.

      Activities

      2.1 Develop a portfolio intake workflow.

      2.2 Develop a prioritization scorecard and process.

      2.3 Establish a process to estimate sprint demand and resource supply.

      2.4 Develop a process to estimate sprint value and necessity.

      Outputs

      An intake workflow.

      A prioritization scorecard and process.

      A process to estimate sprint demand and resource supply.

      A process to estimate sprint value and necessity.

      3 Implement Your Processes

      The Purpose

      Analyze the potential change impacts of your new portfolio processes and how they will be felt across the organization.

      Develop an implementation plan to ensure strategy buy-in.

      Key Benefits Achieved

      A strategic and well-planned approach to process implementation.

      Activities

      3.1 Analyze change impacts of new portfolio processes.

      3.2 Prepare a communications plan based upon change impacts.

      3.3 Develop an implementation plan.

      3.4 Present new portfolio processes to portfolio owners.

      Outputs

      A change impact analysis.

      A communications plan.

      An implementation plan.

      Portfolio strategy buy-in.

      Key Metrics for Every CIO

      • Buy Link or Shortcode: {j2store}119|cart{/j2store}
      • member rating overall impact: N/A
      • member rating average dollars saved: N/A
      • member rating average days saved: N/A
      • Parent Category Name: Performance Measurement
      • Parent Category Link: /performance-measurement
      • As a CIO, you are inundated with data and information about how your IT organization is performing based on the various IT metrics that exist.
      • The information we receive from metrics is often just that – information. Rarely is it used as a tool to drive the organization forward.
      • CIO metrics need to consider the goals of key stakeholders in the organization.

      Our Advice

      Critical Insight

      • The top metrics for CIOs don’t have anything to do with IT.
      • CIOs should measure and monitor metrics that have a direct impact on the business.
      • Be intentional with the metric and number of metrics that you monitor on a regular basis.
      • Be transparent with your stakeholders on what and why you are measuring those specific metrics.

      Impact and Result

      • Measure fewer metrics, but measure those that will have a significant impact on how your deliver value to your organization.
      • Focus on the metrics that you can take action against, rather than simply monitor.
      • Ensure your metrics tie to your top priorities as a CIO.

      Key Metrics for Every CIO Research & Tools

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Key Metrics for Every CIO deck – The top metrics every CIO should measure and act on

      Leverage the top metrics for every CIO to help focus your attention and provide insight into actionable steps.

      • Key Metrics for Every CIO Storyboard
      [infographic]

      Further reading

      Key Metrics for Every CIO

      The top six metrics for CIOs – and they have very little to do with IT

      Analyst Perspective

      Measure with intention

      Be the strategic CIO who monitors the right metrics relevant to their priorities – regardless of industry or organization. When CIOs provide a laundry list of metrics they are consistently measuring and monitoring, it demonstrates a few things.

      First, they are probably measuring more metrics than they truly care about or could action. These “standardized” metrics become something measured out of expectation, not intention; therefore, they lose their meaning and value to you as a CIO. Stop spending time on these metrics you will be unable or unwilling to address.

      Secondly, it indicates a lack of trust in the IT leadership team, who can and should be monitoring these commonplace operational measures. An empowered IT leader will understand the responsibility they have to inform the CIO should a metric be derailing from the desired outcome.

      Photo of Brittany Lutes, Senior Research Analyst, Organizational Transformation Practice, Info-Tech Research Group. Brittany Lutes
      Senior Research Analyst
      Organizational Transformation Practice
      Info-Tech Research Group

      Executive Summary

      Your Challenge

      CIOs need to measure a set of specific metrics that:

      • Will support the organization’s vision, their career, and the IT function all in one.
      • Can be used as a tool to make informed decisions and take appropriate actions that will improve the IT function’s ability to deliver value.
      • Consider the influence of critical stakeholders, especially the end customer.
      • Are easily measured at any point in time.
      		 Common Obstacles

      CIOs often cannot define these metrics because:

      • We confuse the operational metrics IT leaders need to monitor with strategic metrics CIOs need to monitor.
      • Previously monitored metrics did not deliver value.
      • It is hard to decide on a metric that will prove both insightful and easily measurable.
      • We measure metrics without any method or insight on how to take actionable steps forward.
      		 Info-Tech’s Approach

      For every CIO, there are six areas that should be a focus, no matter your organization or industry. These six priorities will inform the metrics worth measuring:

      • Risk management
      • Delivering on business objectives
      • Customer satisfaction
      • Employee engagement
      • Business leadership relations
      • Managing to a budget

      Info-Tech Insight

      The top metrics for a CIO to measure and monitor have very little to do with IT and everything to do with ensuring the success of the business.

      Your challenge

      CIOs are not using metrics as a personal tool to advance the organization:
      • Metrics should be used as a tool by the CIO to help inform the future actions that will be taken to reach the organization’s strategic vision.
      • As a CIO, you need to have a defined set of metrics that will support your career, the organization, and the IT function you are accountable for.
      • CIO metrics must consider the most important stakeholders across the entire ecosystem of the organization – especially the end customer.
      • The metrics for a CIO are distinctly different from the metrics you use to measure the operational effectiveness of the different IT functions.
      		 “CIOs are businesspeople first and technology people second.” (Myles Suer, Source: CIO, 2019.)

      Common obstacles

      These barriers make this challenge difficult to address for many CIOs:
      • CIOs often do not measure metrics because they are not aware of what should or needs to be measured.
      • As a result of not wanting to measure the wrong thing, CIOs can often choose to measure nothing at all.
      • Or they get too focused on the operational metrics of their IT organization, leaving the strategic business metrics forgotten.
      • Moreover, narrowing the number of metrics that are being measured down to an actionable number is very difficult.
      • We rely only on physical data sets to help inform the measurements, not considering the qualitative feedback received.
      		 CIO priorities are business priorities

      46% of CIOs are transforming operations, focused on customer experiences and employee productivity. (Source: Foundry, 2022.)

      Finances (41.3%) and customers (28.1%) remain the top two focuses for CIOs when measuring IT effectiveness. All other focuses combine for the remaining 30.6%. (Source: Journal of Informational Technology Management, 2018.)

      Info-Tech’s approach

      Organizational goals inform CIO metrics

      Diagram with 'CIO Metrics' at the center surrounded by 'Directive Goals', 'Product/Service Goals', 'IT Goals', and 'Operations Goals', each of which are connected to eachother by 'Customers'.

      		The Info-Tech difference:
      1. Every CIO has the same set of priorities regardless of their organization or industry given that these metrics are influenced by similar goals of organizations.
      2. CIO metrics are a tool to help inform the actions that will support each core area in reaching their desired goals.
      3. Be mindful of the goals different business units are using to reach the organization’s strategic vision – this includes your own IT goals.
      4. Directly or indirectly, you will always influence the ability to acquire and retain customers for the organization.

      CIO priorities

      MANAGING TO A BUDGET
      Reducing operational costs and increasing strategic IT spend.       		Table centerpiece for CIO Priorities. DELIVERING ON BUSINESS OBJECTIVES
      Aligning IT initiatives to the vision of the organization.
      CUSTOMER SATISFACTION
      Directly and indirectly impacting customer experience.       		EMPLOYEE ENGAGEMENT
      Creating an IT workforce of engaged and purpose-driven people.
      RISK MANAGEMENT
      Actively knowing and mitigating threats to the organization.       		BUSINESS LEADERSHIP RELATONS
      Establishing a network of influential business leaders.

      High-level process flow

      How do we use the CIO metrics?
      Process flow that starts at 'Consider - Identify and analyze CIO priorities', and is followed by 'Select priorities - Identify the top priorities for CIOs (see previous slide)', 'Create a measure - Determine a measure that aligns to each priority', 'Make changes & improvements - Take action to improve the measure and reach the goal you are trying to achieve', 'Demonstrate progress - Use the metrics to demonstrate progress against priorities'. Using priority-based metrics allows you to make incremental improvements that can be measured and reported on, which makes program maturation a natural process.

      Example CIO dashboard

      Example CIO dashboard.
      * Arrow indicates month-over-month trend

      Harness the value of metric data

      Metrics are rarely used accurately as a tool
      • When you have good metrics, you can:
        • Ensure employees are focused on the priorities of the organization
        • Have insight to make better decisions
        • Communicate with the business using language that resonates with each stakeholder
        • Increase the performance of your IT function
        • Continually adapt to meet changing business demands
      • Metrics are tools that quantifiably indicate whether a goal is on track to being achieved (proactive) or if the goal was successfully achieved (retroactive)
      • This is often reflected through two metric types:
        • Leading Metrics: The metric indicates if there are actions that should be taken in the process of achieving a desired outcome.
        • Lagging Metrics: Based on the desired outcome, the metric can indicate where there were successes or failures that supported or prevented the outcome from being achieved.
      • Use the data from the metrics to inform your actions. Do not collect this data if your intent is simply to know the data point. You must be willing to act.
      		 "The way to make a metric successful is by understanding why you are measuring it." (Jeff Neyland CIO)

      CIOs measure strategic business metrics

      Keep the IT leadership accountable for operational metrics
      • Leveraging the IT leadership team, empower and hold each leader accountable for the operational metrics specific to their functional area
      • As a CIO, focus on the metrics that are going to impact the business. These are often tied to people or stakeholders:
        • The customers who will purchase the product or service
        • The decision makers who will fund IT initiatives
        • The champions of IT value
        • The IT employees who will be driven to succeed
        • The owner of an IT risk event
      • By focusing on these priority areas, you can regularly monitor aspects that will have major business impacts – and be able to address those impacts.
      		 As a CIO, avoid spending time on operational metrics such as:
      • Time to deliver
      • Time to resolve
      • Project delivery (scope, time, money)
      • Application usage
      • User experiences
      • SLAs
      • Uptime/downtime
      • Resource costs
      • Ticket resolution
      • Number of phishing attempts
      Info-Tech Insight

      While operational metrics are important to your organization, IT leaders should be empowered and responsible for their management.

      SECTION 1

      Actively Managing IT Risks

      Actively manage IT risks

      The impact of IT risks to your organization cannot be ignored any further
      • Few individuals in an organization understand IT risks and can proactively plan for the prevention of those threats, making the CIO the responsible and accountable individual when it comes to IT risks – especially the components that tie into cybersecurity.
      • When the negative impacts of an IT threat event are translated into terms that can be understood and actioned by all in the organization, it increases the likelihood of receiving the sponsorship and funding support necessary.
      • Moreover, risk management can be used as a tool to drive the organization toward its vision state, enabling informed risk decisions.

      Risk management metric:

      Number of critical IT threats that were detected and prevented before impact to the organization.

      Beyond risk prevention
      Organizations that have a clear risk tolerance can use their risk assessments to better inform their decisions.
      Specifically, taking risks that could lead to a high return on investment or other key organizational drivers.

      Protect the organization from more than just cyber threats

      Other risk-related metrics:
      • Percentage of IT risks integrated into the organization’s risk management approach.
      • Number of risk management incidents that were not identified by your organization (and the potential financial impact of those risks).
      • Business satisfaction with IT actions to reduce impact of negative IT risk events.
      • Number of redundant systems removed from the organizations portfolio.
      Action steps to take:
      • Create a risk-aware culture, not just with IT folks. The entire organization needs to understand how IT risks are preventable.
      • Clearly demonstrate the financial and reputational impact of potential IT risks and ensure that this is communicated with decision-makers in the organization.
      • Have a single source of truth to document possible risk events and report prevention tactics to minimize the impact of risks.
      • Use this information to recommend budget changes and help make risk-informed decisions.

      49%

      Investing in Risk

      Heads of IT “cited increasing cybersecurity protections as the top business initiative driving IT investments this year” (Source: Foundry, 2022.)

      SECTION 2

      Delivering on Business Objectives

      Delivering on business objectives

      Deliver on initiatives that bring value to your organization and stop benchmarking
      • CIOs often want to know how they are performing in comparison to their competitors (aka where do you compare in the benchmarking?)
      • While this is a nice to know, it adds zero value in demonstrating that you understand your business, let alone the goals of your business
      • Every organization will have a different set of goals it is striving toward, despite being in the same industry, sector, or market.
      • Measuring your performance against the objectives of the organization prevents CIOs from being more technical than it would do them good.

      Business Objective Alignment Metric:

      Percentage of IT metrics have a direct line of impact to the business goals

      Stop using benchmarks to validate yourself against other organizations. Benchmarking does not provide:
      • Insight into how well that organization performed against their goals.
      • That other organizations goals are likely very different from your own organization's goals.
      • It often aggregates the scores so much; good and bad performers stop being clearly identified.

      Provide a clear line of sight from IT metrics to business goals

      Other business alignment metrics:
      • Number of IT initiatives that have a significant impact on the success of the organization's goals.
      • Number of IT initiatives that exceed the expected value.
      • Positive impact ($) of IT initiatives on driving business innovation.
      Action steps to take:
      • Establish a library or dashboard of all the metrics you are currently measuring as an IT organization, and align each of them to one or more of the business objectives your organization has.
      • Leverage the members of the organization’s executive team to validate they understand how your metric ties to the business objective.
      • Any metric that does not have a clear line of sight should be reconsidered.
      • IT metrics should continue to speak in business terms, not IT terms.

      50%

      CIOs drive the business

      The percentage of CEOs that recognize the CIO as the main driver of the business strategy in the next 2-3 years. (Source: Deloitte, 2020.)

      SECTION 3

      Impact on Customer Satisfaction

      Influencing end-customer satisfaction

      Directly or indirectly, IT influences how satisfied the customer is with their product or service
      • Now more than ever before, IT can positively influence the end-customer’s satisfaction with the product or service they purchase.
      • From operational redundancies to the customer’s interaction with the organization, IT can and should be positively impacting the customer experience.
      • IT leaders who take an interest in the customer demonstrate that they are business-focused individuals and understand the intention of what the organization is seeking to achieve.
      • With the CIO role becoming a strategic one, understanding why a customer would or would not purchase your organization’s product or service stops being a “nice to have.”

      Customer satisfaction metric:

      What is the positive impact ($ or %) of IT initiatives on customer satisfaction?

      Info-Tech Insight

      Be the one to suggest new IT initiatives that will impact the customer experience – stop waiting for other business leaders to make the recommendation.

      Enhance the end-customer experience with I&T

      Other customer satisfaction metrics:
      • Amount of time CIO spends interacting directly with customers.
      • Customer retention rate.
      • Customer attraction rate.
      Action steps to take:
      • Identify the core IT capabilities that support customer experience. Automation? Mobile application? Personal information secured?
      • Suggest an IT-supported or-led initiative that will enhance the customer experience and meet the business goals. Retention? Acquisition? Growth in spend?
      • This is where operational metrics or dashboards can have a real influence on the customer experience. Be mindful of how IT impacts the customer journey.

      41%

      Direct CX interaction

      In 2022, 41% of IT heads were directly interacting with the end customer. (Source: Foundry, 2022.)

      SECTION 4

      Keeping Employees Engaged

      Keeping employees engaged

      This is about more than just an annual engagement survey
      • As a leader, you should always have a finger on the pulse of how engaged your employees are
      • Employee engagement is high when:
        • Employees have a positive disposition to their place of work
        • Employees are committed and willing to contribute to the organization's success
      • Employee engagement comprises three types of drivers: organizational, job, and retention. As CIO, you have a direct impact on all three drivers.
      • Providing employees with a positive work environment where they are empowered to complete activities in line with their desired skillset and tied to a clear purpose can significantly increase employee engagement.

      Employee engagement metric:

      Number of employees who feel empowered to complete purposeful activities related to their job each day

      Engagement leads to increases in:
      • Innovation
      • Productivity
      • Performance
      • Teamwork
      While reducing costs associated with high turnover.

      Employees daily tasks need to have purpose

      Other employee engagement metrics:
      • Tenure of IT employees at the organization.
      • Number of employees who seek out or use a training budget to enhance their knowledge/skills.
      • Degree of autonomy employees feel they have in their work on a daily basis.
      • Number of collaboration tools provided to enable cross-organizational work.
      Action steps to take:
      • If you are not willing to take actionable steps to address engagement, don’t bother asking employees about it.
      • Identify the blockers to empowerment. Common blockers include insufficient team collaboration, bureaucracy, inflexibility, and feeling unsupported and judged.
      • Ensure there is a consistent understanding of what “purposeful” means. Are you talking about “purposeful” to the organization or the individual?
      • Provide more clarity on what the organization’s purpose is and the vision it is driving toward. Just because you understand does not mean the employees do.

      26%

      Act on engagement

      Only 26% of leaders actually think about and act on engagement every single day. (Source: SHRM, 2022.)

      SECTION 5

      Establishing Trusted Business Relationships

      Establishing trusted business partnerships

      Leverage your relationships with other C-suite executives to demonstrate IT’s value
      • Your relationship with other business peers is critical – and, funny enough, it is impacted by the use of good metrics and data.
      • The performance of your IT team will be recognized by other members of the executive leadership team (ELT) and is a direct reflection of you as a leader.
      • A good relationship with the ELT can alleviate issues if concerns about IT staff surface.
        • Of the 85% of IT leaders working on transformational initiatives, only 30% are trying to cultivate an IT/business partnership (Foundry, 2022).
      • Don’t let other members of the organizations ELT overlook you or the value IT has. Build the key relationships that will drive trust and partnerships.

      Business leadership relationship metric:

      Ability to influence business decisions with trusted partners.

      Some key relationships that are worth forming with other C-suite executives right now include:
      • Chief Sustainability Officer
      • Chief Revenue Officer
      • Chief Marketing Officer
      • Chief Data Officer

      Influence business decisions with trusted partners

      Other business relations metrics:
      • The frequency with which peers on the ELT complain about the IT organization to other ELT peers.
      • Percentage of business leaders who trust IT to make the right choices for their accountable areas.
      • Number of projects that are initiated with a desired solution versus problems with no desired solution.
      Action steps to take:
      • From lunch to the boardroom, it is important you make an effort to cultivate relationships with the other members of the ELT.
      • Identify who the most influential members of the ELT are and what their primary goals or objectives are.
      • Follow through on what you promise you will deliver – if you do not know, do not promise it!
      • What will work for one member of the ELT will not work for another – personalize your approach.

      60%

      Enterprise-wide collaboration

      “By 2023, 60% of CIOs will be primarily measured for their ability to co-create new business models and outcomes through extensive enterprise and ecosystem-wide collaboration.” (Source: IDC, 2021.)

      SECTION 6

      Managing to a Budget

      Managing to a budget

      Every CIO needs to be able to spend within budget while increasing their strategic impact
      • From security, to cloud, to innovating the organization's products and services, IT has a lot of initiatives that demand funds and improve the organization.
      • Continuing to demonstrate good use of the budget and driving value for the organization will ensure ongoing recognition in the form of increased money.
      • 29% of CIOs indicated that controlling costs and expense management was a key duty of a functional CIO (Foundry, 2022).
      • Demonstrating the ability to spend within a defined budget is a key way to ensure the business trusts you.
      • Demonstrating an ability to spend within a defined budget and reducing the cost of operational expenses while increasing spend on strategic initiatives ensures the business sees the value in IT.

      Budget management metric:

      Proportion of IT budget that is strategic versus operational.

      Info-Tech Insight

      CIOs need to see their IT function as its own business – budget and spend like a CEO.

      Demonstrate IT’s ability to spend strategically

      Other budget management metrics:
      • Cost required to lead the organization through a digital transformation.
      • Reduction in operational spend due to retiring legacy solutions.
      • Percentage of budget in the run, grow, and transform categories.
      • Amount of money spent keeping the lights on versus investing in new capabilities.

      Action steps to take:

      • Consider opportunities to automate processes and reduce the time/talent required to spend.
      • Identify opportunities and create the time for resources to modernize or even digitize the organization to enable a better delivery of the products or services to the end customer.
      • Review the previous metrics and tie it back to running the business. If customer satisfaction will increase or risk-related threats decrease through an initiative IT is suggesting, you can make the case for increased strategic spend.

      90%

      Direct CX interaction

      Ninety percent of CIOs expect their budget to increase or remain the same in their next fiscal year. (Source: Foundry, 2022.)

      Research contributors and experts

      Photo of Jeff Neyland. Jeff Neyland
      Chief Information Officer – University of Texas at Arlington       		Photo of Brett Trelfa. Brett Trelfa
      SVP and CIO – Arkansas Blue Cross Blue Shield       		Blank photo template. Lynn Fyhrlund
      Chief Information Officer – Milwaukee County Department of Administrative Services

      Info-Tech Research Group

      Vicki Van Alphen Executive Counselor Ibrahim Abdel-Kader Research Analyst
      Mary Van Leer Executive Counselor Graham Price Executive Counselor
      Jack Hakimian Vice President Research Valence Howden Principal Research Director
      Mike Tweedie CIO Practice Lead Tony Denford Organization Transformation Practice Lead

      Related Info-Tech Research

      Sample of the 'IT Metrics Library'. IT Metrics Library
      • Use this tool to review commonly used KPIs for each practice area
      • Identify KPI owners, data sources, baselines, and targets. It also suggests action and research for low-performing KPIs.
      • Use the "Action Plan" tab to keep track of progress on actions that were identified as part of your KPI review.
      Sample of 'Define Service Desk Metrics That Matter'. Define Service Desk Metrics That Matter
      • Consolidate your metrics and assign context and actions to those currently tracked.
      • Establish tension metrics to see and tell the whole story.
      • Split your metrics for each stakeholder group. Assign proper cadences for measurements as a first step to building an effective dashboard.
      Sample of 'CIO Priorities 2022'. CIO Priorities 2022
      • Understand how to respond to trends affecting your organization.
      • Determine your priorities based on current state and relevant internal factors.
      • Assign the right resources to accomplish your vision.
      • Consider what new challenges outside of your control will demand a response.

      Bibliography

      “Developing and Sustaining Employee Engagement.” SHRM, 2022.

      Dopson, Elise. “KPIs Vs. Metrics: What’s the Difference & How Do You Measure Both?” Databox, 23 Jun. 2021.

      Shirer, Michael, and Sarah Murray. “IDC Unveils Worldwide CIO Agenda 2022 Predictions.” IDC, 27 Oct. 2021.

      Suer, Myles. “The Most Important Metrics to Drive IT as a Business.” CIO, 19 Mar. 2019.

      “The new CIO: Business Savvy.” Deloitte Insights. Deloitte, 2020.

      “2022 State of the CIO: Rebalancing Act: CIO’s Operational Pandemic-Era Innovation.” Foundry, 2022.

      “Why Employee Engagement Matters for Leadership at all Levels.” Walden University, 20 Dec. 2019.

      Zhang, Xihui, et al. “How to Measure IT Effectiveness: The CIO’s Perspective.” Journal of Informational Technology Management, 29(4). 2018.

      Get really good at resilience

      • member rating overall impact: N/A
      • member rating average dollars saved: N/A
      • member rating average days saved: N/A

      Why be resilient?

      Well, your clients demand it. And it makes business sense; it is much cheaper to retain a client than to acquire new ones. By all means, always expand your client base; just don't make it a zero-sum game by losing clients because you cannot provide decent service. 

      Although the term has existed since the 17th century, it has only received legal attention since 2020. Now, several years later, the EU and the US require companies to prove their resilience.

      To understand what resilience is, please read our article on resilience

      What does it take to become really good at IT resilience?

      IT resilience is a mindset, a collection of techniques, and people management focused on providing consistent service to clients, all rolled into one discipline. While we discuss IT resilience, it takes more than IT staff or IT processes to become a truly resilient business.

      Here are 10 themes relevant to the (IT) resilient organization:

      Transparent culture

      A transparent company culture empowers its people to act confidently, respond swiftly to challenges, and continuously learn and improve. This builds a strong foundation for resilience, enabling the organization to navigate disruption or adversity much more easily.

      At its core, transparency is about open communication, sharing information, and fostering a culture of honesty and trust. These traits directly influence the various aspects of resilience.

      Client service focus

      A client service focus isn't just about customer satisfaction; it's an integral part of a company's resilience strategy. Service stability and continuous value delivery are the elements that retain existing clients and attract new ones through reputation.  System outages, slowdowns, and errors lead to client frustration and erode confidence. In other words, client service focuses on making sure you are available. Once you have that, then you can look at enhancing and expanding services and products. 

      Resilient systems and processes often also include tools and capabilities for proactive communication with clients. This can include automated notifications during system maintenance or updates, providing transparency and minimizing inconvenience. A proactive approach to communication creates a sense of partnership, and it demonstrates that you value your clients' time and business.

      Adaptability

      Adaptable systems and processes give you the flexibility for rapid incident response and easy workarounds, bringing your service back to the level it is supposed to be at.

      In the bigger picture, when you design your systems for flexibility and modification, you can rapidly adjust to new market conditions, evolving customer demands, and technological advancements. This agility allows you to pivot swiftly, seizing opportunities while mitigating risks.

      In the same vein, adaptable processes, fostered by a culture of continuous improvement and open communication, empower teams to innovate and refine workflows in response to challenges. This constant evolution ensures the company remains competitive and aligned with its ever-changing environment.

      Robust change management

      When you establish standardized procedures for planning, testing, and implementing changes, IT change management ensures that every modification, no matter how seemingly small, is carefully considered and assessed for its impact on the broader IT ecosystem. This structured approach significantly reduces the risk of unexpected side effects, unforeseen conflicts, and costly downtime, protecting the company's operations and its reputation.

      It does not have to be a burdensome bureaucratic process. Modern processes and tools take the sting out of these controls. Many actions within change management can be automated without losing oversight by both the IT custodians and the business process owners.

      Redundancy and fault tolerance

      By having duplicates of essential components or systems in place, you ensure that even if one part fails, another is ready to take over. This helps you minimize the impact of unexpected events like hardware issues, software glitches, or other unforeseen problems. This might mean replicating critical policy data across multiple servers or data centers in different locations.

      Fault tolerance is all about your systems and processes being able to keep working even when facing challenges. By designing your software and systems architecture with fault tolerance in mind, you are sure it can gracefully handle errors and failures, preventing those small problems from causing bigger issues, outages, and unhappy clients.

      Security

      Clients entrust you with valuable information. Demonstrating a commitment to data security through resilient systems builds trust and provides reassurance that their data is safeguarded against breaches and unauthorized access.

      Monitoring and alerting

      Trusting that all working is good. making sure is better.  When you observe your systems and receive timely notifications when something seems off, you'll be able to address issues before they snowball into real problems. 

      In any industry, monitoring helps you keep an eye on crucial performance metrics, resource usage, and system health. You'll get insights into how your systems behave, allowing you to identify bottlenecks or potential points of failure before they cause serious problems. And with a well-tuned alerting system, you'll get those critical notifications when something requires immediate attention. This gives you the chance to respond quickly, minimize downtime, and keep things running smoothly for your customers.

      Monitoring is also all about business metrics. Keep your service chains running smoothly and understand the ebb and flow of when clients access your services. Then update and enhance in line with what you see happening. 

      Incident response processes

      Well-thought-out plans and processes are key. Work with your incident managers, developers, suppliers, business staff and product owners and build an embedded method for reacting to incidents. 

      The key is to limit the time of the service interruption. Not everything needs to be handled immediately, so your plan must be clear on how to react to important vs lower-priority incidents. Making the plan and process well-known in the company helps everybody and keeps the calm.

      Embedded business continuity

      Business continuity planning anticipates and prepares for various scenarios, allowing your company to adapt and maintain essential functions even in the face of unexpected disruptions.

      When you proactively address these non-IT aspects of recovery, you build resilience that goes beyond simply restoring technology. It enables you to maintain customer relationships, meet contractual obligations, and safeguard your reputation, even in the face of significant challenges.

      Business continuity is not about prevention; it is about knowing what to do when bad things happen that may threaten your company in a more existential way or when you face issues like a power outage in your building, a pandemic, major road works rendering your business unreachable and such events.

      Effective disaster recovery  

      Disaster recovery is your lifeline when the worst happens. Whether it's a major cyberattack, a natural disaster, or a catastrophic hardware failure, a solid disaster recovery plan ensures your business doesn't sink. It's your strategy to get those critical systems back online and your data restored as quickly as possible.

      Think of it this way: disaster recovery, just like business continuity, isn't about preventing bad things from happening; it's about being prepared to bounce back when they do. It's like having a spare tire in your car, you hope you never need it, but if you get a flat, you're not stranded. With a well-tested disaster recovery plan, you can minimize downtime, reduce data loss, and keep your operations running even in the face of the unexpected. That translates to happier customers, protected revenue, and a reputation for reliability even amidst chaos.

       

      Resilience is the result of a well-conducted orchestra. Many disciplines come together to help you service your clients in a consistent way.

      The operational lifeline of your company and the reason it exists in the first place is to provide your clients with what they need, when they need it, and be able to command a good price for it. And that will keep your shareholders happy as well.

      Ransomware Cyber Attack. The real Disaster Recovery Scenario

      cybercrime pay ransomware

      Cyber-ransomware criminals need to make sure that you cannot simply recover your encrypted data via your backups. They must make it look like paying is your only option. And if you do not have a strategy that takes this into account, unfortunately, you may be up the creek without a paddle. because how do they make their case? Bylooking for ways to infect your backups, way before you find out you have been compromised. 

      That means your standard disaster recovery scenarios provide insufficient protection against this type of event. You need to think beyond DRP and give consideration to what John Beattie and Michael Shandrowski call "Cyber Incident Recovery Risk management" (CIR-RM).  

      incident, incident management, cybersecurity, cyber, disaster recovery, drp, business continuity, bcm, recovery

      Register to read more …

      Optimize IT Change Management

      • Buy Link or Shortcode: {j2store}409|cart{/j2store}
      • member rating overall impact: 9.5/10 Overall Impact
      • member rating average dollars saved: $33,585 Average $ Saved
      • member rating average days saved: 27 Average Days Saved
      • Parent Category Name: Operations Management
      • Parent Category Link: /i-and-o-process-management
      • Infrastructure managers and change managers need to re-evaluate their change management processes due to slow change turnaround time, too many unauthorized changes, too many incidents and outages because of poorly managed changes, or difficulty evaluating and prioritizing changes.
      • IT system owners often resist change management because they see it as slow and bureaucratic.
      • Infrastructure changes are often seen as different from application changes, and two (or more) processes may exist.

      Our Advice

      Critical Insight

      • ITIL provides a usable framework for change management, but full process rigor is not appropriate for every change request.
      • You need to design a process that is flexible enough to meet the demand for change, and strict enough to protect the live environment from change-related incidents.
      • A mature change management process will minimize review and approval activity. Counterintuitively, with experience in implementing changes, risk levels decline to a point where most changes are “pre-approved.”

      Impact and Result

      • Create a unified change management process that reduces risk. The process should be balanced in its approach toward deploying changes while also maintaining throughput of innovation and enhancements.
      • Categorize changes based on an industry-standard risk model with objective measures of impact and likelihood.
      • Establish and empower a change manager and change advisory board with the authority to manage, approve, and prioritize changes.
      • Integrate a configuration management database with the change management process to identify dependencies.

      Optimize IT Change Management Research & Tools

      Start here – read the Executive Brief

      Read our concise Executive Brief to find out why you should optimize change management, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      • Optimize IT Change Management – Phases 1-4

      1. Define change management

      Assess the maturity of your existing change management practice and define the scope of change management for your organization.

      • Change Management Maturity Assessment Tool
      • Change Management Risk Assessment Tool

      2. Establish roles and workflows

      Build your change management team and standardized process workflows for each change type.

      • Change Manager
      • Change Management Process Library – Visio
      • Change Management Process Library – PDF
      • Change Management Standard Operating Procedure

      3. Define the RFC and post-implementation activities

      Bookend your change management practice by standardizing change intake, implementation, and post-implementation activities.

      • Request for Change Form Template
      • Change Management Pre-Implementation Checklist
      • Change Management Post-Implementation Checklist

      4. Measure, manage, and maintain

      Form an implementation plan for the project, including a metrics evaluation, change calendar inputs, communications plan, and roadmap.

      • Change Management Metrics Tool
      • Change Management Communications Plan
      • Change Management Roadmap Tool
      • Optimize IT Change Management Improvement Initiative: Project Summary Template

      [infographic]

      Workshop: Optimize IT Change Management

      Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

      1 Define Change Management

      The Purpose

      Discuss the existing challenges and maturity of your change management practice.

      Build definitions of change categories and the scope of change management.

      Key Benefits Achieved

      Understand the starting point and scope of change management.

      Understand the context of change request versus other requests such as service requests, projects, and operational tasks.

      Activities

      1.1 Outline strengths and challenges

      1.2 Conduct a maturity assessment

      1.3 Build a categorization scheme

      1.4 Build a risk assessment matrix

      Outputs

      Change Management Maturity Assessment Tool

      Change Management Risk Assessment Tool

      2 Establish Roles and Workflows

      The Purpose

      Define roles and responsibilities for the change management team.

      Develop a standardized change management practice for approved changes, including process workflows.

      Key Benefits Achieved

      Built the team to support your new change management practice.

      Develop a formalized and right-sized change management practice for each change category. This will ensure all changes follow the correct process and core activities to confirm changes are completed successfully.

      Activities

      2.1 Define the change manager role

      2.2 Outline the membership and protocol for the Change Advisory Board (CAB)

      2.3 Build workflows for normal, emergency, and pre-approved changes

      Outputs

      Change Manager Job Description

      Change Management Standard Operating Procedure (SOP)

      Change Management Process Library

      3 Define the RFC and Post-Implementation Activities

      The Purpose

      Create a new change intake process, including a new request for change (RFC) form.

      Develop post-implementation review activities to be completed for every IT change.

      Key Benefits Achieved

      Bookend your change management practice by standardizing change intake, implementation, and post-implementation activities.

      Activities

      3.1 Define the RFC template

      3.2 Determine post-implementation activities

      3.3 Build your change calendar protocol

      Outputs

      Request for Change Form Template

      Change Management Post-Implementation Checklist

      Project Summary Template

      4 Measure, Manage, and Maintain

      The Purpose

      Develop a plan and project roadmap for reaching your target for your change management program maturity.

      Develop a communications plan to ensure the successful adoption of the new program.

      Key Benefits Achieved

      A plan and project roadmap for reaching target change management program maturity.

      A communications plan ready for implementation.

      Activities

      4.1 Identify metrics and reports

      4.2 Build a communications plan

      4.3 Build your implementation roadmap

      Outputs

      Change Management Metrics Tool

      Change Management Communications Plan

      Change Management Roadmap Tool

      Further reading

      Optimize IT Change Management

      Right-size IT change management practice to protect the live environment.

      EXECUTIVE BRIEF

      Analyst Perspective

      Balance risk and efficiency to optimize IT change management.

      Change management (change enablement, change control) is a balance of efficiency and risk. That is, pushing changes out in a timely manner while minimizing the risk of deployment. On the one hand, organizations can attempt to avoid all risk and drown the process in rubber stamps, red tape, and bureaucracy. On the other hand, organizations can ignore process and push out changes as quickly as possible, which will likely lead to change related incidents and debilitating outages.

      Right-sizing the process does not mean adopting every recommendation from best-practice frameworks. It means balancing the efficiency of change request fulfillment with minimizing risk to your organization. Furthermore, creating a process that encourages adherence is key to avoid change implementers from skirting your process altogether.

      Benedict Chang, Research Analyst, Infrastructure and Operations, Info-Tech Research Group

      Executive Summary

      Your Challenge

      Infrastructure and application change occurs constantly and is driven by changing business needs, requests for new functionality, operational releases and patches, and resolution of incidents or problems detected by the service desk.

      IT managers need to follow a standard change management process to ensure that rogue changes are never deployed while the organization remains responsive to demand.

      Common Obstacles

      IT system owners often resist change management because they see it as slow and bureaucratic.

      At the same time, an increasingly interlinked technical environment may cause issues to appear in unexpected places. Configuration management systems are often not kept up-to-date and do not catch the potential linkages.

      Infrastructure changes are often seen as “different” from application changes and two (or more) processes may exist.

      Info-Tech’s Approach

      Info-Tech’s approach will help you:

      • Create a unified change management practice that balances risk and throughput of innovation.
      • Categorize changes based on an industry-standard risk model with objective measures of impact and likelihood.
      • Establish and empower a Change Manager and Change Advisory Board (CAB) with the authority to manage, approve, and prioritize changes.

      Balance Risk and Efficiency to Optimize IT Change Management

      Two goals of change management are to protect the live environment and deploying changes in a timely manner. These two may seem to sometimes be at odds against each other, but assessing risk at multiple points of a change’s lifecycle can help you achieve both.

      Your challenge

      This research is designed to help organizations who need to:

      • Build a right-sized change management practice that encourages adherence and balances efficiency and risk.
      • Integrate the change management practice with project management, service desk processes, configuration management, and other areas of IT and the business.
      • Communicate the benefits and impact of change management to all the stakeholders affected by the process.

      Change management is heavily reliant on organizational culture

      Having a right-sized process is not enough. You need to build and communicate the process to gather adherence. The process is useless if stakeholders are not aware of it or do not follow it.

      Increase the Effectiveness of Change Management in Your Organization

      The image is a bar graph, with the segments labelled 1 and 2. The y-axis lists numbers 1-10. Segment 1 is at 6.2, and segment 2 is at 8.6.

      Of the eight infrastructure & operations processes measured in Info-Tech’s IT Management and Governance Diagnostic (MGD) program, change management has the second largest gap between importance and effectiveness of these processes.

      Source: Info-Tech 2020; n=5,108 IT professionals from 620 organizations

      Common obstacles

      These barriers make this challenge difficult to address for many organizations:

      • Gaining buy-in can be a challenge no matter how well the process is built.
      • The complexity of the IT environment and culture of tacit knowledge for configuration makes it difficult to assess cross-dependencies of changes.
      • Each silo or department may have their own change management workflows that they follow internally. This can make it difficult to create a unified process that works well for everyone.

      “Why should I fill out an RFC when it only takes five minutes to push through my change?”

      “We’ve been doing this for years. Why do we need more bureaucracy?”

      “We don’t need change management if we’re Agile.”

      “We don’t have the right tools to even start change management.”

      “Why do I have to attend a CAB meeting when I don’t care what other departments are doing?”

      Info-Tech’s approach

      Build change management by implementing assessments and stage gates around appropriate levels of the change lifecycle.

      The image is a circle, comprised of arrows, with each arrow pointing to the next, forming a cycle. Each arrow is labelled, as follows: Improve; Request; Assess; Plan; Approve; Implement

      The Info-Tech difference:

      1. Create a unified change management process that balances risk and throughput of innovation.
      2. Categorize changes based on an industry-standard risk model with objective measures of impact and likelihood.
      3. Establish and empower a Change Manager and Change Advisory Board (CAB) with the authority to manage, approve, and prioritize changes.

      IT change is constant and is driven by:

      Change Management:

      1. Operations - Operational releases, maintenance, vendor-driven updates, and security updates can all be key drivers of change. Example: ITSM version update
        • Major Release
        • Maintenance Release
        • Security Patch
      2. Business - Business-driven changes may include requests from other business departments that require IT’s support. Examples: New ERP or HRIS implementation
        • New Application
        • New Version
      3. Service desk → Incident & Problem - Some incident and problem tickets require a change to facilitate resolution of the incident. Examples: Outage necessitating update of an app (emergency change), a user request for new functionality to be added to an existing app
        • Workaround
        • Fix
      4. Configuration Management Database (CMDB) ↔ Asset Management - In addition to software and hardware asset dependencies, a configuration management database (CMDB) is used to keep a record of changes and is queried to assess change requests.
        • Hardware
        • Software

      Insight summary

      “The scope of change management is defined by each organization…the purpose of change management is to maximize the number of successful service and product changes by ensuring that the risk have been properly assessed, authorizing changes to process, and managing the change schedule.” – ALEXOS Limited, ITIL 4

      Build a unified change management process balancing risk and change throughput.

      Building a unified process that oversees all changes to the technical environment doesn’t have to be burdensome to be effective. However, the process is a necessary starting point to identifying cross dependencies and avoiding change collisions and change-related incidents.

      Use an objective framework for estimating risk

      Simply asking, “What is the risk?” will result in subjective responses that will likely minimize the perceived risk. The level of due diligence should align to the criticality of the systems or departments potentially impacted by the proposed changes.

      Integrate your change process with your IT service management system

      Change management in isolation will provide some stability, but maturing the process through service integrations will enable data-driven decisions, decrease bureaucracy, and enable faster and more stable throughput.

      Change management and DevOps can work together effectively

      Change and DevOps tend to be at odds, but the framework does not have to change. Lower risk changes in DevOps are prime candidates for the pre-approved category. Much of the responsibility traditionally assigned to the CAB can be diffused throughout the software development lifecycle.

      Change management and DevOps can coexist

      Shift the responsibility and rigor to earlier in the process.

      • If you are implementing change management in a DevOps environment, ensure you have a strong DevOps lifecycle. You may wish to refer to Info-Tech’s research Implementing DevOps Practices That Work.
      • Consider starting in this blueprint by visiting Appendix II to frame your approach to change management. Follow the blueprint while paying attention to the DevOps Callouts.

      DEVOPS CALLOUTS

      Look for these DevOps callouts throughout this storyboard to guide you along the implementation.

      The image is a horizontal figure eight, with 7 arrows, each pointing into the next. They are labelled are follows: Plan; Create; Verify; Package; Release; Configure; Monitor. At the centre of the circles are the words Dev and Ops.

      Successful change management will provide benefits to both the business and IT

      Respond to business requests faster while reducing the number of change-related disruptions.

      IT Benefits

      • Fewer change-related incidents and outages
      • Faster change turnaround time
      • Higher rate of change success
      • Less change rework
      • Fewer service desk calls related to poorly communicated changes

      Business Benefits

      • Fewer service disruptions
      • Faster response to requests for new and enhanced functionalities
      • Higher rate of benefits realization when changes are implemented
      • Lower cost per change
      • Fewer “surprise” changes disrupting productivity

      IT satisfaction with change management will drive business satisfaction with IT. Once the process is working efficiently, staff will be more motivated to adhere to the process, reducing the number of unauthorized changes. As fewer changes bypass proper evaluation and testing, service disruptions will decrease and business satisfaction will increase.

      Change management improves core benefits to the business: the four Cs

      Most organizations have at least some form of change control in place, but formalizing change management leads to the four Cs of business benefits:

      Control

      Change management brings daily control over the IT environment, allowing you to review every relatively new change, eliminate changes that would have likely failed, and review all changes to improve the IT environment.

      Collaboration

      Change management planning brings increased communication and collaboration across groups by coordinating changes with business activities. The CAB brings a more formalized and centralized communication method for IT.

      Consistency

      Request for change templates and a structured process result in implementation, test, and backout plans being more consistent. Implementing processes for pre-approved changes also ensures these frequent changes are executed consistently and efficiently.

      Confidence

      Change management processes will give your organization more confidence through more accurate planning, improved execution of changes, less failure, and more control over the IT environment. This also leads to greater protection against audits.

      You likely need to improve change management more than any other infrastructure & operations process

      The image shows a vertical bar graph. Each segment of the graph is labelled for an infrastructure/operations process. Each segment has two bars one for effectiveness, and another for importance. The first segment, Change Management, is highlighted, with its Effectiveness at a 6.2 and Importance at 8.6

      Source: Info-Tech 2020; n=5,108 IT Professionals from 620 organizations

      Of the eight infrastructure and operations processes measured in Info-Tech’s IT Management and Governance Diagnostic (MGD) program, change management consistently has the second largest gap between importance and effectiveness of these processes.

      Executives and directors recognize the importance of change management but feel theirs is currently ineffective

      Info-Tech’s IT Management and Governance Diagnostic (MGD) program assesses the importance and effectiveness of core IT processes. Since its inception, the MGD has consistently identified change management as an area for immediate improvement.

      The image is a vertical bar graph, with four segments, each having 2 bars, one for Effectiveness and the other for Importance. The four segments are (with Effectiveness and Importance ratings in brackets, respectively): Frontline (6.5/8.6); Manager (6.6/8.9); Director (6.4/8.8); and Executive (6.1/8.8)

      Source: Info-Tech 2020; n=5,108 IT Professionals from 620 organizations

      Importance Scores

      No importance: 1.0-6.9

      Limited importance: 7.0-7.9

      Significant importance: 8.0-8.9

      Critical importance: 9.0-10.0

      Effectiveness Scores

      Not in place: n/a

      Not effective: 0.0-4.9

      Somewhat Ineffective: 5.0-5.9

      Somewhat effective: 6.0-6.9

      Very effective: 7.0-10.0

      There are several common misconceptions about change management

      Which of these have you heard in your organization?

       Reality
      “It’s just a small change; this will only take five minutes to do.” Even a small change can cause a business outage. That small fix could impact a large system connected to the one being fixed.
      “Ad hoc is faster; too many processes slow things down.” Ad hoc might be faster in some cases, but it carries far greater risk. Following defined processes keeps systems stable and risk-averse.
      “Change management is all about speed.” Change management is about managing risk. It gives the illusion of speed by reducing downtime and unplanned work.
      “Change management will limit our capacity to change.” Change management allows for a better alignment of process (release management) with governance (change management).

      Overcome perceived challenges to implementing change management to reap measurable reward

      Before: Informal Change Management

      Change Approval:

      • Changes do not pass through a formal review process before implementation.
      • 10% of released changes are approved.
      • Implementation challenge: Staff will resist having to submit formal change requests and assessments, frustrated at the prospect of having to wait longer to have changes approved.

      Change Prioritization

      • Changes are not prioritized according to urgency, risk, and impact.
      • 60% of changes are urgent.
      • Implementation challenge: Influential stakeholders accustomed to having changes approved and deployed might resist having to submit changes to a standard cost-benefit analysis.

      Change Deployment

      • Changes often negatively impact user productivity.
      • 25% of changes are realized as planned.
      • Implementation challenge: Engaging the business so that formal change freeze periods and regular maintenance windows can be established.

      After: Right-Sized Change Management

      Change Approval

      • All changes pass through a formal review process. Once a change is repeatable and well-tested, it can be pre-approved to save time. Almost no unauthorized changes are deployed.
      • 95% of changes are approved.
      • KPI: Decrease in change-related incidents

      Change Prioritization

      • The CAB prioritizes changes so that the business is satisfied with the speed of change deployment.
      • 35% of changes are urgent.
      • KPI: Decrease in change turnaround time.

      Change deployment

      • Users are always aware of impending changes and changes don’t interrupt critical business activities.
      • Over 80% of changes are realized as planned
      • KPI: Decrease in the number of failed deployments.

      Info-Tech’s methodology for change management optimization focuses on building standardized processes

       1. Define Change Management2. Establish Roles and Workflows3. Define the RFC and Post-Implementation Activities4. Measure, Manage, and Maintain
      Phase Steps

      1.1 Assess Maturity

      1.2 Categorize Changes and Build Your Risk Assessment

      2.1 Determine Roles and Responsibilities

      2.2 Build Core Workflows

      3.1 Design the RFC

      3.2 Establish Post-Implementation Activities

      4.1 Identify Metrics and Build the Change Calendar

      4.2 Implement the Project
        Change Management Standard Operating Procedure (SOP) Change Management Project Summary Template
      Phase Deliverables
      • Change Management Maturity Assessment Tool
      • Change Management Risk Assessment Tool
      • Change Manager Job Description
      • Change Management Process Library
      • Request for Change (RFC) Form Template
      • Change Management Pre-Implementation Checklist
      • Change Management Post-Implementation Checklist
      • Change Management Metrics Tool
      • Change Management
      • Communications Plan
      • Change Management Roadmap Tool

      Blueprint deliverables

      Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

      Change Management Process Library

      Document your normal, pre-approved, and emergency change lifecycles with the core process workflows .

      Change Management Risk Assessment Tool

      Test Drive your impact and likelihood assessment questionnaires with the Change Management Risk Assessment Tool.

      Project Summary Template

      Summarize your efforts in the Optimize IT Change Management Improvement Initiative: Project Summary Template.

      Change Management Roadmap Tool

      Record your action items and roadmap your steps to a mature change management process.

      Key Deliverable:

      Change Management SOP

      Document and formalize your process starting with the change management standard operating procedure (SOP).

      These case studies illustrate the value of various phases of this project

      Define Change Management

      Establish Roles and Workflows

      Define RFC and Post-Implementation Activities

      Measure, Manage, and Maintain

      A major technology company implemented change management to improve productivity by 40%. This case study illustrates the full scope of the project.

      A large technology firm experienced a critical outage due to poor change management practices. This case study illustrates the scope of change management definition and strategy.

      Ignorance of change management process led to a technology giant experiencing a critical cloud outage. This case study illustrates the scope of the process phase.

      A manufacturing company created a makeshift CMDB in the absence of a CMDB to implement change management. This case study illustrates the scope of change intake.

      A financial institution tracked and recorded metrics to aid in the success of their change management program. This case study illustrates the scope of the implementation phase.

      Working through this project with Info-Tech can save you time and money

      Engaging in a Guided Implementation doesn’t just offer valuable project advice, it also results in significant cost savings.

      Guided ImplementationMeasured Vale
      Phase 1: Define Change Management
      • We estimate Phase 1 activities will take 2 FTEs 10 days to complete on their own, but the time saved by using Info-Tech’s methodology will cut that time in half, thereby saving $3,100 (2 FTEs * 5 days * $80,000/year).

      Phase 2: Establish Roles and Workflows
      • We estimate Phase 2 will take 2 FTEs 10 days to complete on their own, but the time saved by using Info-Tech’s methodology will cut that time in half, thereby saving $3,100 (2 FTEs * 5 days * $80,000/year).
      Phase 3: Define the RFC and Post-Implementation Activities
      • We estimate Phase 3 will take 2 FTEs 10 days to complete on their own, but the time saved by using Info-Tech’s methodology will cut that time in half, thereby saving $3,100 (2 FTEs * 5 days * $80,000/year).

      Phase 4: Measure, Manage, and Maintain
      • We estimate Phase 4 will take 2 FTEs 5 days to complete on their own, but the time saved by using Info-Tech’s methodology will cut that time in half, thereby saving $1,500 (2 FTEs * 2.5 days * $80,000/year).
      Total Savings $10,800

      Case Study

      Industry: Technology

      Source: Daniel Grove, Intel

      Intel implemented a robust change management program and experienced a 40% improvement in change efficiency.

      Founded in 1968, the world’s largest microchip and semiconductor company employs over 100,000 people. Intel manufactures processors for major players in the PC market including Apple, Lenovo, HP, and Dell.

      ITIL Change Management Implementation

      With close to 4,000 changes occurring each week, managing Intel’s environment is a formidable task. Before implementing change management within the organization, over 35% of all unscheduled downtime was due to errors resulting from change and release management. Processes were ad hoc or scattered across the organization and no standards were in place.

      Results

      After a robust implementation of change management, Intel experienced a number of improvements including automated approvals, the implementation of a formal change calendar, and an automated RFC form. As a result, Intel improved change productivity by 40% within the first year of the program’s implementation.

      Define Change Management

      Establish Roles and Workflows

      Define RFC and Post-Implementation Activities

      Measure, Manage, and Maintain

      Info-Tech offers various levels of support to best suit your needs

      DIY Toolkit

      "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

      Guided Implementation

      "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

      Workshop

      "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

      Consulting

      "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

      Diagnostics and consistent frameworks are used throughout all four options.

      Guided Implementation

      What does a typical GI on this topic look like?

      A Guided Implementation (GI) is series of calls with an Info-Tech analyst to help implement our best practices in your organization.

      A typical GI is between 8 to 12 calls over the course of 4 to 6 months.

      Define Change Management

      • Call #1: Introduce change concepts.
      • Call #2: Assess current maturity.
      • Call #3: Identify target-state capabilities.

      Establish Roles and Workflows

      • Call #4: Review roles and responsibilities.
      • Call #5: Review core change processes.

      Define RFC and Post- Implementation Activities

      • Call #6: Define change intake process.
      • Call #7: Create pre-implementation and post-implementation checklists.

      Measure, Manage, and Maintain

      • Call #8: Review metrics.
      • Call #9: Create roadmap.

      Workshop Overview

      Contact your account representative for more information.
      workshops@infotech.com 1-888-670-8889

       Day 1Day 2Day 3Day 4Day 5
      Activities

      Define Change Management

      1.1 Outline Strengths and Challenges

      1.2 Conduct a Maturity Assessment

      1.3 Build a Change Categorization Scheme

      1.4 Build Your Risk Assessment

      Establish Roles and Workflows

      2.1 Define the Change Manager Role

      2.2 Outline CAB Protocol and membership

      2.3 Build Normal Change Process

      2.4 Build Emergency Change Process

      2.5 Build Pre-Approved Change Process

      Define the RFC and Post-Implementation Activities

      3.1 Create an RFC Template

      3.2 Determine Post-Implementation Activities

      3.3 Build a Change Calendar Protocol

      Measure, Manage, and Maintain

      4.1 Identify Metrics and Reports

      4.2 Create Communications Plan

      4.3 Build an Implementation Roadmap

      Next Steps and Wrap-Up (offsite)

      5.1 Complete in-progress deliverables from previous four days

      5.2 Set up review time for workshop deliverables and to discuss next steps
      Deliverables
      1. Maturity Assessment
      2. Risk Assessment
      1. Change Manager Job Description
      2. Change Management Process Library
      1. Request for Change (RFC) Form Template
      2. Pre-Implementation Checklist
      3. Post-Implementation Checklist
      1. Metrics Tool
      2. Communications Plan
      3. Project Roadmap
      1. Change Management Standard Operating Procedure (SOP)
      2. Workshop Summary Deck

      Phase 1

      Define Change Management

      Define Change Management

      1.1 Assess Maturity

      1.2 Categorize Changes and Build Your Risk Assessment

      Establish Roles and Workflows

      2.1 Determine Roles and Responsibilities

      2.2 Build Core Workflows

      Define the RFC and Post-Implementation Activities

      3.1 Design the RFC

      3.2 Establish Post-Implementation Activities

      Measure, Manage, and Maintain

      4.1 Identify Metrics and Build the Change Calendar

      4.2 Implement the Project

      This phase will guide you through the following steps:

      • Assess Maturity
      • Categorize Changes and Build Your Risk Assessment

      This phase involves the following participants:

      • CIO
      • IT Managers
      • Change Manager
      • Members of the Change Advisory Board

      Step 1.1

      Assess Maturity

      Activities

      1.1.1 Outline the Organization’s Strengths and Challenges

      1.1.2 Complete a Maturity Assessment

      This step involves the following participants:

      • CIO
      • IT Managers
      • Change Manager
      • Members of the Change Advisory Board

      Outcomes of this step

      • An understanding of maturity change management processes and frameworks
      • Identification of existing change management challenges and potential causes
      • A framework for assessing change management maturity and an assessment of your existing change management processes

      Define Change Management

      Step 1.1: Assess Maturity → Step 1.2: Categorize Changes and Build Your Risk Assessment

      Change management is often confused with release management, but they are distinct processes

      Change

      • Change management looks at software changes as well as hardware, database, integration, and network changes, with the focus on stability of the entire IT ecosystem for business continuity.
      • Change management provides a holistic view of the IT environment, including dependencies, to ensure nothing is negatively affected by changes.
      • Change documentation is more focused on process, ensuring dependencies are mapped, rollout plans exist, and the business is not at risk.

      Release

      • Release and deployment are the detailed plans that bundle patches, upgrades, and new features into deployment packages, with the intent to change them flawlessly into a production environment.
      • Release management is one of many actions performed under change management’s governance.
      • Release documentation includes technical specifications such as change schedule, package details, change checklist, configuration details, test plan, and rollout and rollback plans.

      Info-Tech Insight

      Ensure the Release Manager is present as part of your CAB. They can explain any change content or dependencies, communicate business approval, and advise the service desk of any defects.

      Integrate change management with other IT processes

      As seen in the context diagram, change management interacts closely with many other IT processes including release management and configuration management (seen below). Ensure you delineate when these interactions occur (e.g. RFC updates and CMDB queries) and which process owns each task.

      The image is a chart mapping the interactions between Change Management and Configuration Management (CMDB).

      Avoid the challenges of poor change management

      1. Deployments
        • Too frequent: The need for frequent deployments results in reduced availability of critical business applications.
        • Failed deployments or rework is required: Deployments are not successful and have to be backed out of and then reworked to resolve issues with the installation.
        • High manual effort: A lack of automation results in high resource costs for deployments. Human error is likely, which adds to the risk of a failed deployment.
      2. Incidents
        • Too many unauthorized changes: If the process is perceived as cumbersome and ineffective, people will bypass it or abuse the emergency designation to get their changes deployed faster.
        • Changes cause incidents: When new releases are deployed, they create problems with related systems or applications.
      3. End Users
        • Low user satisfaction: Poor communication and training result in surprised and unhappy users and support staff.

      “With no controls in place, IT gets the blame for embarrassing outages. Too much control, and IT is seen as a roadblock to innovation.” – Anonymous, VP IT of a federal credit union

      1.1.1 Outline the Organization’s Strengths and Challenges

      Input

      • Current change documentation (workflows, SOP, change policy, etc.)
      • Organizational chart(s)

      Output

      • List of strengths and challenges for change management

      Materials

      Participants

      • CIO
      • IT Managers
      • Change Manager
      • Members of the Change Advisory Board
      1. As group, discuss and outline the change management challenges facing the organization. These may be challenges caused by poor change management processes or by a lack of process.
      2. Use the pain points found on the previous slide to help guide the discussion.
      3. As a group, also outline the strengths of change management and the strengths of the current organization. Use these strengths as a guide to know what practices to continue and what strengths you can leverage to improve the change management process.
      4. Record the activity results in the Project Summary Template.

      Download the Optimize IT Change Management Improvement Initiative: Project Summary Template

      Assess current change management maturity to create a plan for improvement

       ChaosReactiveControlled

      Proactive

      		Optimized
      Change Requests No defined processes for submitting changes Low process adherence and no RFC form RFC form is centralized and a point of contact for changes exists RFCs are reviewed for scope and completion RFCs trend analysis and proactive change exists
      Change Review Little to no change risk assessment Risk assessment exists for each RFC RFC form is centralized and a point of contact for changes exists Change calendar exists and is maintained System and component dependencies exist (CMDB)
      Change Approval No formal approval process exists Approval process exists but is not widely followed Unauthorized changes are minimal or nonexistent Change advisory board (CAB) is established and formalized Trend analysis exists increasing pre-approved changes
      Post-Deployment No post-deployment change review exists Process exists but is not widely followed Reduction of change-related incidents Stakeholder satisfaction is gathered and reviewed Lessons learned are propagated and actioned
      Process Governance Roles & responsibilities are ad hoc Roles, policies & procedures are defined & documented Roles, policies & procedures are defined & documented KPIs are tracked, reported on, and reviewed KPIs are proactively managed for improvement

      Info-Tech Insight

      Reaching an optimized level is not feasible for every organization. You may be able to run a very good change management process at the Proactive or even Controlled stage. Pay special attention to keeping your goals attainable.

      1.1.2 Complete a Maturity Assessment

      Input

      • Current change documentation (workflows, SOP, change policy, etc.)

      Output

      • Assessment of current maturity level and goals to improve change management

      Materials

      Participants

      • Change Manager
      • Service Desk Manager
      • Operations (optional)
      1. Use Info-Tech’s Change Management Maturity Assessment Tool to assess the maturity and completeness of your change process.
      2. Significant gaps revealed in this assessment should be the focal points of your discussion when investigating root causes and brainstorming remediation activities:
        1. For each activity of each process area of change management, determine the degree of completeness of your current process.
        2. Review your maturity assessment results and discuss as a group potential reasons why you arrived at your maturity level. Identify areas where you should focus your initial attention for improvement.
        3. Regularly review the maturity of your change management practices by completing this maturity assessment tool periodically to identify other areas to optimize.

      Download the Change Management Maturity Assessment Tool

      Case Study

      Even Google isn’t immune to change-related outages. Plan ahead and communicate to help avoid change-related incidents

      Industry: Technology

      Source: The Register

      As part of a routine maintenance procedure, Google engineers moved App Engine applications between data centers in the Central US to balance out traffic.

      Unfortunately, at the same time that applications were being rerouted, a software update was in progress on the traffic routers, which triggered a restart. This temporarily diminished router capacity, knocking out a sizeable portion of Google Cloud.

      The server drain resulted in a huge spike in startup requests, and the routers simply couldn’t handle the traffic.

      As a result, 21% of Google App Engine applications hosted in the Central US experienced error rates in excess of 10%, while an additional 16% of applications experienced latency, albeit at a lower rate.

      Solution

      Thankfully, engineers were actively monitoring the implementation of the change and were able to spring into action to halt the problem.

      The change was rolled back after 11 minutes, but the configuration error still needed to be fixed. After about two hours, the change failure was resolved and the Google Cloud was fully functional.

      One takeaway for the engineering team was to closely monitor how changes are scheduled. Ultimately, this was the result of miscommunication and a lack of transparency between change teams.

      Step 1.2

      Categorize Changes and Build Your Risk Assessment

      Activities

      1.2.1 Define What Constitutes a Change

      1.2.2 Build a Change Categorization Scheme

      1.2.3 Build a Classification Scheme to Assess Impact

      1.2.4 Build a Classification Scheme to Define Likelihood

      1.2.5 Evaluate and Adjust Your Risk Assessment Scheme

      Define Change Management

      Step 1.1: Assess Maturity → Step 1.2: Categorize Changes and Build Your Risk Assessment

      This step involves the following participants:

      • Infrastructure/Applications Manager
      • Change Manager
      • Members of the Change Advisory Board

      Outcomes of this step

      • A clear definition of what constitutes a change in your organization
      • A defined categorization scheme to classify types of changes
      • A risk assessment matrix and tool for evaluating and prioritizing change requests according to impact and likelihood of risk

      Change must be managed to mitigate risk to the infrastructure

      Change management is the gatekeeper protecting your live environment.

      Successfully managed changes will optimize risk exposure, severity of impact, and disruption. This will result in the bottom-line business benefits of removal of risk, early realization of benefits, and savings of money and time.

      • IT change is constant; change requests will be made both proactively and reactively to upgrade systems, acquire new functionality, and to prevent or resolve incidents.
      • Every change to the infrastructure must pass through the change management process before being deployed to ensure that it has been properly assessed and tested, and to check that a backout /rollback plan is in place.
      • It will be less expensive to invest in a rigorous change management process than to resolve incidents, service disruptions, and outages caused by the deployment of a bad change.
      • Change management is what gives you control and visibility regarding what is introduced to the live environment, preventing incidents that threaten business continuity.

      80%

      In organizations without formal change management processes, about 80% (The Visible Ops Handbook) of IT service outage problems are caused by updates and changes to systems, applications, and infrastructure. It’s crucial to track and systematically manage change to fully understand and predict the risks and potential impact of the change.

      Attributes of a change

      Differentiate changes from other IT requests

      Is this in the production environment of a business process?

      The core business of the enterprise or supporting functions may be affected.

      Does the task affect an enterprise managed system?

      If it’s for a local application, it’s a service request

      How many users are impacted?

      It should usually impact more than a single user (in most cases).

      Is there a configuration, or code, or workflow, or UI/UX change?

      Any impact on a business process is a change; adding a user or a recipient to a report or mailing list is not a change.

      Does the underlying service currently exist?

      If it’s a new service, then it’s better described as a project.

      Is this done/requested by IT?

      It needs to be within the scope of IT for the change management process to apply.

      Will this take longer than one week?

      As a general rule, if it takes longer than 40 hours of work to complete, it’s likely a project.

      Defining what constitutes a change

      Every change request will initiate the change management process; don’t waste time reviewing requests that are out of scope.

      ChangeService Request (User)Operational Task (Backend)
      • Fixing defects in code
      • Changing configuration of an enterprise system
      • Adding new software or hardware components
      • Switching an application to another VM
      • Standardized request
      • New PC
      • Permissions request
      • Change password
      • Add user
      • Purchases
      • Change the backup tape
      • Delete temporary files
      • Maintain database (one that is well defined, repeatable, and predictable)
      • Run utilities to repair a database

      Do not treat every IT request as a change!

      • Many organizations make the mistake of calling a standard service request or operational task a “change.”
      • Every change request will initiate the change management process; don’t waste time reviewing requests that are out of scope.
      • While the overuse of RFCs for out-of-scope requests is better than a lack of process, this will slow the process and delay the approval of more critical changes.
      • Requiring an RFC for something that should be considered day-to-day work will also discourage people from adhering to the process, because the RFC will be seen as meaningless paperwork.

       

      1.2.1 Define What Constitutes a Change

      Input

      • List of examples of each category of the chart

      Output

      • Definitions for each category to be used at change intake

      Materials

      • Whiteboard/flip charts (or shared screen if working remotely)
      • Service catalog (if applicable)
      • Sticky notes
      • Markers/pens
      • Change Management SOP

      Participants

      • Infrastructure Manager
      • Change Manager
      • Members of the Change Advisory Board
      1. As a group, brainstorm examples of changes, projects, service requests (user), operational tasks (backend), and releases. You may add additional categories as needed (e.g. incidents).
      2. Have each participant write the examples on sticky notes and populate the following chart on the whiteboard/flip chart.
      3. Use the examples to draw lines and define what defines each category.
        • What makes a change distinct from a project?
        • What makes a change distinct from a service request?
        • What makes a change distinct from an operational task?
        • When do the category workflows cross over with other categories? (For example, when does a project interact with change management?)
      4. Record the definitions of requests and results in section 2.3 of the Change Management Standard Operating Procedure (SOP).
      ChangeProjectService Request (User)Operational Task (Backend)Release
      Changing Configuration ERP upgrade Add new user Delete temp files Software release

      Download the Change Management Standard Operating Procedure (SOP).

      Each RFC should define resources needed to effect the change

      In addition to assigning a category to each RFC based on risk assessment, each RFC should also be assigned a priority based on the impact of the change on the IT organization, in terms of the resources needed to effect the change.

      Categories include

      Normal

      Emergency

      Pre-Approved

      The majority of changes will be pre-approved or normal changes. Definitions of each category are provided on the next slide.

      Info-Tech uses the term pre-approved rather than the ITIL terminology of standard to more accurately define the type of change represented by this category.

      A potential fourth change category of expedited may be employed if you are having issues with process adherence or if you experience changes driven from outside change management’s control (e.g. from the CIO, director, judiciary, etc.) See Appendix I for more details.

      Info-Tech Best Practice

      Do not rush to designate changes as pre-approved. You may have a good idea of which changes may be considered pre-approved, but make sure they are in fact low-risk and well-documented before moving them over from the normal category.

      The category of the change determines the process it follows

       Pre-ApprovedNormalEmergency
      Definition
      • Tasks are well-known, documented, and proven
      • Budgetary approval is preordained or within control of change requester
      • Risk is low and understood
      • There’s a low probability of failure
      • All changes that are not pre-approved or emergency will be classified as normal
      • Further categorized by priority/risk
      • The change is being requested to resolve a current or imminent critical/severity-1 incident that threatens business continuity
      • Associated with a critical incident or problem ticket
      Trigger
      • The same change is built and changed repeatedly using the same install procedures and resulting in the same low-risk outcome
      • Upgrade or new functionality that will capture a business benefit
      • A fix to a current problem
      • A current or imminent critical incident that will impact business continuity
      • Urgency to implement the change must be established, as well as lack of any alternative or workaround
      Workflow
      • Pre-established
      • Repeatable with same sequence of actions, with minimal judgment or decision points
      • Dependent on the change
      • Different workflows depending on prioritization
      • Dependent on the change
      Approval
      • Change Manager (does not need to be reviewed by CAB)
      • CAB
      • Approval from the Emergency Change Advisory Board (E-CAB) is sufficient to proceed with the change
      • A retroactive RFC must be created and approved by the CAB

      Pay close attention to defining your pre-approved changes. They are going to be critical for running a smooth change management practice in a DevOps Environment

      1.2.2 Build a Change Categorization Scheme

      Input

      • List of examples of each change category

      Output

      • Definitions for each change category

      Materials

      • Whiteboard/flip charts (or shared screen if working remotely)
      • Service catalog (if applicable)
      • Sticky notes
      • Markers
      • Change Management SOP

      Participants

      • Infrastructure Manager
      • Change Manager
      • Members of the Change Advisory Board
      1. Discuss the change categories on the previous slide and modify the types of descriptions to suit your organization.
      2. Once the change categories or types are defined, identify several examples of change requests that would fall under each category.
      3. Types of normal changes will be further defined in the next activity and can be left blank for now.
      4. Examples are provided below. Capture your definitions in section 4 of your Change Management SOP.
      Pre-Approved (AKA Standard)NormalEmergency
      • Microsoft patch management/deployment
      • Windows update
      • Minor form changes
      • Service pack updates on non-critical systems
      • Advance label status on orders
      • Change log retention period/storage
      • Change backup frequency

      Major

      • Active directory server upgrade
      • New ERP

      Medium

      • Network upgrade
      • High availability implementation

      Minor

      • Ticket system go-live
      • UPS replacement
      • Cognos update
      • Any change other than a pre-approved change
      • Needed to resolve a major outage in a Tier 1 system

      Assess the risk for each normal change based on impact (severity) and likelihood (probability)

      Create a change assessment risk matrix to standardize risk assessment for new changes. Formalizing this assessment should be one of the first priorities of change management.

      The following slides guide you through the steps of formalizing a risk assessment according to impact and likelihood:

      1. Define a risk matrix: Risk matrices can either be a 3x3 matrix (Minor, Medium, or High Risk as shown on the next slide) or a 4x4 matrix (Minor, Medium, High, or Critical Risk).
      2. Build an impact assessment: Enable consistent measurement of impact for each change by incorporating a standardized questionnaire for each RFC.
      3. Build a likelihood assessment: Enable the consistent measurement of impact for each change by incorporating a standardized questionnaire for each RFC.
      4. Test drive your risk assessment and make necessary adjustments: Measure your newly formed risk assessment questionnaires against historical changes to test its accuracy.

      Consider risk

      1. Risk should be the primary consideration in classifying a normal change as Low, Medium, High. The extent of governance required, as well as minimum timeline to implement the change, will follow from the risk assessment.
      2. The business benefit often matches the impact level of the risk – a change that will provide a significant benefit to a large number of users may likely carry an equally major downside if deviations occur.

      Info-Tech Insight

      All changes entail an additional level of risk. Risk is a function of impact and likelihood. Risk may be reduced, accepted, or neutralized through following best practices around training, testing, backout planning, redundancy, timing and sequencing of changes, etc.

      Create a risk matrix to assign a risk rating to each RFC

      Every normal RFC should be assigned a risk rating.

      How is risk rating determined?

      • Priority should be based on the business consequences of implementing or denying the change.
      • Risk rating is assigned using the impact of the risk and likelihood/probability that the event may occur.

      Who determines priority?

      • Priority should be decided with the change requester and with the CAB, if necessary.
      • Don’t let the change requester decide priority alone, as they will usually assign it a higher priority than is justified. Use a repeatable, standardized framework to assess each request.

      How is risk rating used?

      • Risk rating is used to determine which changes should be discussed and assessed first.
      • Time frames and escalation processes should be defined for each risk level.

      RFCs need to clearly identify the risk level of the proposed change. This can be done through statement of impact and likelihood (low/medium/high) or through pertinent questions linked with business rules to assess the risk.

      Risk always has a negative impact, but the size of the impact can vary considerably in terms of cost, number of people or sites affected, and severity of the impact. Impact questions tend to be more objective and quantifiable than likelihood questions.

      Risk Matrix

      Risk Matrix. Impact vs. Likelihood. Low impact, Low Likelihood and Medium Impact, Medium Likelihood are minor risks. High Likelihood, Low Impact; Medium Likelihood, Medium Impact; and Low Likelihood, High Impact are Medium Risk. High Impact, High Likelihood; High Impact, Medium Likelihood; and Medium Impact, High Likelihood are Major risk.

      1.2.3 Build a Classification Scheme to Assess Impact

      Input

      • Current risk assessment (if available)

      Output

      • Tailored impact assessment

      Materials

      Participants

      • CIO
      • Infrastructure Manager
      • Change Manager
      • Members of the Change Advisory Board
      1. Define a set of questions to measure risk impact.
      2. For each question, assign a weight that should be placed on that factor.
      3. Define criteria for each question that would categorize the risk as high, medium, or low.
      4. Capture your results in section 4.3.1 of your Change Management SOP.
      Impact
      Weight Question High Medium Low
      15% # of people affected 36+ 11-35 <10
      20% # of sites affected 4+ 2-3 1
      15% Duration of recovery (minutes of business time) 180+ 30-18 <3
      20% Systems affected Mission critical Important Informational
      30% External customer impact Loss of customer Service interruption None

      1.2.4 Build a Classification Scheme to Define Likelihood

      Input

      • Current risk assessment (if available)

      Output

      • Tailored likelihood assessment

      Materials

      Participants

      • CIO
      • Infrastructure Manager
      • Change Manager
      • Members of the Change Advisory Board
      1. Define a set of questions to measure risk likelihood.
      2. For each question, assign a weight that should be placed on that factor.
      3. Define criteria for each question that would categorize the risk as high, medium, or low.
      4. Capture your results in section 4.3.2 of your Change Management SOP.
      LIKELIHOOD
      Weight Question High Medium Low
      25% Has this change been tested? No   Yes
      10% Have all the relevant groups (companies, departments, executives) vetted the change? No Partial Yes
      5% Has this change been documented? No   Yes
      15% How long is the change window? When can we implement? Specified day/time Partial Per IT choice
      20% Do we have trained and experienced staff available to implement this change? If only external consultants are available, the rating will be “medium” at best. No   Yes
      25% Has an implementation plan been developed? No   Yes

      1.2.5 Evaluate and Adjust Your Risk Assessment Scheme

      Input

      • Impact and likelihood assessments from previous two activities

      Output

      • Vetted risk assessment

      Materials

      Participants

      • CIO
      • Infrastructure Manager
      • Change Manager
      • Members of the Change Advisory Board
      1. Draw your risk matrix on a whiteboard or flip chart.
      2. As a group, identify up to 10 examples of requests for changes that would apply within your organization. Depending on the number of people participating, each person could identify one or two changes and write them on sticky notes.
      3. Take turns bringing your sticky notes up to the risk matrix and placing each where it belongs, according to the assessment criteria you defined.
      4. After each participant has taken a turn, discuss each change as a group and adjust the placement of any changes, if needed. Update the risk assessment weightings or questions, if needed.

      Download the Change Management Rick Assessment Tool.

      #

      Change Example

      Impact

      Likelihood

      Risk

      1

      ERP change

      High

      Medium

      Major

      2

      Ticket system go-live

      Medium

      Low

      Minor

      3

      UPS replacement

      Medium

      Low

      Minor

      4

      Network upgrade

      Medium

      Medium

      Medium

      5

      AD upgrade

      Medium

      Low

      Minor

      6

      High availability implementation

      Low

      Medium

      Minor

      7

      Key-card implementation

      Low

      High

      Medium

      8

      Anti-virus update

      Low

      Low

      Minor

      9

      Website

      Low

      Medium

      Minor

       

      Case Study

      A CMDB is not a prerequisite of change management. Don’t let the absence of a configuration management database (CMDB) prevent you from implementing change management.

      Industry: Manufacturing

      Source: Anonymous Info-Tech member

      Challenge

      The company was planning to implement a CMDB; however, full implementation was still one year away and subject to budget constraints.

      Without a CMDB, it would be difficult to understand the interdependencies between systems and therefore be able to provide notifications to potentially affected user groups prior to implementing technical changes.

      This could have derailed the change management project.

      Solution

      An Excel template was set up as a stopgap measure until the full implementation of the CMDB. The template included all identified dependencies between systems, along with a “dependency tier” for each IT service.

      Tier 1: The dependent system would not operate if the upstream system change resulted in an outage.

      Tier 2: The dependent system would suffer severe degradation of performance and/or features.

      Tier 3: The dependent system would see minor performance degradation or minor feature unavailability.

      Results

      As a stopgap measure, the solution worked well. When changes ran the risk of degrading downstream dependent systems, the impacted business system owner’s authorization was sought and end users were informed in advance.

      The primary takeaway was that a system to manage configuration linkages and system dependencies was key.

      While a CMDB is ideal for this use case, IT organizations shouldn’t let the lack of such a system stop progress on change management.

      Case Study (part 1 of 4)

      Intel used a maturity assessment to kick-start its new change management program.

      Industry: Technology

      Source: Daniel Grove, Intel

      Challenge

      Founded in 1968, the world’s largest microchip and semiconductor company employs over 100,000 people. Intel manufactures processors for major players in the PC market including Apple, Lenovo, HP, and Dell.

      Intel IT supports over 65,000 servers, 3.2 petabytes of data, over 70,000 PCs, and 2.6 million emails per day.

      Intel’s change management program is responsible for over 4,000 changes each week.

      Solution

      Due to the sheer volume of change management activities present at Intel, over 35% of unscheduled outages were the result of changes.

      Ineffective change management was identified as the top contributor of incidents with unscheduled downtime.

      One of the major issues highlighted was a lack of process ownership. The change management process at Intel was very fragmented, and that needed to change.

      Results

      Daniel Grove, Senior Release & Change Manager at Intel, identified that clarifying tasks for the Change Manager and the CAB would improve process efficiency by reducing decision lag time. Roles and responsibilities were reworked and clarified.

      Intel conducted a maturity assessment of the overall change management process to identify key areas for improvement.

      Phase 2

      Establish Roles and Workflows

      For running change management in DevOps environment, see Appendix II.

      Define Change Management

      1.1 Assess Maturity

      1.2 Categorize Changes and Build Your Risk Assessment

      Establish Roles and Workflows

      2.1 Determine Roles and Responsibilities

      2.2 Build Core Workflows

      Define RFC and Post-Implementation Activities

      3.1 Design the RFC

      3.2 Establish Post-Implementation Activities

      Measure, Manage, and Maintain

      4.1 Identify Metrics and Build the Change Calendar

      4.2 Implement the Project

      This phase will guide you through the following steps:

      • Determine Roles and Responsibilities
      • Build Core Workflows

      This phase involves the following participants:

      • CIO
      • IT Managers
      • Change Manager
      • Members of the Change Advisory Board

      Step 2.1

      Determine Roles and Responsibilities

      Activities

      2.1.1 Capture Roles and Responsibilities Using a RACI Chart

      2.1.2 Determine Your Change Manager’s Responsibilities

      2.1.3 Define the Authority and Responsibilities of Your CAB

      2.1.4 Determine an E-CAB Protocol for Your Organization

      Establish Roles and Workflows

      Step 2.1: Determine Roles and Responsibilities → Step 2.2: Build Core Workflows

      This step involves the following participants:

      • CIO
      • IT Managers
      • Change Manager
      • Members of the Change Advisory Board

      Outcomes of this step

      • Clearly defined responsibilities to form the job description for a Change Manager
      • Clearly defined roles and responsibilities for the change management team, including the business system owner, technical SME, and CAB members
      • Defined responsibilities and authority of the CAB
      • Protocol for an emergency CAB (E-CAB) meeting

      Identify roles and responsibilities for your change management team

      Business System Owner

      • Provides downtime window(s)
      • Advises on need for change (prior to creation of RFC)
      • Validates change (through UAT or other validation as necessary)
      • Provides approval for expedited changes (needs to be at executive level)

      Technical Subject Matter Expert (SME)

      • Advises on proposed changes prior to RFC submission
      • Reviews draft RFC for technical soundness
      • Assesses backout/rollback plan
      • Checks if knowledgebase has been consulted for prior lessons learned
      • Participates in the PIR, if necessary
      • Ensures that the service desk is trained on the change

      CAB

      • Approves/rejects RFCs for normal changes
      • Reviews lessons learned from PIRs
      • Decides on the scope of change management
      • Reviews metrics and decides on remedial actions
      • Considers changes to be added to list of pre-approved changes
      • Communicates to organization about upcoming changes

      Change Manager

      • Reviews RFCs for completeness
      • Ensures RFCs brought to the CAB have a high chance of approval
      • Chairs CAB meetings, including scheduling, agenda preparation, reporting, and follow-ups
      • Manages post-implementation reviews and reporting
      • Organizes internal communications (within IT)

      2.1.1 Capture Roles and Responsibilities Using a RACI Chart

      Input

      • Current SOP

      Output

      • Documented roles and responsibilities in change management in a RACI chart

      Materials

      Participants

      • CIO
      • IT Managers
      • Change Manager
      • Members of the Change Advisory Board
      1. As a group, work through developing a RACI chart to determine the roles and responsibilities of individuals involved in the change management practice based on the following criteria:
        • Responsible (performs the work)
        • Accountable (ensures the work is done)
        • Consulted (two-way communication)
        • Informed (one-way communication)
      2. Record your results in slide 14 of the Project Summary Template and section 3.1 of your Change Management SOP.
      Change Management TasksOriginatorSystem OwnerChange ManagerCAB MemberTechnical SMEService DeskCIO/ VP ITE-CAB Member
      Review the RFC C C A C R C R  
      Validate changes C C A C R C R  
      Assess test plan A C R R C   I  
      Approve the RFC I C A R C   I  
      Create communications plan R I A     I I  
      Deploy communications plan I I A I   R    
      Review metrics   C A R   C I  
      Perform a post implementation review   C R A     I  
      Review lessons learned from PIR activities     R A   C    

      Designate a Change Manager to own the process, change templates, and tools

      The Change Manager will be the point of contact for all process questions related to change management.

      • The Change Manager needs the authority to reject change requests, regardless of the seniority of the requester.
      • The Change Manager needs the authority to enforce compliance to a standard process.
      • The Change Manager needs enough cross-functional subject-matter expertise to accurately evaluate the impact of change from both an IT and business perspective.

      Info-Tech Best Practice

      Some organizations will not be able to assign a dedicated Change Manager, but they must still task an individual with change review authority and with ownership of the risk assessment and other key parts of the process.

      Responsibilities

      1. The Change Manager is your first stop for change approval. Both the change management and release and deployment management processes rely on the Change Manager to function.
      2. Every single change that is applied to the live environment, from a single patch to a major change, must originate with a request for change (RFC), which is then approved by the Change Manager to proceed to the CAB for full approval.
      3. Change templates and tools, such as the change calendar, list of preapproved changes, and risk assessment template are controlled by the Change Manager.
      4. The Change Manager also needs to have ownership over gathering metrics and reports surrounding deployed changes. A skilled Change Manager needs to have an aptitude for applying metrics for continual improvement activities.

      2.1.2 Document Your Change Manager’s Responsibilities

      Input

      • Current Change Manager job description (if available)

      Output

      • Change Manager job description and list of responsibilities

      Materials

      • Whiteboard/flip charts (or shared screen if working remotely)
      • Markers/pens
      • Info-Tech’s Change Manager Job Description
      • Change Management SOP

      Participants

      • CIO
      • IT Managers
      • Change Manager
      • Members of the Change Advisory Board

      1.Using the previous slide, Info-Tech’s Change Manager Job Description, and the examples below, brainstorm responsibilities for the Change Manager.

      2.Record the responsibilities in Section 3.2 of your Change Management SOP.

      Example:

      Change Manager: James Corey

      Responsibilities

      1. Own the process, tools, and templates.
      2. Control the Change Management SOP.
      3. Provide standard RFC forms.
      4. Distribute RFCs for CAB review.
      5. Receive all initial RFCs and check them for completion.
      6. Approve initial RFCs.
      7. Approve pre-approved changes.
      8. Approve the conversion of normal changes to pre-approved changes.
      9. Assemble the Emergency CAB (E-CAB) when emergency change requests are received.
      10. Approve submission of RFCs for CAB review.
      11. Chair the CAB:
        • Set the CAB agenda and distribute it at least 24 hours before the meeting.
        • Ensure the agenda is adhered to.
        • Make the final approval/prioritization decision regarding a change if the CAB is deadlocked and cannot come to an agreement.
        • Distribute CAB meeting minutes to all members and relevant stakeholders.

      Download the Change Manager Job Description

      Create a Change Advisory Board (CAB) to provide process governance

      The primary functions of the CAB are to:

      1. Protect the live environment from poorly assessed, tested, and implemented changes.
        • CAB approval is required for all normal and emergency changes.
        • If a change results in an incident or outage, the CAB is effectively responsible; it’s the responsibility of the CAB to assess and accept the potential impact of every change.
      2. Prioritize changes in a way that fairly reflects change impact and urgency.
        • Change requests will originate from multiple stakeholders, some of whom have competing interests.
        • It’s up to the CAB to prioritize these requests effectively so that business need is balanced with any potential risk to the infrastructure.
        • The CAB should seek to reduce the number of emergency/expedited changes.
      3. Schedule deployments in a way that minimizes conflict and disruption.
        • The CAB uses a change calendar populated with project work, upcoming organizational initiatives, and change freeze periods. They will schedule changes around these blocks to avoid disrupting user productivity.
        • The CAB should work closely with the release and deployment management teams to coordinate change/release scheduling.

      See what responsibilities in the CAB’s process are already performed by the DevOps lifecycle (e.g. authorization, deconfliction etc.). Do not duplicate efforts.

      Use diverse representation from the business to form an effective CAB

      The CAB needs insight into all areas of the business to avoid approving a high-risk change.

      Based on the core responsibilities you have defined, the CAB needs to be composed of a diverse set of individuals who provide quality:

      • Change need assessments – identifying the value and purpose of a proposed change.
      • Change risk assessments – confirmation of the technical impact and likelihood assessments that lead to a risk score, based on the inputs in RFC.
      • Change scheduling – offer a variety of perspectives and responsibilities and will be able to identify potential scheduling conflicts.
       CAB RepresentationValue Added
      Business Members
      • CIO
      • Business Relationship Manager
      • Service Level Manager
      • Business Analyst
      • Identify change blackout periods, change impact, and business urgency.
      • Assess impact on fiduciary, legal, and/or audit requirements.
      • Determine acceptable business risk.
      IT Operations Members
      • Managers representing all IT functions
      • IT Directors
      • Subject Matter Experts (SMEs)
      • Identify dependencies and downstream impacts.
      • Identify possible conflicts with pre-existing OLAs and SLAs.
      CAB Attendees
      • Specific SMEs, tech specialists, and business and vendor reps relevant to a particular change
      • Only attend meetings when invited by the Change Manager
      • Provide detailed information and expertise related to their particular subject areas.
      • Speak to requirements, change impact, and cost.

      Info-Tech Best Practice

      Form a core CAB (members attend every week) and an optional CAB (members who attend only when a change impacts them or when they can provide value in discussions about a change). This way, members can have their voice heard without spending every week in a meeting where they do not contribute.

      2.1.3 Define the Authority and Responsibilities of Your CAB

      Input

      • Current SOP or CAB charter (if available)

      Output

      • Documented list of CAB authorities and responsibilities

      Materials

      Participants

      • CIO
      • IT Managers
      • Change Manager
      • Members of the Change Advisory Board

      1.Using the previous slide and the examples below, list the authorities and responsibilities of your CAB.

      2.Record the responsibilities in section 3.3.2 of your Change Management SOP and the Project Summary Template.

      Example:

      CAP AuthorityCAP Responsibilities
      • Final authority over the deployment of all normal and emergency changes.
      • Authority to absorb the risk of a change.
      • Authority to set the change calendar:
        • Maintenance windows.
        • Change freeze periods.
        • Project work.
        • Authority to delay changes.
      • Evaluate all normal and emergency changes.
      • Verify all normal change test, backout, and implementation plans.
      • Verify all normal change test results.
      • Approve all normal and emergency changes.
      • Prioritize all normal changes.
      • Schedule all normal and emergency changes.
      • Review failed change deployments.

      Establish an emergency CAB (E-CAB) protocol

      • When an emergency change request is received, you will not be able to wait until the regularly scheduled CAB meeting.
      • As a group, decide who will sit on the E-CAB and what their protocol will be when assessing and approving emergency changes.

      Change owner conferences with E-CAB (best efforts to reach them) through email or messaging.

      E-CAB members and business system owners are provided with change details. No decision is made without feedback from at least one E-CAB member.

      If business continuity is being affected, the Change Manager has authority to approve change.

      Full documentation of the change (a retroactive RFC) is done after the change and is then reviewed by the CAB.

      Info-Tech Best Practice

      Members of the E-CAB should be a subset of the CAB who are typically quick to respond to their messages, even at odd hours of the night.

      2.1.4 Determine an E-CAB Protocol for Your Organization

      Input

      • Current SOP or CAB charter (if available)

      Output

      • E-CAB protocol

      Materials

      Participants

      • CIO
      • IT Managers
      • Change Manager
      • Members of the Change Advisory Board
      1. Gather the members of the E-CAB and other necessary representatives from the change management team.
      2. Determine the order of operations for the E-CAB in the event that an emergency change is needed.
      3. Consult the example emergency protocol below. Determine what roles and responsibilities are involved at each stage of the emergency change’s implementation.
      4. Document the E-CAB protocol in section 3.4 of your Change Management SOP.

      Example

      Assemble E-CAB

      Assess Change

      Test (if Applicable)

      Deploy Change

      Create Retroactive RFC

      Review With CAB

      Step 2.2

      Build Core Workflows

      Activities

      2.2.1 Build a CMDB-lite as a Reference for Requested Changes

      2.2.2 Create a Normal Change Process

      2.2.3 Create a Pre-Approved Change Process

      2.2.4 Create an Emergency Change Process

      Establish Roles and Workflows

      Step 2.1: Determine Roles and Responsibilities → Step 2.2: Build Core Workflows

      This step involves the following participants:

      • CIO
      • IT Managers
      • Change Manager
      • Members of the Change Advisory Board

      Outcomes of this step

      • Emergency change workflow
      • Normal process workflow
      • Pre-approved change workflow

      Establishing Workflows: Change Management Lifecycle

      Improve

      • A post-implementation review assesses the value of the actual change measured against the proposed change in terms of benefits, costs, and impact.
      • Results recorded in the change log.
      • Accountability: Change Manager Change Implementer

      Request

      • A change request (RFC) can be submitted via paper form, phone, email, or web portal.
      • Accountability: Change requester/Initiator

      Assess

      • The request is screened to ensure it meets an agreed-upon set of business criteria.
      • Changes are assessed on:
        • Impact of change
        • Risks or interdependencies
        • Resourcing and costs
      • Accountability: Change Manager

      Plan

      • Tasks are assigned, planned, and executed.
      • Change schedule is consulted and necessary resources are identified.
      • Accountability: Change Manager

      Approve

      • Approved requests are sent to the most efficient channel based on risk, urgency, and complexity.
      • Change is sent to CAB members for final review and approval
      • Accountability: Change Manager
        • Change Advisory Board

      Implement

      • Approved changes are deployed.
      • A rollback plan is created to mitigate risk.
      • Accountability: Change Manager Change Implementer

      Establishing workflows: employ a SIPOC model for process definition

      A good SIPOC (supplier, input, process, output, customer) model helps establish the boundaries of each process step and provides a concise definition of the expected outcomes and required inputs. It’s a useful and recommended next step for every workflow diagram.

      For change management, employ a SIPOC model to outline your CAB process:

      Supplier

      • Who or what organization provides the inputs to the process? The supplier can be internal or external.

      Input

      • What goes into the process step? This can be a document, data, information, or a decision.

      Process

      • Activities that occur in the process step that’s being analyzed.

      Output

      • What does the process step produce? This can be a document, data, information, or a decision.

      Customer

      • Who or what organization(s) takes the output of the process? The customer can be internal or external.

      Optional Fields

      Metrics

      • Top-level indicators that usually relate to the input and output, e.g. turnaround time, risk matrix completeness.

      Controls

      • Checkpoints to ensure process step quality.

      Dependencies

      • Other process steps that require the output.

      RACI

      • Those who are Responsible, Accountable, Consulted, or Informed (RACI) about the input, output, and/or process.

      Establish change workflows: assess requested changes to identify impact and dependencies

      An effective change assessment workflow is a holistic process that leaves no stone unturned in an effort to mitigate risk before any change reaches the approval stage. The four crucial areas of risk in a change workflow are:

      Dependencies

      Identify all components of the change.

      Ask how changes will affect:

      • Services on the same infrastructure?
      • Applications?
      • Infrastructure/app architecture?
      • Security?
      • Ability to support critical systems?

      Business Impact

      Frame the change from a business point of view to identify potential disruptions to business activities.

      Your assessment should cover:

      • Business processes
      • User productivity
      • Customer service
      • BCPs

      SLA Impact

      Each new change can impact the level of service available.

      Examine the impact on:

      • Availability of critical systems
      • Infrastructure and app performance
      • Infrastructure and app capacity
      • Existing disaster recovery plans and procedures

      Required Resources

      Once risk has been assessed, resources need to be identified to ensure the change can be executed.

      These include:

      • People (SMEs, tech support, work effort/duration)
      • System time for scheduled implementation
      • Hardware or software (new or existing, as well as tools)

      Establishing workflows: pinpoint dependencies to identify the need for additional changes

      An assessment of each change and a query of the CMDB needs to be performed as part of the change planning process to mitigate outage risk.

      • A version upgrade on one piece of software may require another component to be upgraded as well. For example, an upgrade to the database management system requires that an application that uses the database be upgraded or modified.
      • The sequence of the release must also be determined, as certain components may need to be upgraded before others. For example, if you upgrade the Exchange Server, a Windows update must be installed prior to the Exchange upgrade.
      • If you do not have a CMDB, consider building a CMDB-lite, which consists of a listing of systems, primary users, SMEs, business owners, and system dependencies (see next slide).

      Services Impacted

      • Have affected services been identified?
      • Have supporting services been identified?
      • Has someone checked the CMDB to ensure all dependencies have been accounted for?
      • Have we referenced the service catalog so the business approves what they’re authorizing?

      Technical Teams Impacted

      • Who will support the change throughout testing and implementation?
      • Will additional support be needed?
      • Do we need outside support from eternal suppliers?
      • Has someone checked the contract to ensure any additional costs have been approved?

      Build a dependency matrix to avoid change related collisions (optional)

      A CMDB-lite does not replace a CMDB but can be a valuable tool to leverage when requesting changes if you do not currently have configuration management. Consider the following inputs when building your own CMDB-lite.

      • System
        • To build a CMDB-lite, start with the top 10 systems in your environment that experience changes. This list can always be populated iteratively.
      • Primary Users
        • Listing the primary users will give a change requester a first glance at the impact of the change.
        • You can also use this information when looking at the change communication and training after the change is implemented.
      • SME/Backup
        • These are the staff that will likely build and implement the change. The backup is listed in case the primary is on holiday.
      • Business System Owner
        • The owner of the system is one of the people needed to sign off on the change. Having their support from the beginning of a change is necessary to build and implement it successfully.
      • Tier 1 Dependency
        • If the primary system experiences and outage, Tier 1 dependency functionality is also lost. To request a change, include the business system owner signoffs of the Tier 1 dependencies of the primary system.
      • Tier 2 Dependency
        • If the primary system experiences an outage, Tier 2 dependency functionality is lost, but there is an available workaround. As with Tier 1, this information can help you build a backout plan in case there is a change-related collision.
      • Tier 3 Dependency
        • Tier 3 functionality is not lost if the primary system experiences an outage, but nice-to-haves such as aesthetics are affected.

      2.2.1 Build a CMDB-lite as a Reference for Requested Changes

      Input

      • Current system ownership documentation

      Output

      • Documented reference for change requests (CMDB-lite)

      Materials

      • Whiteboard/flip charts (or shared screen if working remotely)
      • Sticky notes
      • Markers/pens

      Participants

      • CIO
      • IT Managers
      • Change Manager
      • Members of the Change Advisory Board
      1. Start with a list of your top 10-15 systems/services with the highest volume of changes.
      2. Using a whiteboard, flip chart, or shared screen, complete the table below by filling the corresponding Primary Users, SMEs, Business System Owner, and Dependencies as shown below. It may help to use sticky notes.
      3. Iteratively populate the table as you notice gaps with incoming changes.
      SystemPrimary UsersSMEBackup SME(s)Business System OwnerTier 1 Dependency (system functionality is down)Tier 2 (impaired functionality/ workaround available)Tier 3 Dependency (nice to have)
      Email Enterprise Naomi Amos James
      • ITSMs
      • Scan-to-email
      • Reporting
      		  
      • Lots
      Conferencing Tool Enterprise Alex Shed James
      • Videoconferencing
      • Conference rooms (can use Facebook messenger instead in worst case scenario)
      • IM
      ITSM (Service Now) Enterprise (Intl.) Anderson TBD Mike
      • Work orders
      • Dashboards
      • Purchasing
      		  
      ITSM (Manage Engine) North America Bobbie Joseph Mike
      • Work orders
      • Dashboards
      • Purchasing
      		  

      Establishing workflows: create standards for change approvals to improve efficiency

      • Not all changes are created equal, and not all changes require the same degree of approval. As part of the change management process, it’s important to define who is the authority for each type of change.
      • Failure to do so can create bureaucratic bottlenecks if each change is held to an unnecessary high level of scrutiny, or unplanned outages may occur due to changes circumventing the formal approval process.
      • A balance must be met and defined to ensure the process is not bypassed or bottlenecked.

      Info-Tech Best Practice

      Define a list pre-approved changes and automate them (if possible) using your ITSM solution. This will save valuable time for more important changes in the queue.

      Example:

      Change CategoryChange Authority
      Pre-approved change Department head/manager
      Emergency change E-CAB
      Normal change – low and medium risk CAB
      Normal change – high risk CAB and CIO (for visibility)

      Example process: Normal Change – Change Initiation

      Change initiation allows for assurance that the request is in scope for change management and acts as a filter for out-of-scope changes to be redirected to the proper workflow. Initiation also assesses who may be assigned to the change and the proper category of the change, and results in an RFC to be populated before the change reaches the build and test phase.

      The image is a horizontal flow chart, depicting an example of a change process.

      The change trigger assessment is critical in the DevOps lifecycle. This can take a more formal role of a technical review board (TRB) or, with enough maturity, may be automated. Responsibilities such as deconfliction, dependency identification, calendar query, and authorization identification can be done early in the lifecycle to decrease or eliminate the burden on CAB.

      For the full process, refer to the Change Management Process Library.

      Example process: Normal Change – Technical Build and Test

      The technical build and test stage includes all technical prerequisites and testing needed for a change to pass before proceeding to approval and implementation. In addition to a technical review, a solution consisting of the implementation, rollback, communications, and training plan are also built and included in the RFC before passing it to the CAB.

      The image is a flowchart, showing the process for change during the technical build and test stage.

      For the full process, refer to the Change Management Process Library.

      Example process: Normal Change – Change Approval (CAB)

      Change approval can start with the Change Manager reviewing all incoming RFCs to filter them for completeness and check them for red flags before passing them to the CAB. This saves the CAB from discussing incomplete changes and allows the Change Manager to set a CAB agenda before the CAB meeting. If need be, change approval can also set vendor communications necessary for changes, as well as the final implementation date of the change. The CAB and Change Manager may follow up with the appropriate parties notifying them of the approval decision (accepted, rescheduled, or rejected).

      The image shows a flowchart illustrating the process for change approval.

      For the full process, refer to the Change Management Process Library.

      Example process: Normal Change – Change Implementation

      Changes should not end at implementation. Ensure you define post-implementation activities (documentation, communication, training etc.) and a post-implementation review in case the change does not go according to plan.

      The image is a flowchart, illustrating the work process for change implementation and post-implementation review.

      For the full process, refer to the Change Management Process Library.

      2.2.2 Create a Normal Change Process

      Input

      • Current SOP/workflow library

      Output

      • Normal change process

      Materials

      Participants

      • CIO
      • IT Managers
      • Change Manager
      • Members of the Change Advisory Board
      1. Gather representatives from the change management team.
      2. Using the examples shown on the previous few slides, work as a group to determine the workflow for a normal change, with particular attention to the following sub-processes:
        1. Request
        2. Assessment
        3. Plan
        4. Approve
        5. Implementation and Post-Implementation Activities
      3. Optionally, you may create variations of the workflow for minor, medium, and major changes (e.g. there will be fewer authorizations for minor changes).
      4. For further documentation, you may choose to run the SIPOC activity for your CAB as outlined on this slide.
      5. Document the resulting workflows in the Change Management Process Library and section 11 of your Change Management SOP.

      Download the Change Management Process Library.

      Identify and convert low-risk normal changes to pre-approved once the process is established

      As your process matures, begin creating a list of normal changes that might qualify for pre-approval. The most potential for value in gains from change management comes from re-engineering and automating of high-volume changes. Pre-approved changes should save you time without threatening the live environment.

      IT should flag changes they would like pre-approved:

      • Once your change management process is firmly established, hold a meeting with all staff that make change requests and build changes.
      • Run a training session detailing the traits of pre-approved changes and ask these individuals to identify changes that might qualify.
      • These changes should be submitted to the Change Manager and reviewed, with the help of the CAB, to decide whether or not they qualify for pre-approval.

      Pre-approved changes are not exempt from due diligence:

      • Once a change is designated as pre-approved, the deployment team should create and compile all relevant documentation:
        • An RFC detailing the change, dependencies, risk, and impact.
        • Detailed procedures and required resources.
        • Implementation and backout plan.
        • Test results.
      • When templating the RFC for pre-approved changes, aim to write the documentation as if another SME were to implement it. This reduces confusion, especially if there’s staff turnover.
      • The CAB must approve, sign off, and keep a record of all documents.
      • Pre-approved changes must still be documented and recorded in the CMDB and change log after each deployment.

      Info-Tech Best Practice

      At the beginning of a change management process, there should be few active pre-approved changes. However, prior to launch, you may have IT flag changes for conversion.

      Example process: Pre-Approved Change Process

      The image shows two horizontal flow charts, the first labelled Pre-Approval of Recurring RFC, and the second labelled Implementation of Child RFC.

      For the full process, refer to the Change Management Process Library.

      Review the pre-approved change list regularly to ensure the list of changes are still low-risk and repeatable.

      IT environments change. Don’t be caught by surprise.

      • Changes which were once low-risk and repeatable may cause unforeseen incidents if they are not reviewed regularly.
      • Dependencies change as the IT environment changes. Ensure that the changes on the pre-approved change list are still low-risk and repeatable, and that the documentation is up to date.
      • If dependencies have changed, then move the change back to the normal category for reassessment. It may be redesignated as a pre-approved change once the documentation is updated.

      Info-Tech Best Practice

      Other reasons for moving a pre-approved change back to the normal category is if the change led to an incident during implementation or if there was an issue during implementation.

      Seek new pre-approved change submissions. → Re-evaluate the pre-approved change list every 4-6 months.

      The image shows a horizontal flow chart, depicting the process for a pre-approved change list review.

      For the full process, refer to the Change Management Process Library.

      2.2.3 Create a Pre-Approved Change Process

      Input

      • Current SOP/workflow library

      Output

      • Pre-approved change process

      Materials

      Participants

      • CIO
      • IT Managers
      • Change Manager
      • Members of the Change Advisory Board
      1. Gather representatives from the change management team.
      2. Using the examples shown on the previous few slides, work as a group to determine the workflow for a pre-approved change, with particular attention to the following sub-processes:
        1. Request
        2. Assessment
        3. Plan
        4. Approve
      3. Document the process of a converting a normal change to pre-approved. Include the steps from flagging a low-risk change to creating the related RFC template.
      4. Document the resulting workflows in the Change Management Process Library and sections 4.2 and 13 of your Change Management SOP.

      Reserve the emergency designation for real emergencies

      • Emergency changes have one of the following triggers:
        • A critical incident is impacting user productivity.
        • An imminent critical incident will impact user productivity.
      • Unless a critical incident is being resolved or prevented, the change should be categorized as normal.
      • An emergency change differs from a normal change in the following key aspects:
        • An emergency change is required to recover from a major outage – there must be a validated service desk critical incident ticket.
        • An urgent business requirement is not an “emergency.”
        • An RFC is created after the change is implemented and the outage is over.
        • A review by the full CAB occurs after the change is implemented.
        • The first responder and/or the person implementing the change may not be the subject matter expert for that system.
      • In all cases, an RFC must be created and the change must be reviewed by the full CAB. The review should occur within two business days of the event.
      Sample ChangeQuick CheckEmergency?
      Install the latest critical patches from the vendor. Are the patches required to resolve or prevent an imminent critical incident? No
      A virus or worm invades the network and a patch is needed to eliminate the threat. Is the patch required to resolve or prevent an imminent critical incident? Yes

      Info-Tech Best Practice

      Change requesters should be made aware that senior management will be informed if an emergency RFC is submitted inappropriately. Emergency requests trigger urgent CAB meetings, are riskier to deploy, and delay other changes waiting in the queue.

      Example process: Emergency Change Process

      The image is a flowchart depicting the process for an emergency change process

      When building your emergency change process, have your E-CAB protocol from activity 2.1.4 handy.

      • Focus on the following requirements for an emergency process:
        • E-CAB protocol and scope: Does the SME need authorization first before working on the change or can the SME proceed if no E-CAB members respond?
        • Documentation and communication to stakeholders and CAB after the emergency change is completed.
        • Input from incident management.

      For the full process, refer to the Change Management Process Library.

      2.2.4 Create an Emergency Change Process

      Input

      • Current SOP/workflow library

      Output

      • Emergency change process

      Materials

      Participants

      • CIO
      • IT Managers
      • Change Manager
      • Members of the Change Advisory Board
      1. Gather representatives from the change management team.
      2. Using the examples shown on the previous few slides, work as a group to determine the workflow for an emergency change, with particular attention to the following sub-processes:
        1. Request
        2. Assessment
        3. Plan
        4. Approve
      3. Ensure that the E-CAB protocol from activity 2.1.4 is considered when building your process.
      4. Document the resulting workflows in the Change Management Process Library and section 12 of your Change Management SOP.

      Case Study (part 2 of 4)

      Intel implemented a robust change management process.

      Industry: Technology

      Source: Daniel Grove, Intel

      Challenge

      Founded in 1968, the world’s largest microchip and semiconductor company employs over 100,000 people. Intel manufactures processors for major players in the PC market including Apple, Lenovo, HP, and Dell.

      Intel IT supports over 65,000 servers, 3.2 petabytes of data, over 70,000 PCs, and 2.6 million emails per day.

      Intel’s change management program is responsible for over 4,000 changes each week.

      Solution

      Intel identified 37 different change processes and 25 change management systems of record with little integration.

      Software and infrastructure groups were also very siloed, and this no doubt contributed to the high number of changes that caused outages.

      The task was simple: standards needed to be put in place and communication had to improve.

      Results

      Once process ownership was assigned and the role of the Change Manager and CAB clarified, it was a simple task to streamline and simplify processes among groups.

      Intel designed a new, unified change management workflow that all groups would adopt.

      Automation was also brought into play to improve how RFCs were generated and submitted.

      Phase 3

      Define the RFC and Post-Implementation Activities

      Define Change Management

      1.1 Assess Maturity

      1.2 Categorize Changes and Build Your Risk Assessment

      Establish Roles and Workflows

      2.1 Determine Roles and Responsibilities

      2.2 Build Core Workflows

      Define the RFC and Post-Implementation Activities

      3.1 Design the RFC

      3.2 Establish Post-Implementation Activities

      Measure, Manage, and Maintain

      4.1 Identify Metrics and Build the Change Calendar

      4.2 Implement the Project

      This phase will guide you through the following activities:

      • Design the RFC
      • Establish Post-Implementation Activities

      This phase involves the following participants:

      • IT Director
      • Infrastructure Manager
      • Change Manager
      • Members of the Change Advisory Board

      Step 3.1

      Design the RFC

      Activities

      3.1.1 Evaluate Your Existing RFC Process

      3.1.2 Build the RFC Form

      Define the RFC and Post-Implementation Activities

      Step 3.1: Design the RFC

      Step 3.2: Establish Post-Implementation Activities

      This step involves the following participants:

      • CIO
      • IT Managers
      • Change Manager
      • Members of the Change Advisory Board

      Outcomes of this step

      • A full RFC template and process that compliments the workflows for the three change categories

      A request for change (RFC) should be submitted for every non-standard change

      An RFC should be submitted through the formal change management practice for every change that is not a standard, pre-approved change (a change which does not require submission to the change management practice).

      • The RFC should contain all the information required to approve a change. Some information will be recorded when the change request is first initiated, but not everything will be known at that time.
      • Further information can be added as the change progresses through its lifecycle.
      • The level of detail that goes into the RFC will vary depending on the type of change, the size, and the likely impact of the change.
      • Other details of the change may be recorded in other documents and referenced in the RFC.

      Info-Tech Insight

      Keep the RFC form simple, especially when first implementing change management, to encourage the adoption of and compliance with the process.

      RFCs should contain the following information, at a minimum:

      1. Contact information for requester
      2. Description of change
      3. References to external documentation
      4. Items to be changed, reason for the change, and impact of both implementing and not implementing the change
      5. Change type and category
      6. Priority and risk assessment
      7. Predicted time frame, resources, and cost
      8. Backout or remediation plan
      9. Proposed approvers
      10. Scheduled implementation time
      11. Communications plan and post-implementation review

      3.1.1 Evaluate Your Existing RFC Process

      Input

      • Current RFC form or stock ITSM RFC
      • Current SOP (if available)

      Output

      • List of changes to the current RFC form and RFC process

      Materials

      Participants

      • IT Director
      • Infrastructure Manager
      • Change Manager
      • Members of the Change Advisory Board
      1. If the organization is already using an RFC form, review it as a group now and discuss its contents:
        • Does this RFC provide adequate information for the Change Manager and/or CAB to review?
        • Should any additional fields be added?
      2. Show the participants Info-Tech’s Request for Change Form Template and compare it to the one the organization is currently using.
      3. As a group, finalize an RFC table of contents that will be used to formalize a new or improved RFC.
      4. Decide which fields should be filled out by the requester before the initial RFC is submitted to the Change Manager:
        • Many sections of the RFC are relevant for change assessment and review. What information does the Change Manager need when they first receive a request?
        • The Change Manager needs enough information to ensure that the change is in scope and has been properly categorized.
      5. Decide how the RFC form should be submitted and reviewed; this can be documented in section 5 of your Change Management SOP.

      Download the Request for Change Form Template.

      Design the RFC to encourage process buy-in

      • When building the RFC, split the form up into sections that follow the normal workflow (e.g. Intake, Assessment and Build, Approval, Implementation/PIR). This way the form walks the requester through what needs to be filled and when.
      • Revisit the form periodically and solicit feedback to continually improve the user experience. If there’s information missing on the RFC that the CAB would like to know, add the fields. If there are sections that are not used or not needed for documentation, remove them.
      • Make sure the user experience surrounding your RFC form is a top priority – make it accessible, otherwise change requesters simply will not use it.
      • Take advantage of your ITSM’s dropdown lists, automated notifications, CMDB integrations, and auto-generated fields to ease the process of filling the RFC

      Draft:

      • Change requester
      • Requested date of deployment
      • Change risk: low/medium/high
      • Risk assessment
      • Description of change
      • Reason for change
      • Change components

      Technical Build:

      • Assess change:
        • Dependencies
        • Business impact
        • SLA impact
        • Required resources
        • Query the CMS
      • Plan and test changes:
        • Test plan
        • Test results
        • Implementation plan
        • Backout plan
        • Backout plan test results

      CAB:

      • Approve and schedule changes:
        • Final CAB review
        • Communications plan

      Complete:

      • Deploy changes:
        • Post-implementation review

      Designing your RFC: RFC draft

      • Change requester – link your change module to the active directory to pull the change requester’s contact information automatically to save time.
      • A requested date of deployment gives approvers information on timeline and can be used to query the change calendar for possible conflicts
      • Information about risk assessment based on impact and likelihood questionnaires are quick to fill out but provide a lot of information to the CAB. The risk assessment may not be complete at the draft stage but can be updated as the change is built. Ensure this field is up-to- date before it reaches CAB.
      • If you have a technical review stage where changes are directed to the proper workflow and resourcing is assessed, the description, reason, and change components are high-level descriptors of the change that will aid in discovery and lining the change up with the business vision (viability from both a technical and business standpoint).
      • Change requester
      • Requested date of deployment
      • Change Risk: low/medium/high
      • Risk assessment
      • Description of change
      • Reason for change
      • Change components

      Use the RFC to point to documentation already gathered in the DevOps lifecycle to cut down on unnecessary manual work while maintaining compliance.

      Designing your RFC: technical build

      • Dependencies and CMDB query, along with the proposed implementation date, are included to aid in calendar deconfliction and change scheduling. If there’s a conflict, it’s easier to reschedule the proposed change early in the lifecycle.
      • Business, SLA impact, and required resources can be tracked to provide the CAB with information on the business resources required. This can also be used to prioritize the change if conflicts arise.
      • Implementation, test, and backout plans must be included and assessed to increase the probability that a change will be implemented without failure. It’s also useful in the case of PIRs to determine root causes of change-related incidents.
      • Assess change:
        • Dependencies
        • Business impact
        • SLA impact
        • Required resources
        • Query the CMS
      • Plan and test changes:
        • Test plan
        • Test results
        • Implementation plan
        • Backout plan
        • Backout plan test results

      Designing your RFC: approval and deployment

      • Documenting approval, rejection, and rescheduling gives the change requester the go-ahead to proceed with the change, rationale on why it was prioritized lower than another change (rescheduled), or rationale on rejection.
      • Communications plans for appropriate stakeholders can also be modified and forwarded to the communications team (e.g. service desk or business system owners) before deployment.
      • Post-implementation activities and reviews can be conducted if need be before a change is closed. The PIR, if filled out, should then be appended to any subsequent changes of the same nature to avoid making the same mistake twice.
      • Approve and schedule changes:
        • Final CAB review
        • Communications plan
      • Deploy changes:
        • Post-implementation review

      Standardize the request for change protocol

      1. Submission Standards
        • Electronic submission will make it easier for CAB members to review the documentation.
        • As the change goes through the assessment, plan, and test phase, new documentation (assessments, backout plans, test results, etc.) can be attached to the digital RFC for review by CAB members prior to the CAB meeting.
        • Change management software won’t be necessary to facilitate the RFC submission and review; a content repository system, such as SharePoint, will suffice.
      2. Designate the first control point
        • All RFCs should be submitted to a single point of contact.
        • Ideally, the Change Manager or Technical Review Board should fill this role.
        • Whoever is tasked with this role needs the subject matter expertise to ensure that the change has been categorized correctly, to reject out-of-scope requests, or to ask that missing information be provided before the RFC moves through the full change management practice.

      Info-Tech Best Practice

      Technical and SME contacts should be noted in each RFC so they can be easily consulted during the RFC review.

      3.1.2 Build the RFC Form

      Input

      • Current RFC form or stock ITSM RFC
      • Current SOP (if available)

      Output

      • List of changes to the current RFC and RFC process

      Materials

      Participants

      • IT Director
      • Infrastructure Manager
      • Change Manager
      • Members of the Change Advisory Board
      1. Use Info-Tech’s Request for Change Form Template as a basis for your RFC form.
      2. Use this template to standardize your change request process and ensure that the appropriate information is documented effectively each time a request is made. The change requester and Change Manager should consolidate all information associated with a given change request in this form. This form will be submitted by the change requester and reviewed by the Change Manager.

      Case Study (part 3 of 4)

      Intel implemented automated RFC form generation.

      Industry: Technology

      Source: Daniel Grove, Intel

      Challenge

      Founded in 1968, the world’s largest microchip and semiconductor company employs over 100,000 people. Intel manufactures processors for major players in the PC market including Apple, Lenovo, HP, and Dell.

      Intel IT supports over 65,000 servers, 3.2 petabytes of data, over 70,000 PCs, and 2.6 million emails per day.

      Intel’s change management program is responsible for over 4,000 changes each week.

      Solution

      One of the crucial factors that was impacting Intel’s change management efficiency was a cumbersome RFC process.

      A lack of RFC usage was contributing to increased ad hoc changes being put through the CAB, and rescheduled changes were quite high.

      Additionally, ad hoc changes were also contributing heavily to unscheduled downtime within the organization.

      Results

      Intel designed and implemented an automated RFC form generator to encourage end users to increase RFC usage.

      As we’ve seen with RFC form design, the UX/UI of the form needs to be top notch, otherwise end users will simply circumvent the process. This will contribute to the problems you are seeking to correct.

      Thanks to increased RFC usage, Intel decreased emergency changes by 50% and reduced change-caused unscheduled downtime by 82%.

      Step 3.2

      Establish Post-Implementation Activities

      Activities

      3.2.1 Determine When the CAB Would Reject Tested Changes

      3.2.2 Create a Post-Implementation Activity Checklist

      Define the RFC and Post-Implementation Activities

      Step 3.1: Design RFC

      Step 3.2: Establish Post-Implementation Activities

      This step involves the following participants:

      • CIO
      • IT Managers
      • Change Manager
      • Members of the Change Advisory Board

      Outcomes of this step

      • A formalized post-implementation process for continual improvement

      Why would the CAB reject a change that has been properly assessed and tested?

      Possible reasons the CAB would reject a change include:

      • The product being changed is approaching its end of life.
      • The change is too costly.
      • The timing of the change conflicts with other changes.
      • There could be compliance issues.
      • The change is actually a project.
      • The risk is too high.
      • There could be regulatory issues.
      • The peripherals (test, backout, communication, and training plans) are incomplete.

      Info-Tech Best Practice

      Many reasons for rejection (listed above) can be caught early on in the process during the technical review or change build portion of the change. The earlier you catch these reasons for rejection, the less wasted effort there will be per change.

      Sample RFCReason for CAP Rejection
      There was a request for an update to a system that a legacy application depends on and only a specific area of the business was aware of the dependency. The CAB rejects it due to the downstream impact.
      There was a request for an update to a non-supported application, and the vendor was asking for a premium support contract that is very costly. It’s too expensive to implement, despite the need for it. The CAB will wait for an upgrade to a new application.
      There was a request to update application functionality to a beta release. The risk outweighs the business benefits.

      Determine When the CAB Would Reject Tested Changes

      Input

      • Current SOP (if available)

      Output

      • List of reasons to reject tested changes

      Materials

      • Whiteboard/flip charts (or shared screen if working remotely)
      • Projector
      • Markers/pens
      • Laptop with ITSM admin access
      • Project Summary Template

      Participants

      • IT Director
      • Infrastructure Manager
      • Change Manager
      • Members of the Change Advisory Board

      Avoid hand-offs to ensure a smooth implementation process

      The implementation phase is the final checkpoint before releasing the new change into your live environment. Once the final checks have been made to the change, it’s paramount that teams work together to transition the change effectively rather than doing an abrupt hand-off. This could cause a potential outage.

      1.

      • Deployment resources identified, allocated, and scheduled
      • Documentation complete
      • Support team trained
      • Users trained
      • Business sign-off
      • Target systems identified and ready to receive changes
      • Target systems available for installation maintenance window scheduled
      • Technical checks:
        • Disk space available
        • Pre-requisites met
        • Components/Services to be updated are stopped
        • All users disconnected
      • Download Info-Tech’sChange Management Pre-Implementation Checklist

      Implement change →

      2.

      1. Verification – once the change has been implemented, verify that all requirements are fulfilled.
      2. Review – ensure that all affected systems and applications are operating as predicted. Update change log.
      3. Transition – a crucial phase of implementation that’s often overlooked. Once the change implementation is complete from a technical point of view, it’s imperative that the team involved with the change inform and train the group responsible for managing the new change.

      Create a backout plan to reduce the risk of a failed change

      Every change process needs to plan for the potential for failure and how to address it effectively. Change management’s solution to this problem is a backout plan.

      A backout plan needs to contain a record of the steps that need to be taken to restore the live environment back to its previous state and maintain business continuity. A good backout plan asks the following questions:

      1. How will failure be determined? Who will make the determination to back out of a change be made and when?
      2. Do we fix on fail or do we rollback to the previous configuration?
      3. Is the service desk aware of the impending change? Do they have proper training?

      Notify the Service Desk

      • Notify the Service Desk about backout plan initiation.

      Disable Access

      • Disable user access to affected system(s).

      Conduct Checks

      • Conduct checks to all affected components.

      Enable User Access

      • Enable user access to affected systems.

      Notify the Service Desk

      • Notify the service desk that the backout plan was successful.

      Info-Tech Best Practice

      As part of the backout plan, consider the turnback point in the change window. That is, the point within the change window where you still have time to fully back out of the change.

      Ensure the following post-implementation review activities are completed

      Service Catalog

      Update the service catalog with new information as a result of the implemented change.

      CMDB

      Update new dependencies present as a result of the new change.

      Asset DB

      Add notes about any assets newly affected by changes.

      Architecture Map

      Update your map based on the new change.

      Technical Documentation

      Update your technical documentation to reflect the changes present because of the new change.

      Training Documentation

      Update your training documentation to reflect any information about how users interact with the change.

      Use a post-implementation review process to promote continual improvement

      The post-implementation review (PIR) is the most neglected change management activity.

      • All changes should be reviewed to understand the reason behind them, appropriateness, and recommendations for next steps.
      • The Change Manager manages the completion of information PIRs and invites RFC originators to present their findings and document the lessons learned.

      Info-Tech Best Practice

      Review PIR reports at CAB meetings to highlight the root causes of issues, action items to close identified gaps, and back-up documentation required. Attach the PIR report to the relevant RFC to prevent similar changes from facing the same issues in the future.

      1. Why do a post-implementation review?
        • Changes that don’t fail but don’t perform well are rarely reviewed.
        • Changes may fail subtly and still need review.
        • Changes that cause serious failures (i.e. unplanned downtime) receive analysis that is unnecessarily in-depth.
      2. What are the benefits?
        • A proactive, post-implementation review actually uses less resources than reactionary change reviews.
        • Root-cause analysis of failed changes, no matter what the impact.
        • Insight into changes that took longer than projected.
        • Identification of previously unidentified risks affecting changes.

      Determine the strategy for your PIR to establish a standardized process

      Capture the details of your PIR process in a table similar to the one below.

      Frequency Part of weekly review (IT team meeting)
      Participants
      • Change Manager
      • Originator
      • SME/supervisor/impacted team(s)

      Categories under review

      Current deviations and action items from previous PIR:

      • Complete
      • Partially complete
      • Complete, late
      • Change failed, rollback succeeded
      • Change failed, rollback failed
      • Major deviation from implementation plan
      Output
      • Root cause or failure or deviation
      • External factors
      • Remediation focus areas
      • Remediation timeline (follow-up at appropriate time)
      Controls
      • Reviewed at next CAB meeting
      • RFC close is dependent on completion of PIR
      • Share with the rest of the technical team
      • Lessons learned stored in the knowledgebase and attached to RFC for easy search of past issues.

      3.2.2 Create a Post-Implementation Activity Checklist

      Input

      • Current SOP (if available)

      Output

      • List of reasons to reject tested changes

      Materials

      Participants

      • CIO
      • IT Managers
      • Change Manager
      • Members of the Change Advisory Board
      1. Gather representatives from the change management team.
      2. Brainstorm duties to perform following the deployment of a change. Below is a sample list:
        • Example:
          • Was the deployment successful?
            • If no, was the backout plan executed successfully?
          • List change-related incidents
          • Change assessment
            • Missed dependencies
            • Inaccurate business impact
            • Incorrect SLA impact
            • Inaccurate resources
              • Time
              • Staff
              • Hardware
          • System testing
          • Integration testing
          • User acceptance testing
          • No backout plan
          • Backout plan failure
          • Deployment issues
      3. Record your results in the Change Management Post-Implementation Checklist.

      Download the Change Management Post-Implementation Checklist

      Case Study

      Microsoft used post-implementation review activities to mitigate the risk of a critical Azure outage.

      Industry: Technology

      Source: Jason Zander, Microsoft

      Challenge

      In November 2014, Microsoft deployed a change intended to improve Azure storage performance by reducing CPU footprint of the Azure Table Front-Ends.

      The deployment method was an incremental approach called “flighting,” where software and configuration deployments are deployed incrementally to Azure infrastructure in small batches.

      Unfortunately, this software deployment caused a service interruption in multiple regions.

      Solution

      Before the software was deployed, Microsoft engineers followed proper protocol by testing the proposed update. All test results pointed to a successful implementation.

      Unfortunately, engineers pushed the change out to the entire infrastructure instead of adhering to the traditional flighting protocol.

      Additionally, the configuration switch was incorrectly enabled for the Azure Blob storage Front-Ends.

      A combination of the two mistakes exposed a bug that caused the outage.

      Results

      Thankfully, Microsoft had a backout plan. Within 30 minutes, the change was rolled back on a global scale.

      It was determined that policy enforcement was not integrated across the deployment system. An update to the system shifted the process of policy enforcement from human-based decisions and protocol to automation via the deployment platform.

      Defined PIR activities enabled Microsoft to take swift action against the outage and mitigate the risk of a serious outage.

      Phase 4

      Measure, Manage, and Maintain

      Define Change Management

      1.1 Assess Maturity

      1.2 Categorize Changes and Build Risk Assessment

      Establish Roles and Workflows

      2.1 Determine Roles and Responsibilities

      2.2 Build Core Workflows

      Define RFC and Post-Implementation Activities

      3.1 Design RFC

      3.2 Establish post-implementation activities

      Measure, Manage, and Maintain

      4.1 Identify Metrics and Build the Change Calendar

      4.2 Implement the Project

      This phase will guide you through the following activities:

      • Identify Metrics and Build the Change Calendar
      • Implement the Project

      This phase involves the following participants:

      • CIO/IT Director
      • IT Managers
      • Change Manager

      Step 4.1

      Identify Metrics and Build the Change Calendar

      Activities

      4.1.1 Create an Outline for Your Change Calendar

      4.1.2 Determine Metrics, Key Performance Indicators (KPIs), and Critical Success Factors (CSFs)

      4.1.3 Track and Record Metrics Using the Change Management Metrics Tool

      Measure, Manage, and Maintain

      Step 4.1: Identify Metrics and Build the Change Calendar

      Step 4.2: Implement the Project

      This step involves the following participants:

      • CIO/IT Director
      • IT Managers
      • Change Manager

      Outcomes of this step

      • Clear definitions of change calendar content
      • Guidelines for change calendar scheduling
      • Defined metrics to measure the success of change management with associated reports, KPIs, and CSFs

      Enforce a standard method of prioritizing and scheduling changes

      The impact of not deploying the change and the benefit of deploying it should determine its priority.

      Risk of Not Deploying

      • What is the urgency of the change?
      • What is the risk to the organization if the change is not deployed right away?
      • Will there be any lost productivity, service disruptions, or missed critical business opportunities?
        • Timing
          • Does the proposed timing work with the approved changes already on the change schedule?
          • Has the change been clash checked so there are no potential conflicts over services or resources?
        • Once prioritized, a final deployment date should be set by the CAB. Check the change calendar first to avoid conflicts.

      Positive Impact of Deployment

      • What benefits will be realized once the change is deployed?
      • How significant is the opportunity that triggered the change?
      • Will the change lead to a positive business outcome (e.g. increased sales)?

      “The one who has more clout or authority is usually the one who gets changes scheduled in the time frame they desire, but you should really be evaluating the impact to the organization. We looked at the risk to the business of not doing the change, and that’s a good way of determining the criticality and urgency of that change.” – Joseph Sgandurra, Director, Service Delivery, Navantis

      Info-Tech Insight

      Avoid a culture where powerful stakeholders are able to push change deployment on an ad hoc basis. Give the CAB the full authority to make approval decisions based on urgency, impact, cost, and availability of resources.

      Develop a change schedule to formalize the planning process

      A change calendar will help the CAB schedule changes more effectively and increase visibility into upcoming changes across the organization.

      1. Establish change windows in a consistent change schedule:
        • Compile a list of business units that would benefit from a change.
        • Look for conflicts in the change schedule.
        • Avoid scheduling two or more major business units in a day.
        • Consider clients when building your change windows and change schedule.
      2. Gain commitments from key participants:
        • These individuals can confirm if there are any unusual or cyclical business requirements that will impact the schedule.
      3. Properly control your change calendar to improve change efficiency:
        • Look at the proposed start and end times: Are they sensible? Does the implementation window leave time for anything going wrong or needing to roll back the change?
        • Special considerations: Are there special circumstances that need to be considered? Ask the business if you don’t know.
        • The key principle is to have a sufficient window available for implementing changes so you only need to set up calendar freezes for sound business or technical reasons.

      Our mantra is to put it on the calendar. Even if it’s a preapproved change and doesn’t need a vote, having it on the calendar helps with visibility. The calendar is the one-stop shop for scheduling and identifying change dependencies.“ – Wil Clark, Director of Service and Performance Management, University of North Texas Systems

      Provide clear definitions of what goes on the change calendar and who’s responsible

      Roles

      • The Change Manager will be responsible for creating and maintaining a change calendar.
      • Only the Change Manager can physically alter the calendar by adding a new change after the CAB has agreed upon a deployment date.
      • All other CAB members, IT support staff, and other impacted stakeholders should have access to the calendar on a read-only basis to prevent people from making unauthorized changes to deployment dates.

      Inputs

      • Freeze periods for individual business departments/applications (e.g. finance month-end periods, HR payroll cycle, etc. – all to be investigated).
      • Maintenance windows and planned outage periods.
      • Project schedules, and upcoming major/medium changes.
      • Holidays.
      • Business hours (some departments work 9-5, others work different hours or in different time zones, and user acceptance testing may require business users to be available).

      Guidelines

      • Business-defined freeze periods are the top priority.
      • No major or medium normal changes should occur during the week between Christmas and New Year’s Day.
      • Vendor SLA support hours are the preferred time for implementing changes.
      • The vacation calendar for IT will be considered for major changes.
      • Change priority: High > Medium > Low.
      • Minor changes and preapproved changes have the same priority and will be decided on a case-by-case basis.

      The change calendar is a critical pre-requisite to change management in DevOps. Use the calendar to be proactive with proposed implementation dates and deconfliction before the change is finished.

      4.1.1 Create Guidelines for Your Change Calendar

      Input

      • Current change calendar guidelines

      Output

      • Change calendar inputs and schedule checklist

      Materials

      Participants

      • Change Manager
      • Members of the Change Advisory Board
      • Service Desk Manager
      • Operations (optional)
      1. Gather representatives from the change management team.
        • Example:
          • The change calendar/schedule includes:
            • Approved and scheduled normal changes.
            • Scheduled project work.
            • Scheduled maintenance windows.
            • Change freeze periods with affected users noted:
              • Daily/weekly freeze periods.
              • Monthly freeze periods.
              • Annual freeze periods.
              • Other critical business events.
      2. Create a checklist to run through before each change is scheduled:
        • Check the schedule and assess resource availability:
          • Will user productivity be impacted?
          • Are there available resources (people and systems) to implement the change?
          • Is the vendor available? Is there a significant cost attached to pushing change deployment before the regularly scheduled refresh?
          • Are there dependencies? Does the deployment of one change depend on the earlier deployment of another?
      3. Record your results in your Project Summary Template.

      Start measuring the success of your change management project using three key metrics

      Number of change-related incidents that occur each month

      • Each month, record the number of incidents that can be directly linked to a change. This can be done using an ITSM tool or manually by service desk staff.
      • This is a key success metric: if you are not tracking change-related incidents yet, start doing so as soon as possible. This is the metric that the CIO and business stakeholders will be most interested in because it impacts users directly.

      Number of unauthorized changes applied each month

      • Each month, record the number of changes applied without approval. This is the best way to measure adherence to the process.
      • If this number decreases, it demonstrates a reduction in risk, as more changes are formally assessed and approved before being deployed.

      Percentage of emergency changes

      • Each month, compare the number of emergency change requests to the total number of change requests.
      • Change requesters often designate changes as emergencies as a way of bypassing the process.
      • A reduction in emergency changes demonstrates that your process is operating smoothly and reduces the risk of deploying changes that have not been properly tested.

      Info-Tech Insight

      Start simple. Metrics can be difficult to tackle if you’re starting from scratch. While implementing your change management practice, use these three metrics as a starting point, since they correlate well with the success of change management overall. The following few slides provide more insight into creating metrics for your change process.

      If you want more insight into your change process, measure the progress of each step in change management with metrics

      Improve

      • Number of repeat failures (i.e. making the same mistake twice)
      • Number of changes converted to pre-approved
      • Number of changes converted from pre-approved back to normal

      Request

      • What percentage of change requests have errors or lack appropriate support?
      • What percentage of change requests are actually projects, service requests, or operational tasks?
      • What percentage of changes have been requested before (i.e. documented)?

      Assess

      • What percentage of change requests are out of scope?
      • What percentage of changes have been requested before (i.e. documented)?
      • What are the percentages of changes by category (normal, pre-approved, emergency)?

      Plan

      • What percentage of change requests are reviewed by the CAB that should have been pre-approved or emergency (i.e. what percentage of changes are in the wrong category)?

      Approve

      • Number of changes broken down by department (business unit/IT department to be used in making core/optional CAB membership more efficient)
      • Number of workflows that can be automated

      Implement

      • Number of changes completed on schedule
      • Number of changes rolled back
      • What percentage of changes caused an incident?

      Use metrics to inform project KPIs and CSFs

      Leverage the metrics from the last slide and convert them to data communicable to IT, management, and leadership

      • To provide value, metrics and measurements must be actionable. What actions can be taken as a result of the data being presented?
      • If the metrics are not actionable, there is no value and you should question the use of the metric.
      • Data points in isolation are mostly meaningless to inform action. Observe trends in your metrics to inform your decisions.
      • Using a framework to develop measurements and metrics provides a defined methodology that enables a mapping of base measurements through CSFs.
      • Establishing the relationship increases the value that measurements provide.

      Purposely use SDLC and change lifecycle metrics to find bottlenecks and automation candidates.

      Metrics:

      Metrics are easily measured datapoints that can be pulled from your change management tool. Examples: Number of changes implemented, number of changes without incident.

      KPIs:

      Key Performance Indicators are metrics presented in a way that is easily digestible by stakeholders in IT. Examples: Change efficiency, quality of changes.

      CSFs:

      Critical Success Factors are measures of the business success of change management taken by correlating the CSF with multiple KPIs. Examples: consistent and efficient change management process, a change process mapped to business needs

      List in-scope metrics and reports and align them to benefits

      Metric/Report (by team)Benefit
      Total number of RFCs and percentages by category (pre-approved, normal, emergency, escalated support, expedited)
      • Understand change management activity
      • Tracking maturity growth
      • Identifying “hot spots”
      Pre-approved change list (and additions/removals from the list) Workload and process streamlining (i.e. reduce “red tape” wherever possible)
      Average time between RFC lifecycle stages (by service/application) Advance planning for proposed changes
      Number of changes by service/application/hardware class
      • Identifying weaknesses in the architecture
      • Vendor-specific TCO calculations
      Change triggers Business- vs. IT-initiated change
      Number of RFCs by lifecycle stage Workload planning
      List of incidents related to changes Visible failures of the CM process
      Percentage of RFCs with a tested backout/validation plan Completeness of change planning
      List of expedited changes Spotlighting poor planning and reducing the need for this category going forward (“The Hall of Shame”)
      CAB approval rate Change coordinator alignment with CAB priorities – low approval rate indicates need to tighten gatekeeping by the change coordinator
      Calendar of changes Planning

      4.1.2 Determine Metrics, Key Performance Indicators (KPIs), and Critical Success Factors (CSFs)

      Input

      • Current metrics

      Output

      • List of trackable metrics, KPIs and CSFs

      Materials

      Participants

      • Change Manager
      • Members of the Change Advisory Board
      • Service Desk Manager
      • Operations (optional)
      1. Draw three tables for metrics, KPIs, and CSFs.
      2. Starting with the CSF table, fill in all relevant CSFs that your group wishes to track and measure.
      3. Next, work to determine relevant KPIs correlated with the CSFs and metrics needed to measure the KPIs. Use the tables included below (taken from section 14 of the Change Management SOP) to guide the process.
      4. Record the results in the tables in section 14 of your Change Management SOP.
      5. Decide on where and when to review the metrics to discuss your change management strategy. Designate and owner and record in the RACI and Communications section of your Change Management SOP.
      Ref #Metric

      M1

      		 Number of changes implemented for a time period
      M2 Number of changes successfully implemented for a time period
      M3 Number of changes implemented causing incidents
      M4 Number of accepted known errors when change is implemented
      M5 Total days for a change build (specific to each change)
      M6 Number of changes rescheduled
      M7 Number of training questions received following a change
      Ref#KPIProduct
      K1 Successful changes for a period of time (approach 100%) M2 / M1 x 100%
      K2 Changes causing incidents (approach 0%) M3 / M1 x 100%
      K3 Average days to implement a change ΣM5 / M1
      K4 Change efficiency (approach 100%) [1 - (M6 / M1)] x 100%
      K5 Quality of changes being implemented (approach 100%) [1 - (M4 / M1)] x 100%
      K6 Change training efficiency (approach 100%) [1 - (M7 / M1)] x 100%
      Ref#CSFIndicator
      C1 Successful change management process producing quality changes K1, K5
      C2 Consistent efficient change process K4, K6
      C3 Change process maps to business needs K5, K6

      Measure changes in selected metrics to evaluate success

      Once you have implemented a standardized change management practice, your team’s goal should be to improve the process, year over year.

      • After a process change has been implemented, it’s important to regularly monitor and evaluate the CSFs, KPIs, and metrics you chose to evaluate. Examine whether the process change you implemented has actually resolved the issue or achieved the goal of the critical success factor.
      • Establish a schedule for regularly reviewing the key metrics. Assess changes in those metrics and determine progress toward reaching objectives.
      • In addition to reviewing CSFs, KPIs, and metrics, check in with the release management team and end users to measure their perceptions of the change management process once an appropriate amount of time has passed.
      • Ensure that metrics are telling the whole story and that reporting is honest in order to be informative.

      Outcomes of standardizing change management should include:

      1. Improved efficiency, effectiveness, and quality of changes.
      2. Changes and processes are more aligned with the business needs and strategy.
      3. Improved maturity of change processes.

      Info-Tech Best Practice

      Make sure you’re measuring the right things and considering all sources of information. It’s very easy to put yourself in a position where you’re congratulating yourselves for improving on a specific metric such as number of releases per month, but satisfaction remains low.

      4.1.3 Track and Record Metrics Using the Change Management Metrics Tool

      Input

      • Current metrics

      Output

      • List of trackable metrics, KPIs and CSFs to be observed over the length of a year

      Materials

      Participants

      • Change Manager
      • Members of the Change Advisory Board
      • Service Desk Manager
      • Operations (optional)

      Tracking the progress of metrics is paramount to the success of any change management process. Use Info-Tech’s Change Management Metrics Tool to record metrics and track your progress. This tool is intended to be a substitute for organizations who do not have the capability to track change-related metrics in their ITSM tool.

      1. Input metrics from the previous activity to track over the course of a year.
      2. To record your metrics, open the tool and go to tab 2. The tool is currently primed to record and track five metrics. If you need more than that, you can edit the list in the hidden calculations tab.
      3. To see the progress of your metrics, move to tab 3 to view a dashboard of all metrics in the tool.

      Download the Change Management Metrics Tool

      Case Study

      A federal credit union was able to track maturity growth through the proper use of metrics.

      Industry: Federal Credit Union (anonymous)

      Source: Info-Tech Workshop

      Challenge

      At this federal credit union, the VP of IT wanted a tight set of metrics to engage with the business, communicate within IT, enable performance management of staff, and provide visibility into workload demands, among other requirements.

      The organization was suffering from “metrics fatigue,” with multiple reports being generated from all groups within IT, to the point that weekly/monthly reports were being seen as spam.

      Solution

      Stakeholders were provided with an overview of change management benefits and were asked to identify one key attribute that would be useful to their specific needs.

      Metrics were designed around the stakeholder needs, piloted with each stakeholder group, fine-tuned, and rolled out.

      Some metrics could not be automated off-the-shelf and were rolled out in a manual fashion. These metrics were subsequently automated and finally made available through a dashboard.

      Results

      The business received clear guidance regarding estimated times to implement changes across different elements of the environment.

      The IT managers were able to plan team workloads with visibility into upstream change activity.

      Architects were able to identify vendors and systems that were the leading source of instability.

      The VP of IT was able to track the maturity growth of the change management process and proactively engage with the business on identified hot spots.

      Step 4.2

      Implement the Project

      Activities

      4.2.1 Use a Communications Plan to Gain End User Buy-In

      4.2.2 Create a Project Roadmap to Track Your Implementation Progress

      Measure, Manage, and Maintain

      Step 4.1: Identify Metrics and Build the Change Calendar

      Step 3.2: Implement the Project

      This step involves the following participants:

      • CIO/IT Director
      • IT Managers
      • Change Manager

      Outcomes of this step

      • A communications plan for key messages to communicate to relevant stakeholders and audiences
      • A roadmap with assigned action items to implement change management

      Success of the new process will depend on introducing change and gaining acceptance

      Change management provides value by promptly evaluating and delivering changes required by the business and by minimizing disruption and rework caused by failed changes. Communication of your new change management process is key. If people do not understand the what and why, it will fail to provide the desired value.

      Info-Tech Best Practice

      Gather feedback from end users about the new process: if the process is too bureaucratic, end users are more likely to circumvent it.

      Main Challenges with Communication

      • Many people fail before they even start because they are buried in a mess created before they arrived – either because of a failed attempt to get change management implemented or due to a complicated system that has always existed.
      • Many systems are maintained because “that’s the way it’s always been done.”
      • Organizations don’t know where to start; they think change management is too complex a process.
      • Each group needs to follow the same procedure – groups often have their own processes, but if they don’t agree with one another, this could cause an outage.

      Educate affected stakeholders to prepare for organizational change

      An organizational change management plan should be part of your change management project.

      • Educate stakeholders about:
        • The process change (describe it in a way that the user can understand and is clear and concise).
          • IT changes will be handled in a standardized and repeatable fashion to minimize change-related incidents.
        • Who is impacted?
          • All users.
        • How are they impacted?
          • All change requests will be made using a standard form and will not be deployed until formal approval is received.
        • Change messaging.
          • How to communicate the change (benefits).
        • Learning and development – training your users on the change.
          • Develop and deliver training session on the Change Management SOP to familiarize users with this new method of handling IT change.

      Host a lunch-and-learn session

      • For the initial deployment, host a lunch-and-learn session to educate the business on the change management practice. Relevant stakeholders of affected departments should host it and cover the following topics:
      • What is change management (change management/change control)?
      • The value of change management.
      • What the Change Management SOP looks like.
      • Who is involved in the change management process (the CAB, etc.)?
      • What constitutes a pre-approved change and an emergency change?
      • An overview of the process, including how to avoid unauthorized changes.
      • Who should they contact in case of questions?

      Communicate the new process to all affected stakeholders

      Do not surprise users or support staff with changes. This will result in lost productivity and low satisfaction with IT services.

      • User groups and the business need to be given sufficient notice of an impending change.
      • This will allow them to make appropriate plans to accept the change, minimizing the impact of the change on productivity.
      • A communications plan will be documented in the RFC while the release is being built and tested.
      • It’s the responsibility of the change team to execute on the communications plan.

      Info-Tech Insight

      The success of change communication can be measured by monitoring the number of service desk tickets related to a change that was not communicated to users.

      Communication is crucial to the integration and overall implementation of your change management initiative. An effective communications plan will:

      • Gain support from management at the project proposal phase.
      • Create end-user buy-in once the program is set to launch.
      • Maintain the presence of the program throughout the business.
      • Instill ownership throughout the business from top-level management to new hires.

      Create your communications plan to anticipate challenges, remove obstacles, and ensure buy-in

      Management

      Technicians

      Business Stakeholders

      Provide separate communications to key stakeholder groups

      Why? What problems are you trying to solve?

      What? What processes will it affect (that will affect me)?

      Who? Who will be affected? Who do I go to if I have issues with the new process?

      When? When will this be happening? When will it affect me?

      How? How will these changes manifest themselves?

      Goal? What is the final goal? How will it benefit me?

      Info-Tech Insight

      Pay close attention to the medium of communication. For example, stakeholders on their feet all day would not be as receptive to an email communication compared to those who primarily work in front of a computer. Put yourself into various stakeholders’ shoes to craft a tailored communication of change management.

      4.2.1 Use a Communications Plan to Gain End User Buy-In

      Input

      • List of stakeholder groups for change management

      Output

      • Tailored communications plans for various stakeholder groups

      Materials

      Participants

      • Change Manager
      • Members of the Change Advisory Board
      • Service Desk Manager
      • Operations (optional)
      1. Using Info-Tech’s Change Management Communications Plan, identify key audiences or stakeholder groups that will be affected by the new change management practice.
      2. For each group requiring a communications plan, identify the following:
        • The benefits for that group of individuals.
        • The impact the change will have on them.
        • The best communication method(s) for them.
        • The time frame of the communication.
      3. Complete this information in a table like the one below:
      GroupBenefitsImpactMethodTimeline
      IT Standardized change process All changes must be reviewed and approved Poster campaign 6 months
      End Users Decreased wait time for changes Formal process for RFCs Lunch-and-learn sessions 3 months
      Business Reduced outages Increased involvement in planning and approvals Monthly reports 1 year
      1. Discuss the communications plan:
        • Will this plan ensure that users are given adequate opportunities to accept the changes being deployed?
        • Is the message appropriate for each audience? Is the format appropriate for each audience?
        • Does the communication include training where necessary to help users adopt any new functions/workflows being introduced?

      Download the Change Management Communications Plan

      Present your SOP to key stakeholders and obtain their approval

      Now that you have completed your Change Management SOP, the final step is to get sign-off from senior management to begin the rollout process.

      Know your audience:

      • Determine the service management stakeholders who will be included in the audience for your presentation.
      • You want your presentation to be succinct and hard hitting. Management’s time is tight and they will lose interest if you drag out the delivery.
      • Briefly speak about the need for more formal change management and emphasize the benefits of implementing a more formal process with a SOP.
      • Present your current state assessment results to provide context before presenting the SOP itself.
      • As with any other foundational activity, be prepared with some quick wins to gain executive attention.
      • Be prepared to review with both technical and less technical stakeholders.

      Info-Tech Insight

      The support of senior executive stakeholders is critical to the success of your SOP rollout. Try to wow them with project benefits and make sure they know about the risks/pain points.

      Download the Change Management Project Summary Template

      4.2.2 Create a Project Roadmap to Track Your Implementation Progress

      Input

      • List of implementation tasks

      Output

      • Roadmap and timeline for change management implementation

      Materials

      Participants

      • Change Manager
      • Members of the Change Advisory Board
      • Service Desk Manager
      • Operations (optional)
      1. Info-Tech’s Change Management Roadmap Tool helps you identify and prioritize tasks that need to be completed for the change management implementation project.
      2. Use this tool to identify each action item that will need to be completed as part of the change management initiative. Chart each action item, assign an owner, define the duration, and set a completion date.
      3. Use the resulting rocket diagram as a guide to task completion as you work toward your future state.

      Download the Change Management Roadmap Tool

      Case Study (part 4 of 4)

      Intel implemented a robust change management process.

      Industry: Technology

      Source: Daniel Grove, Intel

      Challenge

      Founded in 1968, the world’s largest microchip and semiconductor company employs over 100,000 people. Intel manufactures processors for major players in the PC market including Apple, Lenovo, HP, and Dell.

      Intel IT supports over 65,000 servers, 3.2 petabytes of data, over 70,000 PCs, and 2.6 million emails per day.

      Intel’s change management program is responsible for over 4,000 changes each week.

      Solution

      Intel had its new change management program in place and the early milestones planned, but one key challenge with any new project is communication.

      The company also needed to navigate the simplification of a previously complex process; end users could be familiar with any of the 37 different change processes or 25 different change management systems of record.

      Top-level buy-in was another concern.

      Results

      Intel first communicated the process changes by publishing the vision and strategy for the project with top management sponsorship.

      The CIO published all of the new change policies, which were supported by the Change Governance Council.

      Intel cited the reason for success as the designation of a Policy and Guidance Council – a group designed to own communication and enforcement of the new policies and processes put in place.

      Summary of Accomplishment

      Problem Solved

      You now have an outline of your new change management process. The hard work starts now for an effective implementation. Make use of the communications plan to socialize the new process with stakeholders and the roadmap to stay on track.

      Remember as you are starting your implementation to keep your documents flexible and treat them as “living documents.” You will likely need to tweak and refine the processware and templates several times to continually improve the process. Furthermore, don’t shy away from seeking feedback from your stakeholders to gain buy-in.

      Lastly, keep an eye on your progress with objective, data-driven metrics. Leverage the trends in your data to drive your decisions. Be sure to revisit the maturity assessment not only to measure and visualize your progress, but to gain insight into your next steps.

      If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

      Contact your account representative for more information.

      workshops@infotech.com

      1-888-670-8889

      Additional Support

      If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

      To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.

      Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic office in Toronto, Ontario, Canada to participate in an innovative onsite workshop.

      Contact your account representative for more information.

      workshops@infotech.com 1-888-670-8889

      The following are sample activities that will be conducted by Info-Tech analysts with your team:

      1.1.2 Complete a Change Management Maturity Assessment

      Run through the change management maturity assessment with tailored commentary for each action item outlining context and best practices.

      2.2.1 Plot the Process for a Normal Change

      Build a normal change process using Info-Tech’s Change Management Process Library template with an analyst helping you to right size the process for your organization.

      Related Info-Tech Research

      Standardize the Service Desk

      Improve customer service by driving consistency in your support approach and meeting SLAs.

      Stabilize Release and Deployment Management

      Maintain both speed and control while improving the quality of deployments and releases within the infrastructure team.

      Incident and Problem Management

      Don’t let persistent problems govern your department.

      Select Bibliography

      AXELOS Limited. ITIL Foundation: ITIL 4th edition. TSO, 2019, pp. 118–120.

      Behr, Kevin and George Spafford. The Visible Ops Handbook: Implementing ITIL in 4 Practical and Auditable Steps. IT Revolution Press. 2013.

      BMC. “ITIL Change Management.” BMC Software Canada, 22 December 2016.

      Brown, Vance. “Change Management: The Greatest ROI of ITIL.” Cherwell Service Management.

      Cisco. “Change Management: Best Practices.” Cisco, 10 March 2008.

      Grove, Daniel. “Case Study ITIL Change Management Intel Corporation.” PowerShow, 2005.

      ISACA. “COBIT 5: Enabling Processes.” ISACA, 2012.

      Jantti, M. and M. Kainulainen. “Exploring an IT Service Change Management Process: A Case Study.” ICDS 2011: The Fifth International Conference on Digital Society, 23 Feb. 2011.

      Murphy, Vawns. “How to Assess Changes.” The ITSM Review, 29 Jan. 2016.

      Nyo, Isabel. “Best Practices for Change Management in the Age of DevOps.” Atlassian Engineering, 12 May 2021.

      Phillips, Katherine W., Katie A. Liljenquist, and Margaret A. Neale. “Better Decisions Through Diversity.” Kellogg Insight, 1 Oct. 2010.

      Pink Elephant. “Best Practices for Change Management.” Pink Elephant, 2005.

      Sharwood, Simon. “Google broke its own cloud by doing two updates at once.” The Register, 24 Aug. 2016.

      SolarWinds. “How to Eliminate the No: 1 Cause of Network Downtime.” SolarWinds Tech Tips, 25 Apr. 2014.

      The Stationery Office. “ITIL Service Transition: 2011.” The Stationary Office, 29 July 2011.

      UCISA. “ITIL – A Guide to Change Management.” UCISA.

      Zander, Jason. “Final Root Cause Analysis and Improvement Areas: Nov 18 Azure Storage Service Interruption.” Microsoft Azure: Blog and Updates, 17 Dec. 2014.

      Appendix I: Expedited Changes

      Employ the expedited change to promote process adherence

      In many organizations, there are changes which may not fit into the three prescribed categories. The reason behind why the expedited category may be needed generally falls between two possibilities:

      1. External drivers dictate changes via mandates which may not fall within the normal change cycle. A CIO, judge, state/provincial mandate, or request from shared services pushes a change that does not fall within a normal change cycle. However, there is no imminent outage (therefore it is not an emergency). In this case, an expedited change can proceed. Communicate to the change requester that IT and the change build team will still do their best to implement the change without issue, but any extra risk of implementing this expedited change (compared to an normal change) will be absorbed by the change requester.
      2. The change requester did not prepare for the change adequately. This is common if a new change process is being established (and stakeholders are still adapting to the process). Change requesters or the change build team may request the change to be done by a certain date that does not fall within the normal change cycle, or they simply did not give the CAB enough time to vet the change. In this case, you may use the expedited category as a metric (or a “Hall of Shame” example). If you identify a department or individual that frequently request expedited changes, use the expedited category as a means to educate them about the normal change to discourage the behavior moving forward.

      Two possible ways to build an expedited change category”

      1. Build the category similar to an emergency change. In this case, one difference would be the time allotted to fully obtain authorization of the change from the E-CAB and business owner before implementing the change (as opposed to the emergency change workflow).
      2. Have the expedited change reflect the normal change workflow. In this case, all the same steps of the normal change workflow are followed except for expedited timelines between processes. This may include holding an impromptu CAB meeting to authorize the change.

      Example process: Expedited Change Process

      The image is a flowchart, showing the process for Expedited Change.

      For the full process, refer to the Change Management Process Library.

      Appendix II: Optimize IT Change Management in a DevOps Environment

      Change Management cannot be ignored because you are DevOps or Agile

      But it can be right-sized.

      The core tenets of change management still apply no matter the type of development environment an organization has. Changes in any environment carry risk of degrading functionality, and must therefore be vetted. However, the amount of work and rigor put into different stages of the change life cycle can be altered depending on the maturity of the development workflows. The following are several stage gates for change management that MUST be considered if you are a DevOps or Agile shop:

      • Intake assessment (separation of changes from projects, service requests, operational tasks)
        • Within a DevOps or Agile environment, many of the application changes will come directly from the SDLC and projects going live. It does not mean a change must go through CAB, but leveraging the pre-approved category allows for an organization to stick to development lifecycles without being heavily bogged down by change bureaucracy.
      • Technical review
        • Leveraging automation, release contingencies, and the current SDLC documentation to decrease change risk allows for various changes to be designated as pre-approved.
      • Authorization
        • Define the authorization and dependencies of a change early in the lifecycle to gain authorization and necessary signoffs.
      • Documentation/communication
        • Documentation and communication are post-implementation activities that cannot be ignored. If documentation is required throughout the SDLC, then design the RFC to point to the correct documentation instead of duplicating information.

      "Understand that process is hard and finding a solution that fits every need can be tricky. With this change management process we do not try to solve every corner case so much as create a framework by which best judgement can be used to ensure maximum availability of our platforms and services while still complying with our regulatory requirements and making positive changes that will delight our customers.“ -IT Director, Information Cybersecurity Organization

      Five principals for implementing change in DevOps

      Follow these best practices to make sure your requirements are solid:

      People

      The core differences between an Agile or DevOps transition and a traditional approach are the restructuring and the team behind it. As a result, the stakeholders of change management must be onboard for the process to work. This is the most difficult problem to solve if it’s an issue, but open avenues of feedback for a process build is a start.

      DevOps Lifecycles

      • Plan the dev lifecycle so people can’t skirt it. Ensure the process has automated checks so that it’s more work to skirt the system than it is to follow it. Make the right process the process of least resistance.
      • Plan changes from the start to ensure that cross-dependencies are identified early and that the proposed implementation date is deconflicted and visible to other change requesters and change stakeholders.

      Automation

      Automation comes in many forms and is well documented in many development workflows. Having automated signoffs for QA/security checks and stakeholders/cross dependency owner sign offs may not fully replace the CAB but can ease the burden on discussions before implementation.

      Contingencies

      Canary releases, phased releases, dark releases, and toggles are all options you can employ to reduce risk during a release. Furthermore, building in contingencies to the test/rollback plan decreases the risk of the change by decreasing the factor of likelihood.

      Continually Improve

      Building change from the ground up doesn’t meant the process has to be fully fledged before launch. Iterative improvements are possible before achieving an optimal state. Having the proper metrics on the pain points and bottlenecks in the process can identify areas for automation and improvement.

      Increasing the proportion of pre-approved changes

      Leverage the traditional change infrastructure to deploy changes quickly while keeping your risk low.

      • To designate a change as a pre-approved change it must have a low risk rating (based on impact and likelihood). Fortunately, many of the changes within the Agile framework are designed to be small and lower risk (at least within application development). Putting in the work ahead of time to document these changes, template RFCs, and document the dependencies for various changes allows for a shift in the proportion of pre-approved changes.
      • The designation of pre-approved changes is an ongoing process. This is not an overnight initiative. Measure the proportion of changes by category as a metric, setting goals and interim goals to shift the change proportion to a desired ratio.

      The image is a bar graph, with each bar having 3 colour-coded sections: Emergency, Normal, and Pre-Approved. The first bar is before, where the largest change category is Normal. The second bar is after, and the largest change category is Pre-Approved.

      Turn your CAB into a virtual one

      • The CAB does not have to fully disappear in a DevOps environment. If the SDLC is built in a way that authorizes changes through peer reviews and automated checks, by the time it’s deployed, the job of the CAB should have already been completed. Then the authorization stage-gate (traditionally, the CAB) shifts to earlier in the process, reducing the need for an actual CAB meeting. However, the change must still be communicated and documented, even if it’s a pre-approved change.
      • As the proportion of changes shifts from a high degree of normal changes to a high degree of pre-approved changes, the need for CAB meetings should decrease even further. As an end-state, you may reserve actual CAB meetings for high-profile changes (as defined by risk).
      • Lastly, change management does not disappear as a process. Periodic reviews of change management metrics and the pre-approved change list must still be completed.

      Drive Business Value With a Right-Sized Project Gating Process

      • Buy Link or Shortcode: {j2store}445|cart{/j2store}
      • member rating overall impact: 9.0/10 Overall Impact
      • member rating average dollars saved: $61,999 Average $ Saved
      • member rating average days saved: 21 Average Days Saved
      • Parent Category Name: Portfolio Management
      • Parent Category Link: /portfolio-management
      • Low sponsor commitment on projects.
      • Poor quality on completed projects.
      • Little to no visibility into the project portfolio.
      • Organization does not operationalize change .
      • Analyzing, fixing, and redeploying is a constant struggle. Even when projects are done well, they fail to deliver the intended outcomes and benefits.

      Our Advice

      Critical Insight

      • Stop applying a one-size-fits-all-projects approach to governance.
      • Engage the sponsor by shifting the accountability to the business so they can get the most out of the project.
      • Do not limit the gating process to project management – expand to portfolio management.

      Impact and Result

      • Increase Project Throughput: Do more projects by ensuring the right projects and right amount of projects are approved and executed.
      • Validate Project Quality: Ensure issues are uncovered and resolved with standard check points in the project.
      • Increase Reporting and Visibility: Easily compare progress of projects across the portfolio and report outcomes to leadership.
      • Reduce Resource Waste: Terminate low-value projects early and assign the right resources to approved projects.
      • Achieve Intended Project Outcomes: Keep the sponsor engaged throughout the gating process to achieve desired outcomes.

      Drive Business Value With a Right-Sized Project Gating Process Research & Tools

      Start here – read the Executive Brief

      Read our concise Executive Brief to find out why you should design a right-sized project gating process, review Info-Tech’s methodology, and understand the four ways we can support you.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Lay the groundwork for tailored project gating

      This phase will walk you through the following activities:

    • Understand the role of gating and why we need it.
    • Determine what projects will follow the gating process and how to classify them.
    • Establish the role of the project sponsor throughout the entire project lifecycle.

      • Drive Business Value With a Right-Sized Project Gating Process – Phase 1: Lay the Groundwork for Tailored Project Gating
      • Project Intake Classification Matrix
      • Project Sponsor Role Description Template

      2. Establish level 1 project gating

      This phase will help you customize Level 1 Project Gates with appropriate roles and responsibilities.

      • Drive Business Value With a Right-Sized Project Gating Process – Phase 2: Establish Level 1 Project Gating
      • Project Gating Strategic Template

      3. Establish level 2 project gating

      This phase will help you customize Level 2 Project Gates with appropriate roles and responsibilities.

      • Drive Business Value With a Right-Sized Project Gating Process – Phase 3: Establish Level 2 Project Gating

      4. Establish level 3 project gating

      This phase will help you customize Level 3 Project Gates with appropriate roles and responsibilities. It will also help you determine next steps and milestones for the adoption of the new process.

      • Drive Business Value With a Right-Sized Project Gating Process – Phase 4: Establish Level 3 Project Gating
      • Project Gating Reference Document
      [infographic]

      Workshop: Drive Business Value With a Right-Sized Project Gating Process

      Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

      1 Lay the Groundwork for Tailored Project Gating

      The Purpose

      Understand the role of gating and why we need it.

      Determine what projects will follow the gating process and how to classify them.

      Establish the role of the project sponsor throughout the entire project lifecycle.

      Key Benefits Achieved

      Get stakeholder buy-in for the process.

      Ensure there is a standard leveling process to determine size, risk, and complexity of requests.

      Engage the project sponsor throughout the portfolio and project processes.

      Activities

      1.1 Project Gating Review

      1.2 Establish appropriate project levels

      1.3 Define the role of the project sponsor

      Outputs

      Project Intake Classification Matrix

      Project Sponsor Role Description Template

      2 Establish Level 1 Project Gating

      The Purpose

      This phase will help you customize Level 1 Project Gates with appropriate roles and responsibilities.

      Key Benefits Achieved

      Create a lightweight project gating process for small projects.

      Activities

      2.1 Review level 1 project gating process

      2.2 Determine what gates should be part of your custom level 1 gating process

      2.3 Establish required artifacts for each gate

      2.4 Define the stakeholder’s roles and responsibilities at each gate

      Outputs

      Documented outputs in the Project Gating Strategic Template

      3 Establish Level 2 Project Gating

      The Purpose

      This phase will help you customize Level 2 Project Gates with appropriate roles and responsibilities.

      Key Benefits Achieved

      Create a heavier project gating process for medium projects.

      Activities

      3.1 Review level 2 project gating process

      3.2 Determine what gates should be part of your custom level 2 gating process

      3.3 Establish required artifacts for each gate

      3.4 Define the stakeholder’s roles and responsibilities at each gate

      Outputs

      4 Establish Level 3 Project Gating

      The Purpose

      This phase will help you customize Level 3 Project Gates with appropriate roles and responsibilities.

      Come up with a roadmap for the adoption of the new project gating process.

      Key Benefits Achieved

      Create a comprehensive project gating process for large projects.

      Activities

      4.1 Review level 3 project gating process

      4.2 Determine what gates should be part of your custom level 3 gating process

      4.3 Establish required artifacts for each gate

      4.4 Define the stakeholder’s roles and responsibilities at each gate

      4.5 Determine next steps and milestones for process adoption

      Outputs

      Documented outputs in the Project Gating Strategic Template

      Documented Project Gating Reference Document for all stakeholders

      Requirements Gathering

      • Buy Link or Shortcode: {j2store}49|cart{/j2store}
      • Related Products: {j2store}49|crosssells{/j2store}
      • member rating overall impact: 9.5/10
      • member rating average dollars saved: $33,901
      • member rating average days saved: 23
      • Parent Category Name: Project Portfolio Management and Projects
      • Parent Category Link: /ppm-and-projects
      • byline: Back to basics: before you build, know what they want.

      The challenge

      • The number reason projects fail because from the outset, what people wanted was not clear.
      • Without proper due diligence, IT will deliver projects that fail to meet business expectations and fail to provide business value.
      • If you failed to accurately capture the needs and desires, your projects are set up for costly rework. That will hurt your business's financial performance and result in damage to your relationship with your business partners.
      • Even with requirements gathering processes in place, your business analysts may not have the required competencies to execute them.

      Our advice

      Insight

      • You need to gather requirements with your organizations' end-state in mind. That requires IT and business alignment.
      • You would be good to create a set of standard operating procedures around requirements gathering. But many companies fail to do so.
      • Bring standardization and conformity to your requirements gathering processes via a centralized center of excellence. That brings cohesion and uniformity to your practice.
      • It is critical that your business analysts have the necessary competencies to execute your processes and that they ask the right questions.

      Impact and results 

      • Better requirements analysis will result in shorter cycle timed and reduced project rework and overhead.
      • You will enjoy better relationships with your business partners, greater stakeholder satisfaction, and gradually a better standing of IT.
      • Most importantly, the applications and systems you deliver will contain all must-haves and some nice-to-haves. Your minimal viable deliverable will start to create business value immediately.

      The roadmap

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      Get started.

      Read our executive brief to understand why you should invest in optimizing requirements gathering in your company. We show you how we can support you.

      Build the target state

      Fully understand the target needs of the requirements gathering process.

      • Build a Strong Approach to Business Requirements Gathering – Phase 1: Build the Target State for the Requirements Gathering Process (ppt)
      • Requirements Gathering SOP and BA Playbook (doc)
      • Requirements Gathering Maturity Assessment (xls)
      • Project Level Selection Tool (xls)
      • Business Requirements Analyst (doc)
      • Requirements Gathering Communication Tracking Template (xls)

      Develop best practices to gather business requirements

      • Build a Strong Approach to Business Requirements Gathering – Phase 2: Define the Elicitation Process (ppt)
      • Business Requirements Document Template (xls)
      • Scrum Documentation Template (doc)

      Analyze and validate requirements

      Standardize your frameworks for analysis and validation of the business requirements

      • Build a Strong Approach to Business Requirements Gathering – Phase 3: Analyze and Validate Requirements (ppt)
      • Requirements Gathering Documentation Tool (xls)
      • Requirements Gathering Testing Checklist (doc)

      Build your requirements gathering governance action plan

      Formalize governance.

      • Build a Strong Approach to Business Requirements Gathering – Phase 4: Create a Requirements Governance Action Plan (ppt)
      • Requirements Traceability Matrix (xls)

       

       

      Modernize Your SDLC

      • Buy Link or Shortcode: {j2store}148|cart{/j2store}
      • member rating overall impact: 9.5/10 Overall Impact
      • member rating average dollars saved: $30,263 Average $ Saved
      • member rating average days saved: 39 Average Days Saved
      • Parent Category Name: Development
      • Parent Category Link: /development
      • Today’s rapidly scaling and increasingly complex products create mounting pressure on delivery teams to release new features and changes quickly and with sufficient quality.
      • Many organizations lack the critical capabilities and resources needed to satisfy their growing backlog, jeopardizing product success.

      Our Advice

      Critical Insight

      • Delivery quality and throughput go hand in hand. Focus on meeting minimum process and product quality standards first. Improved throughput will eventually follow.
      • Business integration is not optional. The business must be involved in guiding delivery efforts, and ongoing validation and verification product changes.
      • The software development lifecycle (SDLC) must deliver more than software. Business value is generated through the products and services delivered by your SDLC. Teams must provide the required product support and stakeholders must be willing to participate in the product’s delivery.

      Impact and Result

      • Standardize your definition of a successful product. Come to an organizational agreement of what defines a high-quality and successful product. Accommodate both business and IT perspectives in your definition.
      • Clarify the roles, processes, and tools to support business value delivery and satisfy stakeholder expectations. Indicate where and how key roles are involved throughout product delivery to validate and verify work items and artifacts. Describe how specific techniques and tools are employed to meet stakeholder requirements.
      • Focus optimization efforts on most affected stages. Reveal the health of your SDLC from the value delivery, business and technical practice quality standards, discipline, throughput, and governance perspectives with a diagnostic. Identify and roadmap the solutions to overcome the root causes of your diagnostic results.

      Modernize Your SDLC Research & Tools

      Start here – read the Executive Brief

      Read our concise Executive Brief to find out why you should modernize your SDLC, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Set your SDLC context

      State the success criteria of your SDLC practice through the definition of product quality and organizational priorities. Define your SDLC current state.

      • Modernize Your SDLC – Phase 1: Set Your SDLC Context
      • SDLC Strategy Template

      2. Diagnose your SDLC

      Build your SDLC diagnostic framework based on your practice’s product and process objectives. Root cause your improvement opportunities.

      • Modernize Your SDLC – Phase 2: Diagnose Your SDLC
      • SDLC Diagnostic Tool

      3. Modernize your SDLC

      Learn of today’s good SDLC practices and use them to address the root causes revealed in your SDLC diagnostic results.

      • Modernize Your SDLC – Phase 3: Modernize Your SDLC
      [infographic]

      Workshop: Modernize Your SDLC

      Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

      1 Set Your SDLC Context

      The Purpose

      Discuss your quality and product definitions and how quality is interpreted from both business and IT perspectives.

      Review your case for strengthening your SDLC practice.

      Review the current state of your roles, processes, and tools in your organization.

      Key Benefits Achieved

      Grounded understanding of products and quality that is accepted across the organization.

      Clear business and IT objectives and metrics that dictate your SDLC practice’s success.

      Defined SDLC current state people, process, and technologies.

      Activities

      1.1 Define your products and quality.

      1.2 Define your SDLC objectives.

      1.3 Measure your SDLC effectiveness.

      1.4 Define your current SDLC state.

      Outputs

      Product and quality definitions.

      SDLC business and technical objectives and vision.

      SDLC metrics.

      SDLC capabilities, processes, roles and responsibilities, resourcing model, and tools and technologies.

      2 Diagnose Your SDLC

      The Purpose

      Discuss the components of your diagnostic framework.

      Review the results of your SDLC diagnostic.

      Key Benefits Achieved

      SDLC diagnostic framework tied to your SDLC objectives and definitions.

      Root causes to your SDLC issues and optimization opportunities.

      Activities

      2.1 Build your diagnostic framework.

      2.2 Diagnose your SDLC.

      Outputs

      SDLC diagnostic framework.

      Root causes to SDLC issues and optimization opportunities.

      3 Modernize Your SDLC

      The Purpose

      Discuss the SDLC practices used in the industry.

      Review the scope and achievability of your SDLC optimization initiatives.

      Key Benefits Achieved

      Knowledge of good practices that can improve the effectiveness and efficiency of your SDLC.

      Realistic and achievable SDLC optimization roadmap.

      Activities

      3.1 Learn and adopt SDLC good practices.

      3.2 Build your optimization roadmap.

      Outputs

      Optimization initiatives and target state SDLC practice.

      SDLC optimization roadmap, risks and mitigations, and stakeholder communication flow.

      Design an Enterprise Architecture Strategy

      • Buy Link or Shortcode: {j2store}580|cart{/j2store}
      • member rating overall impact: 9.4/10 Overall Impact
      • member rating average dollars saved: $63,181 Average $ Saved
      • member rating average days saved: 30 Average Days Saved
      • Parent Category Name: Strategy & Operating Model
      • Parent Category Link: /strategy-and-operating-model
      • The enterprise architecture (EA) team is constantly challenged to articulate the value of its function.
      • The CIO has asked the EA team to help articulate the business value the team brings.
      • Traceability from the business goals and vision to the EA contributions often does not exist.
      • Also, clients often struggle with complexity, priorities, and agile execution.

      Our Advice

      Critical Insight

      • EA can deliver many benefits to an organization. However, to increase the likelihood of success, the EA group needs to deliver value to the business and cannot be seen solely as IT.
      • Support from the organization is needed.
      • An EA strategy anchored in a value proposition will ensure that EA focuses on driving the most critical outcomes in support of the organization’s enterprise strategy.
      • As agility is not just for project execution, architects need to understand ways to deliver their guidance to influence project execution in real time, to enable the enterprise agility, and to enhance their responsiveness to changing conditions.

      Impact and Result

      • Create an EA value proposition based on enterprise needs that clearly articulates the expected contributions of the EA function.
      • Establish the EA fundamentals (vision and mission statement, goals and objectives, and principles) needed to position the EA function to deliver the promised value proposition.
      • Identify the services that EA has to provide to the organization to deliver on the promised value proposition.

      Design an Enterprise Architecture Strategy Research & Tools

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Design an Enterprise Architecture Strategy Deck – A guide to help you define services that your EA function will provide to the organization.

      Establish an effective EA function that will realize value for the organization with an EA strategy.

      • Design an Enterprise Architecture Strategy – Phases 1-4

      2. EA Function Strategy Template – A communication tool to secure the approval of the EA strategy from organizational stakeholders.

      Use this template to document the outputs of the EA strategy and to communicate the EA strategy for approval by stakeholders.

      • EA Function Strategy Template

      3. Stakeholder Power Map Template – A template to help visualize the importance of various stakeholders and their concerns.

      Identify and prioritize the stakeholders that are important to your IT strategy development effort.

      • Stakeholder Power Map Template

      4. PESTLE Analysis Template – A template to help you complete and document a PESTLE analysis.

      Use this template to analyze the effect of external factors on IT.

      • PESTLE Analysis Template

      5. EA Value Proposition Template – A template to communicate the value EA can provide to the organization.

      Use this template to create an EA value proposition that explicitly communicates to stakeholders how an EA function can contribute to addressing their needs.

      • EA Value Proposition Template

      6. EA Goals and Objectives Template – A template to identify the EA goals that support the identified promises of value from the EA value proposition.

      Use this template to help set goals for your EA function based on the EA value proposition and identify objectives to measure the progression towards those EA goals.

      • EA Goals and Objectives Template

      7. EA Principles Template – A template to identify the universal EA principles relevant to your organization.

      Use this template to define relevant universal EA principles and create new EA principles to guide and inform IT investment decisions.

      • EA Principles Template – EA Strategy

      8. EA Service Planning Tool – A template to identify the EA services your organization will provide to deliver on the EA value proposition.

      Use this template to identify the EA services relevant to your organization and then define how those services will be accessed.

      • EA Service Planning Tool
      [infographic]

      Workshop: Design an Enterprise Architecture Strategy

      Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

      1 Map the EA Contributions to Business Goals

      The Purpose

      Show an example of traceability.

      Key Benefits Achieved

      Members have a real-world example of traceability between business goals and EA contributions.

      Activities

      1.1 Start from the business goals of the organization.

      1.2 Document business and IT drivers.

      1.3 Identify EA contributions that help achieve the business goals.

      Outputs

      Business goals documented.

      Business and IT drivers documented.

      Identified EA contributions and traced them to business goals.

      2 Determine the Role of the Architect in the Agile Ceremonies of the Organization

      The Purpose

      Create an understanding about role of architect in Agile ceremonies.

      Key Benefits Achieved

      Understanding of the role of the EA architect in Agile ceremonies.

      Activities

      2.1 Document the Agile ceremony used in the organization (based on SAFe or other Agile approaches).

      2.2 Determine which ceremonies the system architect will participate in.

      2.3 Determine which ceremonies the solution architect will participate in.

      2.4 Determine which ceremonies the enterprise architect will participate in.

      2.5 Determine architect syncs, etc.

      Outputs

      Documented the Agile ceremonial used in the organization (based on SAFe or other Agile approaches).

      Determined which ceremonies the system architect will participate in.

      Determined which ceremonies the solution architect will participate in.

      Determined which ceremonies the enterprise architect will participate in.

      Determined architect syncs, etc.

      Further reading

      Design an Enterprise Architecture Strategy

      Develop a strategy that fits the organization’s maturity and remains adaptable to unforeseen future changes.

      EXECUTIVE BRIEF

      Build a right-size enterprise architecture strategy

      Enterprise Architecture Strategy
      Business & IT Strategy
      • Organizational Goals and Objectives
      • Business Drivers
      • Environment and Industry Trends
      • EA Capabilities and Services
      • Business Architecture
      • Data Architecture
      • Application Architecture
      • Integration Architecture
      • Innovation
      • Roles and Organizational Structure
      • Security Architecture
      • Technology Architecture
      • Integration Architecture
      • Insight and Knowledge
      • EA Operating Model
      		 Unlock the Value of Architecture
      • Increased Business and IT Alignment
      • Robust, Flexible, Scalable, Interoperable, Extensible and Reliable Solutions
      • Timely/Agile Service Delivery and Operations
      • Cost-Effective Solutions
      • Appropriate Risk Management to Address the Risk Appetite
      • Increased Competitive Advantage
      Current Environment
      • Business and IT Challenges
      • Opportunities
      • Enterprise Architecture Maturity

      Enterprise Architecture – Thought Model

      A thought model built around 'Enterprise Architecture', represented by a diagram on a cross-section of a ship which will be explained in the next slide. It begins with an arrow that says 'Organizational goals are the driving force and the ultimate goal' pointing to a bubble titled 'Organization' containing 'Analysis', 'Decisions', 'Actions'. An blue arrow on the right side with one '$' is labelled 'Iterations' and connects 'Organization' to 'Enterprise Architecture', 'Enterprise architecture creates new business value'. A green arrow on the left side with five '$' is labelled 'Goals' and connects back to 'Organization'. A the bottom, a bubble titled 'External forces, pressures, trends, data, etc.' has a blue arrow on the right side with one '$' connecting back to 'Enterprise Architecture'. Another blue arrow representing an output is labelled 'Outcomes' and originates from 'Enterprise Architecture'.

      Enterprise Architecture Capabilities

      A diagram on a cross-section of a ship representing 'Enterprise Architecture', including a row of process arrows beneath the ship pointing forward all labelled 'Agile iteration' and one airborne arrow above the stern pointing forward labelled 'Business Strategy'. Overlaid on the ship, starting at the back, are 'EA Strategy', 'EA Operating Model', 'Enterprise Principles, Methods, etc.', 'Foundational enterprise decisions: Business, Data/Apps, Technology, Integration, Security', 'Enterprise Reference Architecture', 'Goals, Value Chain, Capability, Business Processes', 'Enterprise Governance (e.g., Standard Mgmt.)', 'Domain Arch', 'Data & App Architecture', 'Security Architecture', 'Infrastructure: Cloud, Hybrid, etc.', at the very front is 'Implementation', and running along the bottom from back to front is 'Operations, Monitoring, and Continuous Improvement'.

      Analyst Perspective

      Enterprise architecture (EA) needs to be right-sized for the needs of the organization.

      Photo of Milena Litoiu, Principal/Senior Director, Enterprise Architecture, Info-Tech Research Group

      Enterprise architecture is NOT a one-size-fits-all endeavor. It needs to be right-sized to the needs of the organization.

      Enterprise architects are boots on the ground and part of the solution; in addition, they need to have a good understanding of the corporate strategy, vision, and goals and have a vested interest on the optimization of the outcomes for the enterprise. They also need to anticipate the moves ahead, to be able to determine future trends and how they will impact the enterprise.

      Milena Litoiu
      Principal/Senior Director, Enterprise Architecture
      Info-Tech Research Group

      Analyst Perspective

      EA provides business options based on a deep understanding of the organization.

      “Enterprise architects need to think about and consider different areas of expertise when formulating potential business options. By understanding the context, the puzzle pieces can combine to create a positive business outcome that aligns with the organization’s strategies. Sometimes there will be missing pieces; leveraging what you know to create an outline of the pieces and collaborating with others can provide a general direction.”

      Jean Bujold
      Senior Workshop Delivery Director
      Info-Tech Research Group

      “The role of enterprise architecture is to eliminate misalignment between the business and IT and create value for the organization.”

      Reddy Doddipalli
      Senior Workshop Director, Research
      Info-Tech Research Group

      “Every transformation journey is an opportunity to learn: ‘Tell me and I forget. Teach me and I remember. Involve me and I learn.’ Benjamin Franklin.”

      Graham Smith
      Senior Lead Enterprise Architect and Independent Consultant

      Develop an enterprise architecture strategy that:

      • Helps the organization make decisions that are hard to change in a complex environment.
      • Fits the current organization’s maturity and remains flexible and adaptable to unforeseen future changes.

      Executive Summary

      Your Challenge

      We need to make decisions today for an unknown future. Decisions are influenced by:

      • Changes in the environment you operate in.
      • Complexity of both the business and IT landscapes.
      • IT’s difficulty in keeping up with business demands and remaining agile.
      • Program/project delivery pressure and long-term planning needs.
      • Other internal and external factors affecting your enterprise.

      Common Obstacles

      Decisions are often made:

      • Without a clear understanding of the business goals.
      • Without a holistic understanding; sometimes in conflict with one another.
      • That hinder the continuity of the organization.
      • That prevent value optimization at the enterprise level.

      The more complex an organization, the more players involved, the more difficult it is to overcome these obstacles.

      Info-Tech’s Approach

      • Is a holistic, top-down approach, from the business goals all the way to implementation.
      • Has EA act as the canary in the coal mine. EA will identify and mitigate risks in the organization.
      • Enables EA to provide an essential service rather than be an isolated kingdom or an ivory tower.
      • Acknowledges that EA is a balancing act among competing demands.
      • Makes decisions using guiding principles and guardrails, to create a flexible architecture that can evolve and expand, enabling enterprise agility.

      Info-Tech Insight

      There is no “right architecture” for organizations of all sizes, maturities, and cultural contexts. The value of enterprise architecture can only be measured against the business goals of a single organization. Enterprise architecture needs to be right-sized for your organization.

      Info-Tech insight summary on arch. agility

      Continuous innovation is of paramount importance in achieving and maintaining competitive advantage in the marketplace.

      Business engagement

      It is important to trace architectural decisions to business goals. As business goals evolve, architecture should evolve as well.

      As new business input is provided during Agile cycles, architecture is continuously evolving.

      		EA fundamentals

      EA fundamentals will shape how enterprise architects think and act, how they engage with the organization, what decisions they make, etc.

      Start small and lean and evolve as needed.

      Continuously align strategy with delivery and operations.

      Architects should establish themselves as business partners as well as implementation/delivery leaders.

      		Enterprise services

      Definitions of enterprise services should start from the business goals of the organization and the capabilities IT needs to perform for the organization to survive in the marketplace.

      Continuous delivery and continuous innovation are the two facets of architecture.

      Tactical insight

      Your current maturity should be reflected as a baseline in the strategy.

      		Tactical insight

      Take Agile/opportunistic steps toward your strategic North star.

      		Tactical insight

      EA services differ based on goals, maturity, and the Agile appetite of the enterprise.

      From the best industry experts

      “The trick to getting value from enterprise architecture is to commit to the long haul.”

      Jeanne W. Ross, MIT CISR
      Co-author of Enterprise Architecture as Strategy: Creating a Foundation for Business Execution,
      Harvard Business Press, 2006.

      Typical EA maturity stages

      A line chart that moves through multiple stages titled 'Enterprise Architecture Maturity Stages (MIT CISR)' The five stages of the chart, starting on the left, are 'Business Silos', 'Standardized Technology', 'Optimized Core', 'Business Componentization', and 'Digital Ecosystem'. 'The trick to getting value from enterprise architecture is to commit to the long haul.' The line begins at the bottom left of the chart and gradually creates a stretched S shape to the top right. Points along the line, respective to the aforementioned stages, are 'Locally Optimal Business Solutions', 'Technology Infrastructure Platform', 'Digitized Process Platform', 'Repository of Reusable Business Components', 'Components Connecting with Partners' Components', and at the end of the line, outside of the chart is 'Strategic Business Value from Technology'. Percentages along the bottom, respective to the aforementioned stages, read 20%, 36%, 45%, 7%, 2%. Percentages are rough approximations based on findings reported in Mocker, M., Ross, J.W., Beath, C.M., 'How Companies Use Digital Technologies to Enhance Customer Offerings--Summary of Survey Findings,' MIT CISR Working Paper No. 434, Feb. 2019. Copyright MIT, 2019.

      Enterprise Architecture maturity

      A maturity ladder visualization for 'Enterprise Architecture' with five color-coded levels. From the bottom up, the colors and designations are Red: 'Unstable', Orange: 'Firefighter', Yellow: 'Trusted Operator', Blue: 'Business Partner', and Green: 'Innovator'. Beside the visualization at the bottom it says 'EA is here', then an arrow in the direction of the top where it says 'EA needs to be here'.
      • Innovator – Transforms the Business
        Reliable Technology Innovation
      • Business Partner – Expands the Business
        Effective Use of Enterprise Architecture in all Business Projects, Enterprise Architecture Is Strategically Engaged
      • Trusted Operator – Optimizes the Business
        Enterprise Architecture Provides Business, Data, Application & Technology Architectures for All IT Projects
      • Firefighter – Supports the Business
        Reliable Architecture for Some Practices/Projects
      • Unstable – Struggles to Support
        Inability to Provide Reliable Architectures

      Info-Tech Insight

      There is no “absolute maturity” for organizations of all sizes, maturities, and cultural contexts. The maturity of enterprise architecture can only be measured against the business goals of the organization.

      Info-Tech offers various levels of support to best suit your needs

      DIY Toolkit

      Guided Implementation

      Workshop

      Consulting
      "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

      Diagnostics and consistent frameworks used throughout all four options

      Workshop Overview

      Contact your account representative for more information.
      workshops@infotech.com1-888-670-8889

      Session 1 Session 2 Session 3 Session 4 Session 5
      Activities
      Identify organizational needs and landscape

      1.0 Interview stakeholders to identify business and technology needs

      1.1 Review organization perspective, including business needs, challenges, and strategic directions

      1.2 Conduct PESTLE analysis to identify business and technology trends

      1.3 Conduct SWOT analysis to identify business and technology internal perspective

      Create the EA value proposition

      2.1 Identify and prioritize EA stakeholders

      2.2 Create business and technology drivers from needs

      2.3 Define the EA value proposition

      2.4 Identify EA maturity and target

      Define the EA fundamentals

      3.1 Define the EA goals and objectives

      3.2 Determine EA scope

      3.3 Create a set of EA principles

      3.4. Define the need of a methodology/agility

      3.5 Create the EA vision and mission statement

      Identify the EA framework and communicate the EA strategy

      4.1 Define initial EA operating model and governance mechanism

      4.2 Define the activities and services the EA function will provide, derived from business goals

      4.3 Determine effectiveness measures

      4.4 Create EA roadmap and next steps

      4.5 Build communication plan for stakeholders

      Next Steps and Wrap-Up (offsite)

      5.1 Generate workshop report

      5.2 Set up review time for workshop report and to discuss next steps

      Outcomes
      1. Stakeholder insights
      2. Organizational needs, challenges, and direction summary
      3. PESTLE & SWOT analysis
      1. Stakeholder power map
      2. List of business and technology drivers with associated pains
      3. Set of EA contributions articulating the promises of value in the EA value proposition
      4. EA maturity assessment
      1. EA scope
      2. List of EA principles
      3. EA vision statement
      4. EA mission statement
      5. Statement about role of enterprise architect relative to agility
      1. EA capabilities mapped to business goals of the organization
      2. List of EA activities and services the EA function is committed to providing
      3. KPI definitions
      4. EA roadmap
      5. EA communication plan
      1. Completed workshop report on EA strategy with roadmap, recommendations, and outcomes from workshop

      Guided Implementation

      A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

      A typical GI is 8 to 12 calls over the course of 4 to 6 months.

      While variations depend on the maturity of the organization as well as its aspirations, these are some typical steps:

        Phase 1

      • Call #1: Explore the role of EA in your organization.

        • Phase 2

      • Call #2: Identify and prioritize stakeholders.
      • Call #3: Use a PESTLE analysis to identify business and technology needs.
      • Call #4: Prepare for stakeholder interviews.
      • Call #5: Discuss your EA value proposition.

        • Phase 3

      • Call #5: Understand the importance of EA fundamentals.
      • Call #6: Define the relevant EA services and their contributions to the organization.
      • Call #7: Measure EA effectiveness.

        • Phase 4

      • Call #8: Build your EA roadmap and communication plan.
      • Call #9: Discuss the EA role relative to agility.
      • Call #10: Summarize results and plan next steps.

      Design an Enterprise Architecture Strategy

      Phase 1

      Explore the Role of Enterprise Architecture

      Phase 1

      • 1.1 Explore a general EA strategy approach
      • 1.2 Introduce Agile EA architecture
        •

      Phase 2

      • 2.1 Define the business and technology drivers
      • 2.2 Define your value proposition

      Phase 3

      • 3.1 Realize the importance of EA fundamentals
      • 3.2 Finalize the EA fundamentals

      Phase 4

      • 4.1 Select relevant EA services
      • 4.2 Finalize the set of services and secure approval

      This phase will walk you through the following activities:

      Define the role of the group and different roles inside the enterprise architecture competency.

      This phase involves the following participants:

      • CIO
      • IT Leaders
      • Business Leaders

      Enterprise architecture optimizes the outcomes of the entire organization

      Corporate Strategy –› Enterprise Architecture Strategy

      Info-Tech Insight

      Enterprise architecture needs to have input from the corporate strategy of the organization. Similarly, EA governance needs to be informed by corporate governance. If this is not the case, it is like planning and governing with your eyes closed.

      Existing EA functions vary in the value they achieve due to their level of maturity

      EA Functions
      Operationalized
      • EA function is operationalized and operates as an effective core function.
      • Effectively aligns the business and IT through governance, communication, and engagement.
      		 –––› Common EA value
      Decreased cost Reduced risk
      Emerging
      • Emerging but limited ad hoc EA function.
      • Limited by lack of alignment to the business and IT.
      		 –x–› Cut through complexity Increased agility
      (Source: Booz & Co., 2009)

      Benefits of enterprise architecture

      1. Focuses on business outcomes (business centricity)
      2. Provides traceability of architectural decisions to/from business goals
      3. Provides ways to measure results
      4. Provides consistency across different lines of business: establishes a common vocabulary, reducing inconsistencies
      5. Reduces duplications, creating additional efficiencies at the enterprise level
      6. Presents an actionable migration to the strategy/vision, through short-term milestones/steps

      Benefits of enterprise architecture continued

      1. Done right, increases agility
      2. Done right, reduces costs
      3. Done right, mitigates risks
      4. Done right, stimulates innovation
      5. Done right, helps achieve the stated business goals (e.g. customer satisfaction) and improves the enterprise agility.
      6. Done right, enhances competitive advantage of the enterprise

      Qualities of a well-established and practical enterprise architecture

      1. Objective
      2. Impartial
      3. Credible
      4. Practical
      5. Measurable
        6. (Source: University of Toronto, 2021)

      Role of the enterprise architecture

      • Primarily to set up guardrails for the enterprise, so Agile teams work independently in a safe, ready-to-integrate environment
      • Establish strategy
      • Establish priorities
      • Continuously innovate
      • Establish enterprise standards and enterprise guardrails to guide Solution/Domain/Portfolio Architectures
      • Align with and be informed by the organization’s direction

      Members of the Architecture Board:

      • Chief (Business) Strategist
      • Lead Enterprise Architect
      • Business SME from each major domain
      • IT SME from each major domain
      • Operational & Infrastructure SME
      • Security & Risk Officer
      • Process Management
      • Other relevant stakeholders

      For enterprise architecture to contribute, EA must address the organizational vision and goals

      External Factors –› Layers of a Business Model
      (Organization)             		–› Architecture Supported Transformation
      Industry Changes Business Strategy
      Competition Value Streams
      (Business Outcomes)
      Regulatory Impacts Business Capability Maps
      • Security
      Workforce Impacts Execution
      • Policies
      • Processes
      • People
      • Information
      • Applications
      • Technology

      Info-Tech Insight

      External forces can affect the organization as a whole; they need to be included as part of the holistic approach for enterprise architecture.

      How does EA provide value?

      Business and Technology Drivers – A set of statements created from business and technology needs. Gathered from information sources, it communicates improvements needed.

      • Vision, Aspirations, Long-Term Goals – Vision, aspirations, long term goals

        • EA Contributions – EA contributions that will alleviate obstructions. Removing the obstructions will allow EA to help satisfy business and technology needs.

          • Promise of Value – A statement that depicts a concrete benefit that the EA practice can provide for the organization in response to business and technology drivers.

      Info-Tech Insight

      Enterprise architecture needs to create and be part of a culture where decisions are made through collaboration while focusing on enterprise-wide efficiencies (e.g. reduced duplication, reusability, enterprise-wide cost minimization, overall security, comprehensive risk mitigation, and any other cross-cutting concerns) to optimize corporate business goals.

      The EA function scope is influenced by the EA value proposition and previously developed EA fundamentals

      Establish the EA function scope by using the EA value proposition and EA fundamentals that have already been developed. After defining the EA function scope, refer back to these statements to ensure it accurately reflects the EA value proposition and EA fundamentals.

      EA value proposition

      +

      EA vision statement
      EA mission statement
      EA goals and objectives

      		—›
      Influences

      Organizational coverage

      Architectural domains

      Depth

      Time horizon

      		—›
      Defines       		EA function scope

      EA team characteristics

      Create the optimal EA strategy by including personnel who understand a broad set of topics in the organization

      The team assembled to create the EA strategy will be defined as the “EA strategy creation team” in this blueprint.

      • Someone who has been in the organization for a long time and has built strong relationships with key stakeholders. This individual can exert influence and become the EA strategy sponsor.
      • An individual who understands how the different technology components in the organization support its business operations.
      • Someone in the organization who can communicate IT concepts to business managers in a language the business understands.
      • An individual with a strategy background or perspective on the organization. This individual will understand where the organization is headed.
      • Any individuals who feel an acute pain as a result of poorly made investment decisions. They can be champions of EA strategy in their respective functions.

      EA skills and competencies

      Apart from business know-how, the EA team should have the following skills

      • Architectural thinking
      • Analytical
      • Trusted, credible
      • Can handle complexity
      • Can change perspectives
      • Can learn fast (business and technology)
      • Independent and steadfast
      • Not afraid to go against the stream
      • Able to understand problems of others with empathy
      • Able to estimate scaling on design decisions such as model patterns
      • Intrinsic capability to identify where relevant details are
      • Able to identify root causes quickly
      • Able to communicate complex issues clearly
      • Able to negotiate and come up with acceptable solutions
      • Can model well
      • Able to change perspectives (from business to implementation and operational perspectives).

      Use of enterprise architecture methodologies

      Balance EA methodologies with Agile approaches

      Using an enterprise architecture methodology is a good starting point to achieving a common understanding of what that is. Often, organizations agree to "tailor" methodologies to their needs.

      The use of lean/Agile approaches will increase efficiency beyond traditional methodologies.

      Use of EA methodologies vs. Agile methods

      When to use what?

      • Use an existing methodology to structure your thinking and establish a common vocabulary to communicate basic concepts, processes, and approaches.
      • Customize the methodology to your needs; make it as lean as possible.
      • Execute in an Agile way, but keep in mind the thoughtful checks recommended by your end-to-end methodology.
      • Clarify goals.
      • Have good measures and metrics in place.
      • Continuously monitor progress, fit for purpose, etc.
      • Highlight risks, roadblocks, etc.
      • Get support.
      • Communicate vision, goals, key decisions, etc.
      • Iterate.

      Business strategy first, EA strategy second, and EA operating model third

      Corporate Strategy
      “Why does our enterprise exist in the market?”
      EA Strategy
      “What does EA need to be and do to support the enterprise’s ability to meet its goals? What is EA’s value proposition?”       		Business & IT Operating Culture
      “How does the organization’s culture and structure influence the EA operating model?”
      EA Operating Model
      How does EA need to operate on a daily basis to deliver the value proposition?”

      High-level perspective

      Creating an effective practice involves many moving parts.

      A visual of the many moving parts in an effective practice; there are 6 smaller circles in a large circle, an input arrow labelled 'Environment', an output arrow labelled 'Results', and a thin arrow connecting 'Results' back to 'Environment'. Of the circles, 'Leadership' is in the center, connected to each of the others, while 'Culture', 'Strategy', 'Core Processes', 'Structure', and 'Systems' create a cycle. (Source: The Center for Organizational Design)

      • Environment. Influences that are external to the organization, such as customer perceptions, changing needs, and changes in technology, and the organization’s ability to adjust to them.
      • Strategy. The business strategy defines how the organization adds value and acts as the rudder to direct the organization. Organizational strategy defines the character of the organization, what it wants to be, its values, its vision, its mission, etc.
      • Core Process. The flow of work through the organization.
      • Structure. How people are organized around business processes. Includes reporting structures, boundaries, roles, and responsibilities. The structure should assist the organization with achieving its goals rather than hinder its performance.
      • Systems. Interrelated sets of tasks or activities that help organize and coordinate work.
      • Culture. The personality of the organization: its leadership style, attitudes, habits, and management practices. Culture measures how well philosophy is translated into practice.
      • Results. Measurement of how well the organization achieved its goals.
      • Leadership. Brings the organization together by providing vision and strategy; designing, monitoring, and nurturing the culture; and fostering agility.

      The answer to the strategic planning entity dilemma is enterprise architecture

      Enterprise architecture is a discipline that defines the structure and operation of an organization. The intent of enterprise architecture is to determine how an organization can most effectively achieve its current and future objectives.

      Vision, goals, and aspirations as well internal and external pressures

      Business current state

      • Existing capability
      • Existing capability
      • Existing capability
      • Existing capability
      • Existing capability
      		 Enterprise Architecture

      IT current state

      • IT asset management
      • Database services
      • Application development

      Business target state

      • Existing capability
      • Existing capability
      • Existing capability
      • Existing capability
      • Existing capability
      • New capability

      IT target state

      • IT asset management
      • Database services
      • Application development
      • Business analytics
      Complex, overlapping, contradictory world of humans vs. logical binary world of IT
      EA is a planning tool to help achieve the corporate business goals

      EA spans across all the domains of architecture

      Business architecture is the cornerstone that sets the foundation for all other architectural domains: security, data, application, and technology.

      A flow-like diagram titled 'Enterprise Architecture' beginning with 'Digital Architecture' and 'Business Architecture', which feeds into 'Security Architecture', which feeds into both 'Data Architecture' and 'Application Architecture', which both feed into 'Technology Architecture: Infrastructure'.

      “An enterprise architecture practice is both difficult and costly to set up. It is normally built around a process of peer review and involves the time and talent of the strategic technical leadership of an enterprise.” (The Open Group Architecture Framework, 2018)

      Enterprise architecture deployment continuum

      A diagram visualizing the Enterprise architecture deployment continuum with two continuums, 'Level of Embedding' and 'EA Value', assigning terms to EA deployments based on where they fall. On the left is an 'Ivory Tower' configuration: EA' is separated from the 'BU's but is still controlling them. Level of Embedding: 'Centralized', EA Value: 'Dictatorship'. In the center is a 'Balanced' configuration: 'EA' is spread across and connected to each 'BU'. Level of Embedding: 'Federated', EA Value: 'Democracy'. On the right is a 'Siloed' configuration: Each 'BU' has its own separate 'EA'. Level of Embedding: 'Decentralized', EA Value: 'Abdication of enterprise role'.

      Info-Tech Insight

      The primary question during the design of the EA operating model is how to integrate the EA function with the rest of the business.

      If the EA practice functions on its own, you end up with ivory tower syndrome and a dictatorship.

      If you totally embed the EA function within business units it will become siloed with no enterprise value.

      Organizations need to balance consistency at the enterprise level with creativity from the grass roots.

      Enterprise vs. Program/Portfolio/Domain

      Enterprise vs. Program/Portfolio/Domain. Image depicts where Enterprise Scope overlaps Program/Portfolio Scope. Enterprise Scope includes Business Architecture. Program/Portfolio Scope includes Business Requirements, Business Process, and Solutions Architecture. Overlap between scope includes Technology Architecture, Data Architecture, and Applications Architecture.

      Info-Tech Insight

      Decisions at the enterprise level apply across multiple programs/portfolios/solutions and represent the guardrails set for all to play within.

      Decide on the degree of centralization

      Larger organizations with multiple domains/divisions or business units will need to decide which architecture functions will be centralized and which, if any, will be decentralized as they plan to scope their EA program. What are the core functions to be centralized for the EA to deliver the greatest benefits?

      Typically, we see a need to have a centralized repository of reusable assets and standards across the organization, while other approaches/standards can operate locally.

      Centralization

      • Allows for more strategic planning
      • Visibility into standards and assets across the organization promotes rationalization and cost savings
      • Ensures enterprise-wide assets are used
      • More strategic sourcing of vendors and resellers
      • Can centrally negotiate pricing for better deals
      • Easier to manage risk and prepare for audits
      • Greater coordination of resources
      • Derives benefits from enterprise decisions, e.g. integration…

      Decentralization

      • May allow for more innovation
      • May be easier to demonstrate local compliance if the organization is geographically decentralized
      • May be easier to procure software if offices are in different countries
      • Deployment and installation of software on user devices may be easier

      EA strategy

      What is the role of enterprise architecture vis-à-vis business goals?

      • What needs to be done?
      • Who needs to be involved?
      • When?
      • Where?
      • Why?
      • How?

      Top-down approach starting from the goals of the organization

        What the Business Sees...
      • Business Goals
        • Value Streams
            What the CxO Sees...
          • Capabilities
              What the App Managers See...
            • Processes
              • Applications
                  What the Program Managers See...
                • Programs/Projects

      Info-Tech Insight

      Being able to answer the deceptively simple question “How am I doing?” requires traceability to and from the business goals to be achieved all the way to applications, to infrastructure, and ultimately, to the funded initiatives (portfolios, programs, projects, etc.).

      Measure EA strategy effectiveness by tracking the benefits it provides to the corporate business goals

      The success of the EA function spans across three main dimensions:

      1. The delivery of EA-enabled business outcomes that are most important to the enterprise.
      2. The alignment between the business and the technology from a planning perspective.
      3. Improvements in the corporate business goals due to EA contributions (standardization, rationalization, reuse, etc.).

      Corporate Business Goals

      • Reduction in operating costs
      • Decreased regulatory compliance infractions
      • Increased revenue from existing channels
      • Increased revenue from new channels
      • Faster time to business value
      • Improved business agility
      • Reduction in enterprise risk exposure

      EA Contributions

      • Alignment of IT investments to business strategy
      • Achievement of business results directly linked to IT involvement
      • Application and platform rationalization
      • Standards in place
      • Flexible architecture
      • Better integration
      • Higher organizational satisfaction with technology-enabled services and solutions

      Measurements

      • Cost reductions based on application and platform rationalization
      • Time and cost reductions due to standardization
      • Time reduction for integration
      • Service reused
      • Stakeholder satisfaction with EA services
      • Increase in customer satisfaction
      • Rework minimized
      • Lower cost of integration
      • Risk reduction
      • Faster time to market
      • Better scalability, etc.

      Info-Tech Insight

      Organizations must create clear and smart KPIs (key performance indicators) across the board.

      From corporate strategy to enterprise architecture

      A model connecting 'Enterprise Architecture' with 'Corporate Strategy' through 'EA Services' and 'EA Strategy'.

      Info-Tech Insight

      In the absence of a corporate strategy, enterprise architecture is missing its North Star.

      However, enterprise architects can partner with the business strategists to build the needed vision.

      Traceability to and from business corporate business goals to EA contributions (sample)

      A model connecting 'Enterprise Architecture' with 'Corporate Goals' through 'EA Contributions'.

      Enterprise architecture journey

      The enterprise architecture journey, from left to right: 'Business Goals' and 'EA Maturity Assessment', 'EA Strategy', 'Industry-Specific Capability Model' and 'Customized to the Organization's Needs', 'EA Operating Model' and 'EA Governance', 'Business Architecture' and 'EA Tooling', 'Data Architecture' and 'Application Architecture', 'Infrastructure Architecture'.

      Agile architecture principles

      Agile architecture principles:
      • Fast learning cycle
      • Explore alternatives
      • Create environment for decentralized ideation and innovation

      According to the Scaled Agile Framework, three of the most applicable principles for the architectural professions refer to the following:

      1. "Fast learning cycle" refers to learning cycles that allow for quick reiterations as well as the opportunity to fail fast to learn fast.
      2. "Explore alternatives" refers to the exploration phase and also to the need to make tough decisions and balance competing demands.
      3. "Create environment for decentralized ideation and innovation" ensures that no one has a monopoly on innovation. Moreover, EA needs to invite ideas from various stakeholders (from the business to operations as well as implementers, etc.).

      Architecture roles in lean enterprises

      Typical architecture roles in modern/Agile lean enterprises

      • System Architect
      • Solution Architect
      • Enterprise Architect

      Depth vs. strategy focus

      Typical architect roles

      A graph with different architect roles mapped onto it. Axes are 'Low Strategic Impact' to 'High Strategic Impact' and 'Breadth' to 'Depth'. 'Enterprise Architect' has the highest strategic impact and most breadth. 'Technical/System Architect' has the lowest strategic impact and most depth. 'Solution Architect' sits in the middle of both axes.

      Architecture roles continued

      The three architect roles from above and their impacts on the list of 'Common Domains' to the right. 'Enterprise Architect's impact is 'Across Value Streams', 'Solution Architect's impact is 'Across Systems', 'Technical/System Architect's impact is 'Single System'. Adapted from Scaled Agile.

      Common Domains

      Business Architecture

      Information Architecture

      Application Architecture

      Technical Architecture

      Integration Architecture

      Security Architecture

      Others

      Info-Tech Insight

      All architects are boots on the ground and play in the solutioning space. What differs is their decisions’ impact (the enterprise architect’s decisions affects all domains and solutions).

      SAFe definitions of the Enterprise/Solution and System Architect roles can be found here.

      The role of the Enterprise Architect is detailed here.

      Collaboration models across the enterprise

      A collaboration model with 'Enterprise Architecture' at the top consisting of a 'Chief Enterprise Architect', 'Enterprise Architects', and 'EA Concerns across solutions': 'Architect A', 'Architect B', and 'Architect C'. Each lettered Architect is connected to their respective 'Solution Architect (A-C)' which runs their respective 'Delivery Team (A-C)' with 'Other Team Members'.(Adapted from Disciplined Agile)

      There are both formal and informal collaborations between enterprise architects and solution architects across the enterprise.

      Info-Tech Insight

      Enterprise architects should collaborate with solutions architects to create the best solutions at the enterprise level and to provide guidance across the board.

      Architect roles in SAFe

      According to Scale Agile Framework 5 for Lean Enterprises:

      • The system architect participates in the Essential SAFe
      • Solution architects and system architects participate in Large Solution
      • The enterprise architect participates in the Portfolio SAFe
      • Enterprise, solution, and system architects are all involved in Full SAFe

      Please check the SAFe Scaled Agile site for detailed information on the approach.

      Architect roles and their participation in Agile events (see likely events and a typical calendar)

      Info-Tech Insight

      A clear commitment for architects to achieve and support agility is needed. Architects should not be in an ivory tower; they should be hands on and engaged in all relevant Agile ceremonies, like the pre- and post-program increment (PI) planning, etc.

      Architect syncs are also required to ensure the needed collaboration.

      Architect participation in Agile ceremonies, according to SAFe:

      Architecture runway (at scale)

      Info-Tech Insight

      Architecting for scale, modularity, and extensibility is key for the architecture to adapt to changing conditions and evolve.

      Proactively address NFRs; architect for performance and security.

      Continuously refine the solution intent.

      For large solutions, longer foundational architectural runways are needed.

      Having an intentional continuous improvement/continuous development (CI/CD) pipeline to continuously release, test, and monitor is key to evolving large and complex systems.

      Parallel continuous exploration/integration/deployment

      A cycle titled DevOps containing three smaller cycles labelled 'Continuous Explorations', 'Continuous Integration', and 'Continuous Deployment'.

      Info-Tech Insight

      Architects need to help make some fundamental decisions, e.g. help define the environment that best supports continuous innovation or exploration and continuous integration, deployment, and delivery.

      Typical strategic enterprise architecture involvement

      Enterprise Architect —DRIVES–› Enterprise Architecture Strategy

      Enterprise Architecture Strategy
      • Application Strategy
      • Business Strategy
      • Data Strategy
      • Implementation Strategy
      • Infrastructure Strategy
      • Inter-domain Collaboration
      • Integration Strategy
      • Operations Strategy
      • Security Strategy
        • (Adapted from Scaled Agile)

      The EA statement relative to agility

      The enterprise architecture statement relative to agility specifies the architects’ responsibilities as well as the Agile protocols they will participate in. This statement will guide every architect’s participation in planning meetings, pre- and post-PI, various syncs, etc. Use simple and concise terminology; speak loudly and clearly.

      Strong EA statement relative to agility has the following characteristics:

      • Describes what different architect roles do to achieve the vision of the organization
      • In an agile way
      • Compelling
      • Easy to grasp
      • Sharply focused
      • Specific
      • Concise

      Sample EA statement relative to agility

      • Create strategies that provide guardrails for the organization, provide standards, reusable assets, accelerators, and other decisions at the enterprise level that support agility.
      • Participate in pre-PI and post-PI planning activities, architect syncs, etc.

      A clear statement can include additional details surrounding the enterprise architect’s role relative to agility

      Below is a sample of connecting keywords to form an enterprise architect role statement, relative to agility.

      Optimize, transform, and innovate by defining and implementing the [Company]’s target enterprise architecture in an agile way.

      Optimize – We collaborate with the business to analyze and optimize business capabilities and business processes to enable the agile and efficient attainment of [Company name] business objectives.

      Transform – We support IT-enabled business transformation programs by building and maintaining a shared vision of the future-state enterprise and consistently communicating it to stakeholders.

      Innovate – We identify and develop new and creative opportunities for IT to enable the business. We communicate the art of the possible to the business.

      Defining and implementing – We engage with project teams early and guide solution design and selection to ensure alignment to the target-state enterprise architecture and provide guidance and accelerators.

      Target enterprise structure in an agile way – We analyze business needs and priorities and assess the current state of the enterprise. We build and maintain the target enterprise architecture blueprints that define:

      • Business capabilities and processes (business architecture)
      • Data, application, and technology assets that enable business capabilities and processes (technology architecture)
      • Architecture principles
      • Standards and reusable assets
      • Continuous exploration, integration, and deployment

      Traditional vs. Agile approaches

      Traditional Enterprise Architecture Next-Generation Enterprise Architecture
      Scope: Technology focused Business transformation (scope includes both business and technology)
      Bottom up Top down
      Inside out Outside In
      Point to point; difficult to change Expandable, extensible, evolvable
      Control-based: Governance intensive; often over-centralized Guidance-based: Collaboration and partnership-driven based on accepted guardrails
      Big up-front planning Incremental/dynamic planning; frequent changes
      Functional siloes and isolated projects, programs, and portfolios Enterprise-driven outcome optimization (across value streams)

      Info-Tech Insight

      The role of the architecture in Lean (Agile) approaches is to set up the needed guardrails and ensure a safe environment where everyone can be effective and creative.

      Design an Enterprise Architecture Strategy

      Phase 2

      Create the EA Value Proposition

      Phase 1

      • 1.1 Explore a general EA strategy approach
      • 1.2 Introduce Agile EA architecture

      Phase 2

      • 2.1 Define the business and technology drivers
      • 2.2 Define your value proposition
        •

      Phase 3

      • 3.1 Realize the importance of EA fundamentals
      • 3.2 Finalize the EA fundamentals

      Phase 4

      • 4.1 Select relevant EA services
      • 4.2 Finalize the set of services and secure approval

      This phase will walk you through the following activities:

      • Identify and prioritize EA stakeholders.
      • Create business and technology drivers from stakeholder information.
      • Identify business pains and technology drivers.
      • Define EA contributions to alleviate the pains.
      • Create promises of value to fully articulate the value proposition.

      This phase involves the following participants:

      • CIO
      • IT Leaders
      • Business Leaders

      Step 2.1

      Define the Business and Technology Drivers

      Activities
      • 2.1.1 Use a stakeholder power map to identify and prioritize EA stakeholders
      • 2.1.2 Conduct a PESTLE analysis
      • 2.1.3 Review strategic planning documents
      • 2.1.4 Conduct EA stakeholder interviews

      This step will walk you through the following activities:

      • Learn the five-step process to create an EA value proposition.
      • Uncover business and technology needs from stakeholders.

      This step involves the following participants:

      • CIO
      • IT Leaders
      • Business Leaders

      Outcomes of this step

      An understanding of your organization’s EA needs.

      Create the Value Proposition

      Step 2.1 Step 2.2

      Value proposition is an important step in the creation of the EA strategy

      Creating an EA value proposition should be the first step to realizing a healthy EA function. The EA value proposition demonstrates to organizational stakeholders the importance of EA in helping to realize their needs.

      Five steps towards the successful articulation of EA value proposition:

      1. Identify and prioritize stakeholders. The EA function must know to whom to communicate the value proposition.
      2. Construct business and technology drivers. Drivers are derived from the needs of the business and IT. Needs come from the analysis of external factors, strategic documents, and interviewing stakeholders. Helping stakeholders and the organization realize their needs demonstrates the value of EA.
      3. Discover pains that prevent driver realization. There are always challenges that obstruct drivers of the organization. Find out what they are to get closer to showing the value of EA.
      4. Brainstorm EA contributions. Pains that obstruct drivers have now been identified. To demonstrate EA’s value, think about how EA can help to alleviate those pains. Create statements that show how EA’s contribution will be able to overcome the pain to show the value of EA.
      5. Derive promises of value. Complete the articulation of value for the EA value proposition by stating how realizing the business or technology will provide in terms of value for the organization. Speak with the stakeholders to discover the value that can be achieved.

      Info-Tech Insight

      EA can deliver many benefits to an organization. To increase the likelihood of success, each EA group needs to commit to delivering value to their organization based on the current operating environment and the desired direction of the enterprise. An EA value proposition will articulate the group’s promises of value to the enterprise.

      The foundation of an optimal EA value proposition is laid by defining the right stakeholders

      All stakeholders need to know how the EA function can help them. Provide the stakeholders with an understanding of the EA strategy’s impact on the business by involving them.

      A stakeholder map can be a powerful tool to help identify and prioritize stakeholders. A stakeholder map is a visual sketch of how various stakeholders interact with your organization, with each other, and with external audience segments.

      An example stakeholder map with the 'Key players' quadrant highlighted, it includes 'CEO', 'CIO', and the modified position of 'CFO' after being engaged.

      “Stakeholder management is critical to the success of every project in every organization I have ever worked with. By engaging the right people in the right way in your project, you can make a big difference to its success…and to your career.” (Rachel Thompson, MindTools)

      2.1.1 Use a stakeholder power map to identify and prioritize EA stakeholders

      2 hours

      Input: Expertise from the EA strategy creation team

      Output: An identified and prioritized set of stakeholders for the EA function to target

      Materials: Note-taking materials, Whiteboard or flip chart, markers

      Participants: EA strategy creation team

      1. A stakeholder power map helps to visualize the importance of various stakeholders and their concerns so you can prioritize your time according to the most powerful and most impacted stakeholders.
      2. Evaluate each stakeholder in terms of power, Involvement, impact, and support.
        • Power: How much influence does the stakeholder have? Enough to drive the project forward or into the ground?
        • Involvement: How interested is the stakeholder? How involved is the stakeholder in the project already?
        • Impact: To what degree will the stakeholder be impacted? Will this significantly change how they do their job?
        • Support: Is the stakeholder a supporter of the project? Neutral? A resistor?
      3. Map each stakeholder to an area on the Power Map Template.
      4. Ask yourself if the power map looks accurate. Is there someone who has no involvement in EA strategy development but should?
      5. Some stakeholders may have influence over others. For example, a COO who highly values the opinion of the Director of Operations would be influenced by that director. Draw an arrow from one stakeholder to another to signify this relationship.

      Download the Stakeholder Power Map Template for more detailed instructions on completing this activity.

      Each stakeholder will have a set of needs that will influence the final EA value proposition

      All stakeholders will have a set of needs they would like to address. Take those needs and translate them into business and technology drivers. Drivers help clearly articulate to stakeholders, and the EA function, the stakeholder needs to be addressed.

      Business Driver

      Business drivers are internal or external business conditions, changing business capabilities, and changing market trends that impact the way EA operates and provides value to the enterprise.

      Examples:

      Ensure corporate compliance with legislation pertaining to data and security (e.g. regulated oil fields).

      Enable the automation and digitization of internal processes and services to business stakeholders.

      Technology Driver

      Technology drivers are internal or external technology conditions or factors that are not within the control of the EA group that impact the way that the EA group operates and provides value to the enterprise.

      Examples:

      Establish standards and policies for enabling the organization to take advantage of cloud and mobile technologies.

      Reduce the frequency of shadow IT by lowering the propensity to make business–technology decisions in isolation.

      (Source: The Strategic CFO, 2013)

      Gather information from stakeholders to begin the process of distilling business and technology drivers

      Review information sources, then analyze them to derive business and technology drivers. Information sources are not targeted towards EA stakeholders. Analyze the information sources to create drivers that are relevant to EA stakeholders.

      Information Sources Drivers (Examples)

      PESTLE Analysis

      Strategy Documents

      Stakeholder Interviews

      SWOT Analysis

      		—›

      Analysis

      		 —›

      Help the organization align technology investments with corporate strategy

      Ensure corporate compliance with legislation.

      Increase the organization’s speed to market.

      Business and Technology Needs

      By examining information sources, the EA team will come across a set of business and technology needs. Through analysis, these needs can be synthesized into drivers.

      The PESTLE analysis will help you uncover external factors impacting the organization

      PESTLE examines six perspectives for external factors that may impact business and technology needs. Below are prompting questions to facilitate a PESTLE analysis working session.

      Political
      • Will a change in government (at any level) affect your organization?
      • Do inter-government or trade relations affect you?
      • Are there shareholder needs or demands that must be considered?
      • How are your costs changing (moving off-shore, fluctuations in markets, etc.)?
      • Do currency fluctuations have an effect on your business?
      • Can you attract and pay for top-quality talent (e.g. desirable location, reasonable cost of living, changes to insurance requirements)?
      		 Economic
      Social
      • What are the demographics of your customers and/or employees?
      • What are the attitudes of your customers and/or staff (e.g. do they require social media, collaboration, transparency of costs)?
      • What is the general lifecycle of an employee (i.e. is there high turnover)?
      • Is there a market of qualified staff?
      • Is your business seasonal?
      • Do you require constant technology upgrades (e.g. faster network, new hardware)?
      • What is the appetite for innovation within your industry/business?
      • Are there demands for increasing data storage, quality, BI, etc.?
      • Are you looking to cloud technologies?
      • What is the stance on bring your own device?
      • Are you required to do a significant amount of development work in-house?
      		 Technological
      Legal
      • Are there changes to trade laws?
      • Are there changes to regulatory requirements (i.e. data storage policies, privacy policies)?
      • Are there union factors that must be considered?
      • Is there a push towards being environmentally friendly?
      • Does the weather have any effect on your business (hurricanes, flooding, etc.)?
      		 Environmental

      2.1.2 Conduct a PESTLE analysis

      2 hours

      Input: Expertise from EA strategy creation team

      Output: Identified set of business and technology needs from PESTLE

      Materials: Note-taking materials, Whiteboard or flip chart, markers

      Participants: EA strategy creation team

      1. Begin conducting the PESTLE analysis by breaking the participants into groups. Divide the six different perspectives amongst the groups.
      2. Ask each group to begin to derive business and technology needs from their assigned perspectives. Use some of the areas noted below along with the questions on the previous slide to derive business and technology needs.
        • Political: Examine taxes, environmental regulations, and zoning restrictions.
        • Economic: Examine interest rates, inflation rate, exchange rates, the financial and stock markets, and the job market.
        • Social: Examine gender, race, age, income, disabilities, educational attainment, employment status, and religion.
        • Technological: Examine servers, computers, networks, software, database technologies, wireless capabilities, and availability of Software as a Service.
        • Legal: Examine trade laws, labor laws, environmental laws, and privacy laws.
        • Environmental: Examine green initiatives, ethical issues, weather patterns, and pollution.
      3. Ask each group to take into account the following questions when deriving business and technology needs:
        • Will business components require any changes to address the factor?
        • Will information technology components changes be needed to address any factor?
      4. Have each team record its findings. Have each team present its list and have remaining teams give feedback and additional suggestions. Record any changes in this step.

      Download the PESTLE Analysis Template to assist with completing this activity.

      Strategic planning documents can provide information regarding the direction of the organization

      Some organizations (and business units) create an authoritative strategy document. These documents contain corporate aspirations and outline initiatives, reorganizations, and shifts in strategy. From these documents, a set of business and technology needs can be generated.

      Overt Statements

      • Corporate objectives and initiatives are often explicitly stated in these documents. Look for statements that begin with phrases such as “Our corporate objectives are…”
      • Remember that different organizations use different terminology; if you cannot find the word goal or objective then look for “pillar,” “imperative,” “theme,” etc.

      Turn these statements to business and technology needs by:

      Asking the following:
      • Is there a need from a business perspective to address these objectives, initiatives, and shifts in strategy?
      • Is there a need from a technology perspective to address these objectives, initiatives, and shifts in strategy?

      Covert Statements

      • Some corporate objectives and initiatives will be mentioned in passing and will require clarification. For example: “As we continue to penetrate new markets, we will be diversifying our manufacturing geography to simplify distribution.”

      2.1.3 Review strategic planning documents

      2 hours

      Input: Strategic documents in the organization

      Output: Identified set of business and technology needs from documents

      Materials: Note-taking materials, Whiteboard or flip chart, markers

      Participants: EA strategy creation team

      Begin the identification process of business and technology needs from strategic documents with the following steps:

      1. Work with the EA strategy creation team to identify the strategic documents within the organization. Look for documents with any of the following content:
        • Corporate strategy document
        • Business unit strategy documents
        • Annual general reports
      2. Gather the strategic documents into one place and call a meeting with the EA strategy creation team to identify the business and technology needs in those documents.
      3. Pick one document and look through its contents. Look for future-looking words such as:
        • We will be…
        • We are planning to…
        • We will need…
      4. Consider those portions of the document with future-looking words and ask the following:
        • Will business components require any changes to address these objectives?
        • Will information technology components changes be needed to address these objectives?
      5. Record the business and technology needs identified in step 4. As well, record any questions you may have regarding the document contents for stakeholders to validate later.
      6. Move to the next document once complete. Complete steps 3-5 for the remaining strategy documents.

      Stakeholder interviews will help you collect primary data and will shed light on stakeholder priorities and challenges

      In this interview process, you will be asking EA stakeholders questions that uncover their business and technology needs. You will also be able to ask follow-up questions to get a better understanding of abstract or complex concepts from the strategy document review and PESTLE analysis.

      EA Stakeholders:

      • Stakeholders may not think of their business and technology needs. But stakeholders will often explicitly state their objectives and initiatives.
      • Objectives often result in risks, opportunities, and annoyances:
        • Risks: Potential damage associated with pursuing an objective or initiative.
        • Opportunities: Potential gains that could be leveraged when capturing objectives and initiatives.
        • Annoyances: Roadblocks that could hinder the pursuit of objectives and initiatives.
      • Ask stakeholders questions on these areas to discern their business and technology needs.

      Risks + Opportunities + Annoyances –› Business and Technology Needs

      2.1.4 Conduct EA stakeholder interviews

      4-8 hours

      Input: Expertise from the EA stakeholders

      Output: Business and technology needs for EA stakeholders

      Materials: Note-taking materials, Whiteboard or flip chart, markers

      Participants: EA strategy creation team, Identified EA stakeholders

      1. Schedule an interview with each of the stakeholders that were identified as key stakeholders in the Stakeholder Power Map.
      2. Meet with the key EA stakeholders and start business and technology needs gathering. Schedule each identified key stakeholder for an interview.
      3. When a stakeholder arrives for their interview, ask the following questions and record the answers to help uncover needs. Be sure to record which stakeholder answered the question. Further, record any future stakeholders that agree.
        • What are the current strengths of your organization?
        • What are the current weaknesses of your organization?
        • What is the number 1 risk you need to prevent?
        • What is the number 1 opportunity you want to capitalize on?
        • What is the number 1 annoying pet peeve you want to remove?
        • How would you prioritize these risks, opportunities, and annoyances?
      4. Recorded answer example: “We can’t see what the other departments are doing; when we spend a lot of money to invest in something, we later find out the capability is already within the company.”
      5. After completing each interview, verify with each stakeholder that you have captured their business and technology needs. Continue the interview process until all identified key stakeholders have been interviewed.
      6. Capture all inputs into a SWOT (strengths, weaknesses, opportunities, and threats) format.

      Step 2.2

      Define Your Value Proposition

      Activities
      • 2.2.1 Create a set of business and technology drivers from business and technology needs
      • 2.2.2 Identify the pains associated with the business and technology drivers
      • 2.2.3 Identify the EA contributions that can address the pains
      • 2.2.4 Create promises of value to shape the EA value proposition

      This step will walk you through the following activities:

      • Use business and technology drivers to determine EA’s role in your organization.

      This step involves the following participants:

      • CIO
      • IT Leaders
      • Business Leaders

      Outcomes of this step

      A value proposition document that ties the value of the EA function to stakeholder needs.

      Create the EA Value Proposition

      Step 2.1 Step 2.2

      Synthesize the collected data into business and technology drivers

      Two triangles labelled 'Business needs' and 'Technology needs' point to a cloud labelled 'Analysis', which connects to the driver attributes on the right via a dotted line.

      There are several key attributes that a driver should have.

      Driver Key Attributes
      • A succinct statement.
      • Begins with “action words” to communicate a call to action (e.g. Support, Help, Enable).
      • Written in a language understood by all parties involved.
      • Communicates a need for improvement or prevention.

      “The greatest impact of enterprise architecture is the strategic impact. Put the mission and the needs of the organization first.” (Matthew Kern, Clear Government Solutions)

      2.2.1 Create a set of business and technology drivers from business and technology needs

      3 hours

      Input: Expertise from EA strategy creation team

      Output: A set of business and technology drivers

      Materials: Note-taking materials, Whiteboard or flip chart, markers

      Participants: EA strategy creation team, EA stakeholders

      Meet with the EA strategy creation team and follow the steps below to begin the process of synthesizing the business and technology needs into drivers.

      1. Lay out the documented business and technology needs your team gathered from PESTLE analysis, strategy document reviews, and stakeholder interviews.
      2. Assess the documented business and technology needs to see if there are common themes. Consolidate those similar business and technology needs by crafting one driver for them. For example:
        • PESTLE: Influx of competitors in the marketplace causing tighter margins.
        • Document review: Improve investment quality and their value to the organization.
        • Stakeholder interview: “We can’t see what the other departments are doing; when we spend a lot of money to invest in something, we later find out the capability is already within the company.”
        • Consolidated business driver example: Help the organization align investments with the corporate strategy and departmental priorities.
      3. As well, synthesize the business and technology needs that cannot be consolidated.
      4. Verify the completed list of drivers with stakeholders. This is to ensure you have fully captured their needs.

      Download the EA Value Proposition Template to record your findings in this activity.

      When addressing business and technology drivers, an organization can expect obstacles

      A pain is an obstacle that business stakeholders will face when attempting to address business and technology drivers. Identify the pains associated with each driver so that EA’s contributions can be linked to resolving obstacles to address business needs.

      Business and Technology Drivers

      Pains
      Created by assessing information sources. A sentence that states the nature of the pain and how the pain stops the organization from addressing the drivers.
      Examples:
      • Business driver: Help the organization align investments with the corporate strategy and departmental priorities.
      • Technology driver: Improve the organization’s technology responsiveness and increase speed to market.
      		 Examples:
      • Business driver pains: Lack of holistic view of business capabilities obstructs the organization from aligning investments with corporate strategy and departmental priorities.
      • Technology driver pains: Ineffective application development requiring delays decreases the speed to market.

      2.2.2 Identify the pains associated with the business and technology drivers

      2 hours

      Input: Expertise from EA strategy creation team and EA stakeholders

      Output: An associated pain that obstructs each identified driver

      Materials: Note-taking materials, Whiteboard or flip chart, markers

      Participants: EA strategy creation team, EA stakeholders

      Call a meeting with the EA strategy creation team and any available stakeholders to identify the pains that obstruct addressing the business and technology drivers.

      Take each driver and ask the questions below to the EA strategy creation team and to any EA stakeholders who are available. Record the answers to identify the pains when realizing the drivers.

      1. What are your challenges in performing the activity or process today?
      2. What other business activities/processes will be impacted/improved if we solve this?
      3. What compliance/regulatory/policy concerns do we need to consider in any solution?
      4. What are the steps in the process/activity?

      Take the recorded answers and follow the steps below to create the pain statements:

      1. Answers to the questions above can be long, unfocused, or spoken in a casual manner. To turn the answer into pains, refine the recorded answers into a succinct sentence that captures its meaning.
        • Recorded answer example: “I feel like there needs to be a holistic view of the organization. If we had a tool to see all the capabilities across the business, then we can figure out what investments should be prioritized.”
        • Example of pain statement: Lack of holistic view of business capabilities obstructs the organization from aligning investments with corporate strategy and departmental priorities.
      2. When the list of pains has been written out, verify with the stakeholders that you have fully captured their pains.

      Download the EA Value Proposition Template to record your findings in this activity.

      The identified pains can be alleviated by a set of EA contributions

      Set the foundations for the value proposition by brainstorming the EA contributions that can alleviate the pains.

      Business and technology drivers produce:

      Pains

      		 —›
      EA contributions produce:

      Value by alleviating pains
      Pains

      Obstructions to addressing business and technology drivers. Stakeholders will face these pains.

      Examples
      • Business driver pains: Lack of holistic view of business capabilities obstructs the organization from aligning investments with corporate strategy and departmental priorities.
      EA contributions

      Activities the EA function can perform to help alleviate the pains. Demonstrates the contributions the EA function can make to business value.

      Examples:
      • Business driver EA contributions: Business capability mapping shows the business capabilities of the organization and the technology that supports those capabilities in the current and target state. This provides a view for the set of investments that are needed by the organization, which can then be prioritized.

      Enterprise architecture functions can provide a diverse set of contributions to any organization – Sample

      EA contribution category EA contribution details
      Define business capabilities and processes As-is and target business capabilities and processes are documented and understood by both IT and the business.
      Design information flows and services Information flows and services effectively support business capabilities and processes.
      Analyze gaps and identify project opportunities Create informed project identification, scope definition, and project portfolio management.
      Optimize technology assets Greater homogeneity and interoperability between tangible and intangible technology assets.
      Create and maintain technology standards Decrease development, integration, and support efforts. Reduce complexity and improve interoperability.
      Rationalize technology assets Tangible and intangible technology assets are rationalized to adequately and efficiently support information flows and services.

      2.2.3 Identify the EA contributions that can address the pains

      2 hours

      Input: Expertise from EA strategy creation team

      Output: EA contributions that addresses the pains that were identified

      Materials: Note-taking materials, Whiteboard or flip chart, markers

      Participants: EA strategy creation team

      Gather with the EA strategy creation team, take each pain, then ask and record the answers to the questions below to identify the EA contributions that would solve the pains:

      1. What activities can the EA practice conduct to overcome the pain?
      2. What are the core EA models that can help accurately define the problem and assist in finding appropriate resolutions?
      3. What are the general EA benefits that can be associated with solving this pain?

      Answers to the questions above will generate a list of activities EA can do to help alleviate the pains. Use the following steps to complete this activity:

      1. Create a stronger tie between the EA contributions and pains by linking the EA contribution statement to the pain.
        • Example of pain statement: Lack of holistic view of business capabilities obstructs the organization from aligning investments with corporate strategy and departmental priorities.
        • Example of EA contributions statement: Business capability mapping shows the business capabilities of the organization and the technology that supports those capabilities in the current and target state. This provides a view for the set of investments that are needed by the organization, which can then be prioritized.
      2. Verify with the stakeholders that they understand the EA contributions have been written out and how those contributions address the pains.

      Download the EA Value Proposition Template to record your findings in this activity.

      EA promises of value articulate EA’s commitment to the organization

      • Business Goals and Technology Drivers
        A set of statements created from business and technology needs. Gathered from information sources, it communicates improvements needed.

        • Value Streams, Aspirations, Long-Term Goals
          Value streams, aspirations, long-term goals

          • EA Contributions
            EA contributions that will alleviate the obstructions. Removing the obstructions will allow EA to help satisfy business and technology needs.

            • Promise of Value
              A statement that depicts a concrete benefit the EA practice can provide for the organization in response to business and technology drivers.
              Communicate the statements in a language that stakeholders understand to complete the articulation of EA’s value proposition.

      2.2.4 Create promises of value to shape the EA value proposition

      2 hours

      Input: Expertise from EA strategy creation team and EA stakeholders

      Output: Promises of value for each business and technology driver

      Materials: Note-taking materials, Whiteboard or flip chart, markers

      Participants: EA strategy creation team, EA stakeholders

      Now that the EA contributions have been identified, identify the promises of value to articulate the value proposition.

      Take each driver, then ask and record the answers to the questions below to identify the promises of value when realizing the drivers:

      1. What does amazing look like if we solve this perfectly?
      2. What other business activities/processes will be impacted/improved if we solve this?
      3. What measures of success/change should we use to prove value of the effort (KPIs/ROI)?

      Take the recorded answers and follow the steps below to create the promises of value.

      1. Answers to the questions above can be long, unfocused, or spoken in a casual manner. To turn the answer into a promise of value, refine the recorded answer into a succinct sentence that captures its meaning.
        • Business driver example: Help the organization align investments with the corporate strategy and departmental priorities.
        • Recorded answer example: “If this would be solved perfectly, we would have a very easy time planning investments and investment planning hours can be spent doing other activities.”
        • Promises of value example: Increase the number of investments that have a direct tie to corporate strategy.
      2. When the promises of value have been written out, verify with the stakeholders that you have fully captured their ideas.

      Download the EA Value Proposition Template to record your findings in this activity.

      Design an Enterprise Architecture Strategy

      Phase 3

      Build the EA Fundamentals

      Phase 1

      • 1.1 Explore a general EA strategy approach
      • 1.2 Introduce Agile EA architecture

      Phase 2

      • 2.1 Define the business and technology drivers
      • 2.2 Define your value proposition

      Phase 3

      • 3.1 Realize the importance of EA fundamentals
      • 3.2 Finalize the EA fundamentals
        •

      Phase 4

      • 4.1 Select relevant EA services
      • 4.2 Finalize the set of services and secure approval

      This phase will walk you through the following activities:

      • Create an EA vision statement and an EA mission statement.
      • Create EA goals, define EA objectives, and link them to EA goals.
      • Define the EA function scope dimensions.
      • Create a set of EA principles for your organization.
      • Discuss current methodology.

      This phase involves the following participants:

      • CIO
      • EA Team
      • IT Leaders
      • Business Leaders

      Step 3.1

      Realize the Importance of EA Fundamentals

      Activities
      • 3.1.1 Create the EA vision statement
      • 3.1.2 Create the EA mission statement
      • 3.1.3 Create EA goals
      • 3.1.4 Define EA objectives and link them to EA goals
      • 3.1.5 Record the details of each EA objective

      This step will walk you through the following activities:

      • Define and document the fundamentals that guide the EA function.

      This step involves the following participants:

      • CIO
      • EA Team
      • IT Leaders
      • Business Leaders

      Outcomes of this step

      • Vision and mission statements for the EA function.
      • A set of EA goals and a set of objectives to track progression toward those goals.
      Build the EA Fundamentals
      Step 3.1 Step 3.2

      EA fundamentals guide the EA function

      EA fundamentals include a vision statement, a mission statement, goals and objectives, and principles. They are a set of documented statements that guide the EA function. The fundamentals guide the EA function in terms of its strategy and decision making.

      EA vision statement EA mission statement

      EA fundamentals
      EA goals and objectives EA principles

      Info-Tech Insight

      Treat the critical elements of the EA group the same way as you would a business. Create a directional foundation for EA and define the vision, mission, goals, principles, and scope necessary to deliver on the established value proposition.

      The EA vision statement articulates the aspirations of the EA function

      The enterprise architecture vision statement communicates a desired future state of the EA function. The statement is expressed in the present tense. It seeks to articulate the desired role of the EA function and how the EA function will be perceived.

      Strong EA vision statements have the following characteristics:

      • Describe a desired future
      • Focus on ends, not means
      • Communicate promise
      • Concise, no unnecessary words
      • Compelling
      • Achievable
      • Inspirational
      • Memorable

      Sample EA vision statements:

      • To be a trusted partner for both the business and IT, driving enterprise effectiveness, efficiency, and agility at [Company Name].
      • To be a trusted partner and advisor to both the business and IT, contributing to business-IT alignment and cost reduction at [Company Name].
      • To create distinctive value and accelerate [Company Name]’s transformation.

      The EA mission statement articulates the purpose of the EA function

      The enterprise architecture mission statement specifies the team’s purpose or “reason of being.” The mission should guide each day’s activities and decisions. The mission statements use simple and concise terminology, speak loudly and clearly, and generate enthusiasm for the organization.

      Strong EA mission statements have the following characteristics:

      • Articulates EA function purpose and reason for existence
      • Describes what the EA function does to achieve its vision
      • Defines who the customers of the EA function are
      • Compelling
      • Easy to grasp
      • Sharply focused
      • Inspirational
      • Memorable
      • Concise

      Sample EA mission statements:

      • Define target enterprise architecture for [Company Name], identify solution opportunities, inform IT investment management, and direct solution development, acquisition, and operation compliance.
      • Synergize with both the business and IT to define and help realize [Company Name]’s target enterprise architecture that enables the business strategy and optimizes IT assets, resources, and capabilities.

      The EA vision and mission statements become relevant to EA stakeholders when linked to the promises of value

      The process for constructing the enterprise architecture vision statement and enterprise architecture mission statement is articulated below.

      Promises of value Derive keywords Construct draft statements Reference test criteria Finalize statements
      Derive the a set of keywords from the promises of value to accurately capture their essence. Create the initial statement using the keywords. Check the initial statement against a set of test criteria to ensure their quality. Finalize the statement after referencing the initial statement against the test criteria.

      Derive keywords from promises of value to begin the vision and mission statement creation process

      Develop keywords by summarizing the promises of value that were derived from drivers into one word that will take on the essence of the promise. See examples below:

      Business and technology drivers Promises of value Keywords
      Help the organization align investments with the corporate strategy and departmental priorities. Increase the number of investments that have a direct tie to corporate strategy. Business
      Support the rapid growth and development of the company through fiscal planning, project planning, and technology sustainability. Ensure budgets and projects are delivered on time with the assistance of technology. IT-Enabled
      Reduce the duplication and work effort to build and deploy technology solutions across the entire organization. Aim to reduce the number of redundant applications in the organization to streamline processes and save costs. Catalyst
      Improve the organization’s technology responsiveness and increase speed to market. Reduce the number of days required in the SDLC for all core business support projects. Value delivery

      An inspirational vision statement is greater than the sum of the individual words

      Ensure the sentence is cohesive and captures additional value outside of the keywords. The statement as a whole should be greater than the sum of the parts. Expand upon the meaning of the words, if necessary, to communicate the value. Below is an example of a finished vision statement.

      Sample

      Be a catalyst for IT-enabled business value delivery.

      Catalyst – We will continuously interact with the business and IT to accelerate and improve results.

      IT-enabled – We will ensure the optimal use of technology in enabling business capabilities to achieve business objectives.

      Business – We will be perceived as a business-focused unit that understands [Company name]’s business priorities and required business capabilities.

      Value delivery – EA’s value will be recognized by both business and IT stakeholders. We will track and market EA’s contribution to business value organization-wide.

      A clear mission statement can include additional details surrounding the EA team’s desired and expected value

      Likewise, below is a sample of connecting keywords together to form an EA mission statement:

      Optimize, transform, and innovate by defining and implementing the [Company]’s target enterprise architecture.

      Optimize – We collaborate with the business to analyze and optimize business capabilities and business processes to enable the agile and efficient attainment of [Company name] business objectives.

      Transform – We support IT-enabled business transformation programs by building and maintaining a shared vision of the future-state enterprise and consistently communicating it to stakeholders.

      Innovate – We identify and develop new and creative opportunities for IT to enable the business. We communicate the art of the possible to the business.

      Defining and implementing – We engage with project teams early and guide solution design and selection to ensure alignment to the target-state enterprise architecture.

      Target enterprise structure – We analyze business needs and priorities and assess the current state of the enterprise. We build and maintain the target enterprise architecture blueprints that define:

      • Business capabilities and processes (business architecture)
      • Data, application, and technology assets that enable business capabilities and processes (technology architecture)
      • Architecture principles and standards

      3.1.1 Create the EA vision statement

      1 hour

      Input: Identified promises of value, Vision statement test criteria

      Output: EA function vision statement

      Materials: Note-taking materials, Whiteboard or flip chart, markers

      Participants: EA strategy creation team

      Begin the creation of the EA vision statement by following the steps below:

      1. Gather the EA strategy creation team and have the promises of value from the EA value proposition laid out.
      2. Select one promise of value and work with the team to identify one word that captures the essence of that promise of value.
      3. Continue to the next promise of value until all of the promises of value have a keyword identified.
      4. Have the identified set of keywords laid out and see if any of their meanings are similar and can be consolidated together. Consolidate similar meaning keywords.
      5. Create the initial draft of the EA vision statement by linking the keywords together.
      6. Check the initial draft of the vision statement against the test criteria below. Ask the team if the vision statement satisfies each of the test criteria.
        • Do you find this vision exciting?
        • Is the vision clear, compelling, and easy to grasp?
        • Does this vision somehow connect to the core purpose?
        • Will this vision be exciting to a broad base of people in the organization, not just those within the EA team?
      7. Make changes to the initial draft to satisfy the test criteria. Socialize the EA vision statement with EA stakeholders to make sure it captures their needs.

      3.1.2 Create the EA mission statement

      1 hour

      Input: Identified promises of value, Mission statement test criteria

      Output: EA function mission statement

      Materials: Note-taking materials, Whiteboard or flip chart, markers

      Participants: EA strategy creation team

      Begin the creation of the EA mission statement by following the steps below:

      1. Gather the EA strategy creation team and have the promises of value from the EA value proposition laid out.
      2. Select one promise of value and work with the team to identify one word that captures the essence of that promise of value.
      3. Continue to the next promise of value until all of the promises of value have a keyword identified.
      4. Have the identified set of keywords laid out, and see if any of their meanings are similar and can be consolidated together. Consolidate similar meaning keywords.
      5. Create the initial draft of the EA mission statement by linking the keywords together.
      6. Check the initial draft of the mission statement against the following test criteria below. Ask the team if the mission statement satisfies each of the test criteria.
        • Do you find this purpose personally inspiring?
        • Does the purpose help you to decide what activities to not pursue, to eliminate from consideration? Is this purpose authentic – something true to what the organization is all about – not merely words on paper that sound nice?
        • Would this purpose be greeted with enthusiasm rather than cynicism by a broad base of people in the organization?
      7. Make changes to the initial draft to satisfy the test criteria. Socialize the EA mission statement with EA stakeholders to make sure it captures their needs.

      EA goals demonstrate the achievement of success of the EA function

      Enterprise architecture goals define specific desired outcomes of an EA function. EA goals are important because they establish the milestones the EA function can strive toward to deliver their promises of value.

      Inform EA goals by examining:

      Promises of value

      		 —›
      EA goals produce:

      Targets and milestones
      Promises of value

      Produce EA strategic outcomes that can be classified into four categories. The four categories are:

      • Business performance
      • IT performance
      • Customer value
      • Risk management
      EA goals

      Support the strategic outcomes. EA goals can be strategic or operational:

      • EA strategic goals support the strategic outcomes.
      • EA operational goals help measure the architecture capability quality and supporting processes.

      3.1.3 Create EA goals

      2 hours

      Input: Identified promises of value

      Output: EA goals

      Materials: Note-taking materials, Whiteboard or flip chart, markers

      Participants: EA strategy creation team

      Begin the creation of EA goals by following the steps below:

      1. Gather the EA strategy creation team and the identified promises of value from Phase 2, Create the EA Value Proposition.
      2. Open the EA Goals and Objectives Template and examine the list of default EA goals already within the template.
      3. Take the identified promises of value and discuss with the team if any of the EA goals in the template relate to the promises of value. Record the related EA goal and promise of value. See example below:
        • Promises of value example: Increase the number of investments that have a direct tie to corporate strategy.
        • Related EA goal example: Alignment of IT and business strategy.
      4. Repeat step 3 until all identified promises of value have been examined in relation to the EA goals in the template.
      5. If there are promises of value that are not related to an EA goal in the template, create EA goals to relate to those promises of value. Keep in mind that EA goals need to support the strategic outcomes produced by the promises of value. Record the EA goals in the template and document the related promises of value.

      Download the EA Goals and Objectives Template to assist with completing this activity.

      Starting with COBIT, select the appropriate objectives to track EA goals – Sample

      Below are examples of EA goals and the objectives that track their performance:

      IT performance-oriented goals Objectives
      Alignment of IT and business strategy
      • Increase the percentage of enterprise strategic goals and requirements supported by IT strategic goals by X percent in the fiscal year.
      • Improve stakeholder satisfaction with planned function and services portfolio scope by X percent in the fiscal year.
      • Increase the percentage of IT value drivers mapped to business value drivers by X percent in the next fiscal year.
      Increase in IT agility
      • Improve business executive satisfaction with IT’s responsiveness to new requirements by X percent in the fiscal year.
      • Increase the number of critical business processes supported by up-to-date infrastructure and applications in the next three years.
      • Lower the average time to turn strategic IT objectives into agreed-upon and approved initiatives.
      Optimization of IT assets, resources, and capabilities
      • Increase the frequency of capability maturity and cost optimization assessments.
      • Improve the frequency of reporting for assessment result trends.
      • Raise the satisfaction levels of business and IT executives with IT-related costs and capabilities by X percent.

      3.1.4 Define EA objectives and link them to EA goals

      2 hours

      Input: Defined EA goals

      Output: EA objectives linked to EA goals

      Materials: Note-taking materials, Whiteboard or flip chart, markers

      Participants: EA strategy creation team

      Begin the process of defining EA objectives and linking them to EA goals using the following steps:

      1. Gather the EA strategy creation team and open the EA Goals and Objectives Template.
      2. Have the goals laid out, and refer to the objectives already in the EA Goals and Objectives Template. Examine if any of them will fit the goals your team has created.
      3. If some of the goals your team has created do not fit with the objectives in the template, begin the process of creating new objectives. Remember, EA objectives are SMART metrics that help track the progress toward the EA goals.
      4. Create an EA objective and check if it is SMART by asking some of the questions below:
        • Specific: Is the objective specific to the goal? Is the objective clear to anyone who has basic knowledge of the goal?
        • Measurable: Is it possible to figure out how far the team would be away from completing the objective?
        • Agreed Upon: Does everyone involved agree the objective is the correct way to measure progress?
        • Realistic: Can the objective be met within the availability of resources, knowledge, and time?
        • Time Based: Is there a time-bound component to the goal?
      5. Continue to create new objectives until each goal has an objective linked to it.

      Download the EA Goals and Objectives Template to assist with completing this activity.

      For each of the objectives, determine how they will be collected, reported, and implemented

      Add details to the enterprise architecture objectives previously defined to increase their clarity to stakeholders.

      EA objective detail category Description
      Unit of measure
      • The unit in which the objective will be presented.
      Calculation formula
      • The formula by which the objective will be calculated.
      Objective baseline, status, and target
      • Baseline: The state of the objective at the start of measurement.
      • Status: The current state of the measurement.
      • Target: The target state the measurement should reach.
      Data collection
      • Responsible: The individual responsible for collecting the data.
      • Source: Where the data originates.
      • Frequency: How often the data will be collected to calculate the objective.
      Reporting
      • Target Audience: The people the objective will be presented to.
      • Method: The method used to present the data collected on the objective (e.g. report, presentation).
      • Frequency: How often the data will be presented to the target audience.

      3.1.5 Record the details of each EA objective

      2 hours

      Input: Defined list of EA objectives

      Output: Increased detail into each defined EA objective

      Materials: Note-taking materials, Whiteboard or flip chart, markers

      Participants: EA strategy creation team

      Record the details of each EA objective. Use the following steps below to assist with recording the details:

      1. Gather the EA strategy creation team, and open the EA Goals and Objectives Template.
      2. Select one objective that has been identified and discuss the formula for calculating the objective and in what units the objective will be recorded. Record the information in the “Calculation formula” and “Unit of measure” columns in the template once they have been agreed upon.
      3. Using the same objective, move to the “Data Collection” portion of the template. Discuss and record the following: the source of the data that generates the objective, the frequency of reporting on the objective, and the person responsible for reporting the objective.
      4. Move to the “Reporting” portion of the template. Discuss and record the target audience for the objective and the reporting frequency and method to those audiences.
      5. Examine the “Objective baseline,” “Objective status,” and “Objective target” columns. Record any measurement you may currently have in the “Objective baseline” column. Record what you would like the objective measurement to be in the “Objective target” column. Note: Keep track of the progression towards the target in the “Objective status” column in the future.
      6. Select the next objective and complete steps 2–5 for that measure. Continue this process until you have recorded details for all objectives.

      Download the EA Goals and Objectives Template to assist with completing this activity.

      Step 3.2

      Finalize the EA Fundamentals

      Activities
      • 3.2.1 Define the organizational coverage dimension of the EA function scope
      • 3.2.2 Define the architectural domains and depth dimension
      • 3.2.3 Define the time horizon dimension
      • 3.2.4 Create a set of EA principles for your organization
      • 3.2.5 Add the rationale and implications to the principles
      • 3.2.6 Operationalize the EA principles
      • 3.2.7 Discuss the need for classical methodology and/or a combination including Agile practices

      This step will walk you through the following activities:

      • Define the EA function scope dimensions.
      • Create a set of EA principles.
      • Discuss the organization’s current methodology, if any, and whether it works for the business.

      This step involves the following participants:

      • CIO
      • EA Team
      • IT Leaders
      • Business Leaders

      Outcomes of this step

      • Defined scope of the EA function.
      • A set of EA principles for your organization.
      • A decision on traditional vs. Agile methodology or a blend of both.

      Build the EA Fundamentals

      Step 3.1 Step 3.2

      A clear EA function scope defines the EA sandbox

      The EA function scope constrains the promises of value the EA function will deliver on by taking into account factors across four dimensions. The EA function scope ensures that the EA function is not stretched beyond its current/planned means and capabilities when delivering the promised value. The four dimensions are illustrated below:

      Organizational coverage
      Determine the focus of the enterprise architecture effort in terms of specific business units, functions, departments, capabilities, or geographical areas.       		Depth
      Determine the appropriate level of detail to be captured, based on the intended use of the enterprise architecture and the contingent decisions to be made.

      EA Scope
      Architectural Domains
      Determine the EA domains (business, data, application, infrastructure, security) that are appropriate to address stakeholder concerns and architecture requirements.       		Time horizon
      Determine the target-state architecture’s objective time period.

      The EA function scope is influenced by the EA value proposition and previously developed EA fundamentals

      Establish the EA function scope by using the EA value proposition and EA fundamentals that have been developed. After defining the EA function scope, refer back to these statements to ensure the EA function scope accurately reflects the EA value proposition and EA fundamentals.

      EA value proposition

      +

      EA vision statement
      EA mission statement
      EA goals and objectives

      		—›
      Influences

      Organizational coverage

      Architectural domains

      Depth

      Time horizon

      		—›
      Defines       		EA function scope

      EA scope – Organizational Coverage

      The organizational coverage dimension of EA scope determines the focus of enterprise architecture effort in the organization. Coverage can be determined by specific business units, functions, departments, capabilities, or geographic areas. Info-Tech has typically seen two types of coverage based on the size of the organization.

      Small and medium-size enterprise

      Indicators: Full-time employees dedicated to manage its data and IT infrastructure. Individuals are IT generalists and may have multiple roles.

      Recommended coverage: Typically, for small and medium-size businesses, the organizational coverage of architecture work is the entire enterprise. (Source: The Open Group, 2018)

      Large enterprise

      Indicators: Dedicated full-time IT staff with expertise to manage specific applications or parts of the IT infrastructure.

      Recommended coverage: For large enterprises, it is often necessary to develop a number of architectures focused on specific business segments and/or geographies. In this federated model, an overarching enterprise architecture should be established to ensure interoperability and conformance to overarching EA principles. (Source: DCIG, 2011)

      EA objectives track the progression towards the target set by EA goals

      Enterprise architecture objectives are specific metrics that help measure and monitor progress towards achieving an EA goal. Objectives are SMART.

      EA goals —› EA objectives
      • EA strategic goals:
        • Business performance
        • IT performance
        • Customer value
        • Risk management
      • EA operational goals
      • Specific
      • Measurable
      • Agreed upon
      • Realistic
      • Time bound
      (Source: Project Smart, 2014)

      Download the EA Goals and Objectives Template to see examples between the relationship of EA goals to objectives.

      Measure the EA strategy effectiveness by tracking the benefits it provides to the corporate business goals

      The success of the EA function is influenced by the following:

      • The delivery of EA-enabled business outcomes that are most important to the enterprise.
      • The alignment between the business and IT from a planning perspective.
      • Improvements in the corporate business goals due to EA contributions (standardization, rationalization, reuse, etc.).
      Corporate Business Goals Measurements
      • Reduction in operating costs
      • Decrease in regulatory compliance infractions
      • Increased revenue from existing channels
      • Increased revenue from new channels
      • Faster time to business value
      • Improved business agility
      • Reduction in enterprise risk exposure
      • Cost reductions based on application and platform rationalization
      • Standard-based solutions
      • Time reduction for integration
      • Service reused
      • Stakeholder satisfaction with EA services
      • Increase customer satisfaction
      • Rework minimized
      • Lower cost of integration
      • Risk reduction
      • Faster time to market
      • Better scalability, etc.

      3.2.1 Define the organizational coverage dimension of the EA function scope

      2 hours

      Input: EA value proposition, Previously defined EA fundamentals

      Output: Organizational coverage dimension of EA scope defined

      Materials: Note-taking materials, Whiteboard or flip chart, markers

      Participants: EA strategy creation team

      Define the organizational coverage of the EA function scope using the following steps below:

      1. Gather the EA strategy creation team. As well, gather the EA value proposition, the EA vision and mission statements, and the EA goals and objectives your team has already created.
      2. Ask the team to read each of the documents gathered in the previous step. This ensures the concepts are fresh in the team members’ minds when defining the EA function scope organizational coverage.
      3. Consider how much of the organization the EA function would need to cover. Refer to the gathered materials to assist with your decision. For example:
        • EA mission statement: Optimize, transform, and innovate by defining and implementing the [Company]’s target enterprise architecture.
        • Implications on organizational coverage: If the purpose of the EA function is to help optimize, transform, and innovate with target-state architecture mapping, then the scope should cover the entire organization. Only by mapping the entire organization’s architecture can the EA function assist with optimizing, transforming, and innovating.
      4. Work with the EA strategy creation team to examine all the gathered materials and document the implications on organization coverage as shown in step 3.
      5. Discuss with the team and select the organizational coverage level that best fits the documented implications for all the gathered materials. Refer back to the gathered materials and make any changes necessary to ensure they support the selected organizational coverage.

      EA scope – Architectural Domains

      A complete enterprise architecture should address all five architectural domains. The five architectural domains are business, data, application, infrastructure, and security.

      Enterprise Architecture
      —› Data Architecture
      Business Architecture —› Infrastructure Architecture
      Security Architecture
      —› Application Architecture

      “The realities of resource and time constraints often mean there is not enough time, funding, or resources to build a top-down, all-inclusive architecture encompassing all four architecture domains. Build architecture domains with a specific purpose in mind.” (The Open Group, 2018)

      Each architectural domain creates a different view of the organization

      Below are the definitions of different domains of enterprise architecture (Info-Tech perspective; others can be identified as well, e.g. Integration Architecture).

      Business Architecture

      Business architecture is a means of demonstrating the business value of subsequent architecture work to key stakeholders and the return on investment to those stakeholders from supporting and participating in the subsequent work. Business architecture defines the business strategy, governance, organization, and key business processes.

      Data Architecture

      Describes the structure of an organization’s logical and physical data assets and data management resources.

      Application Architecture

      Provides a blueprint for the individual applications to be deployed, their interactions, and their relationships to the core business processes of the organization.

      Infrastructure Architecture

      Represents the sum of hardware, software, and telecommunications-related IT capability associated with a particular enterprise. It is concerned with the synergistic operations and management of the devices in the organization.

      Security Architecture

      Provides an unified security design that addresses the necessities and potential risks involved in a certain scenario or environment. It also specifies when and where to apply security controls.
      (Sources: The Open Group, 2018; IT Architecture Journal, 2014; Technopedia, 2016)

      EA scope – Depth

      EA scope depth defines the architectural detail for each EA domain that the organization has selected to pursue. The level of depth is broken down into four levels. The level of depth the organization decides to pursue should be consistent across the domains.

      Contextual
      • Helps define the organization scope, and examines external and internal requirements and their effect on the organization. For example, enterprise governance.
      Conceptual
      • High-level representations of the organization or what the organization wants to be. For example, business strategy, IT strategy.
      Logical
      • Models that define how to implement the representation in the conceptual stage. For example, identifying the business gaps from the current state to the target state defined by the business strategy.
      Physical
      • The technology and physical tools used to implement the representation created in the logical stage. For example, business processes that need to be created to bridge the gaps identified and reach the target stage.
      (Source: Zachman International, 2011) Business Architecture Data Architecture Application Architecture Infrastructure Architecture Security Architecture

      Each architectural depth level contains a set of key artifacts

      The graphic below depicts examples of the key artifacts that each domain of architecture would produce at each depth level.

      Contextual Enterprise Governance
      Conceptual Business strategy Business objects Use-case models Technology landscaping Security policy
      Logical Business capabilities Data attribution Application integration Network/ hardware topology Security standards
      Physical Business process Database design Application design Configuration management Security configuration
      Business Architecture Data Architecture Application Architecture Infrastructure Architecture Security Architecture

      3.2.2 Define the architectural domains and depth dimension of the EA function scope

      2 hours

      Input: EA value proposition, Previously defined EA fundamentals

      Output: Architectural domain and depth dimensions of EA scope defined

      Materials: Note-taking materials, Whiteboard or flip chart, markers

      Participants: EA strategy creation team

      Define the EA function scope for your organization using the following steps below:

      1. Gather the EA strategy creation team. As well, gather the EA value proposition, the EA vision and mission statements, and the EA goals and objectives that your team has already created.
      2. Ask the team to read each of the documents gathered in the previous step. This ensures the concepts are fresh in the team members’ minds when defining the architectural domains and depth of the EA function scope.
      3. Consider the architectural domains and the depth those domains need to reach. Refer to the gathered materials to assist with your decision. For example:
        • Promise of value: Increase the number of IT investments with a direct tie to business strategy.
        • Implications on architectural domains: The EA function will need business architecture. Business architecture generates business capability mapping, which will anticipate what IT investments are needed for the future.
        • Implications on depth: Depth for business architecture needs to reach a logical level to encompass business capabilities.
      4. Work with the EA strategy creation team to examine all the gathered materials and document the implications on architectural domains and depth as shown in step 3.
      5. Discuss with the team and select the architectural domains and the depth for each domain that best fits the documented implication. Refer back to the gathered materials and make any changes necessary to ensure they support the selected architectural domains and depth.

      EA scope – Time Horizon

      The EA scope time horizon dictates how long to plan for the architecture.

      It is important that the EA team’s work has an appropriate planning horizon while avoiding two extremes:

      1. A planning horizon that is too short focuses on immediate operational goals and strategic quick wins, missing the “big picture,” and fails to support the achievement of strategic long-term enterprise goals.
      2. A planning horizon that is too long is at a higher risk of becoming irrelevant.

      Target the same strategic planning horizon as your business. Additionally, consider the following recommendations:

      Planning Horizon: 1 year 2-3 years 5 years
      Recommended under the following conditions:
      • Corporate strategy is not stable and frequently changes direction (typical for small and some mid-sized companies).
      • There will be a major update of the corporate strategy in one year.
      • The company will be acquired by or merged with another company in one year.
      • The business' strategic plan spans the next two to three years, and corporate strategy is moderately stable within this time frame (typical for mid-sized and some large companies).
      • The business' strategic plan spans the next five years and corporate strategy is very stable (typical for large companies).

      3.2.3 Define the time horizon dimension of the EA function scope

      2 hours

      Input: EA value proposition, Previously defined EA fundamentals

      Output: Time horizon dimension of EA scope defined

      Materials: Note-taking materials, Whiteboard or flip chart, markers

      Participants: EA strategy creation team

      Define the EA function scope for your organization using the following steps below:

      1. Gather the EA strategy creation team. As well, gather the EA value proposition, the EA vision and mission statements, and the EA goals and objectives your team has already created.
      2. Ask the team to read each of the documents gathered in the previous step. This ensures the concepts are fresh in the team members’ minds when crafting the EA function scope.
      3. Consider the time horizons of the EA function scope. Refer to the gathered materials to assist with your decision. For example:
        • EA Objective: Increase the percentage of enterprise strategic goals and requirements supported by IT strategic goals by 30% in the next 3 years.
        • Implications on time horizon: Because it will take 3 years to measure the success of these EA objectives, the time horizon may need to be 3 years.
      4. Work with the EA strategy creation team to examine all the gathered materials and document the implications on time horizon as shown in step 3.
      5. Discuss with the team and select the time horizon that best fits the documented implication. Refer back to the gathered materials and make any changes necessary to ensure they support the selected architectural time horizon.

      EA principles capture the EA value proposition essence and provide guidance for the decisions that impact architecture

      EA principles are shared, long-lasting beliefs that guide the use of IT in constructing, transforming, and operating the enterprise by informing and restricting target-state enterprise architecture design, IT investment portfolio management, solution development, and procurement decisions.

      EA value proposition Influences
      —›       		EA Principles Guide and inform
      —›       		Decisions on the Use of IT Direct and control
      ‹—       		Specific Domain Policies
      ‹———————

      What decisions should be made?       		————— ————— —————
      How should decisions be made?       		————— ————— —————————›
      Who has the accountability and authority to make decisions?

      EA principles must be carefully constructed to make sure they are adhered to and relevant

      Info-Tech has identified a set of characteristics that EA principles should possess. Having these characteristics ensures the EA principles are relevant and followed in the organization.

      Approach focused EA principles are focused on the approach, i.e. how the enterprise is built, transformed, and operated, as apposed to what needs to be built, which is defined by both functional and non-functional requirements.
      Business relevant Create EA principles specific to the organization. Tie EA principles to the organization’s priorities and strategic aspirations.
      Long lasting Build EA principles that will withstand the test of time.
      Prescriptive Inform and direct decision making with EA principles that are actionable. Avoid truisms, general statements, and observations.
      Verifiable If compliance can’t be verified, the principle is less likely to be followed.
      Easily digestible EA principles must be clearly understood by everyone in IT and by business stakeholders. EA principles aren’t a secret manuscript of the EA team. EA principles should be succinct; wordy principles are hard to understand and remember.
      Followed Successful EA principles represent a collection of beliefs shared among enterprise stakeholders. EA principles must be continuously “preached” to all stakeholders to achieve and maintain buy-in.

      In organizations where formal policy enforcement works well, EA principles should be enforced through appropriate governance processes.

      Review ten universal EA principles to determine if your organization wishes to adopt them

      1. Enterprise value focus We aim to provide maximum long-term benefits to the enterprise as a whole while optimizing total costs of ownership and risks.
      2. Fit for purpose We maintain capability levels and create solutions that are fit for purpose without over-engineering them.
      3. Simplicity We choose the simplest solutions and aim to reduce operational complexity of the enterprise.
      4. Reuse › buy › build We maximize reuse of existing assets. If we can’t reuse, we procure externally. As a last resort, we build custom solutions.
      5. Managed data We handle data creation, modification, and use enterprise-wide in compliance with our data governance policy.
      6. Controlled technical diversity We control the variety of technology platforms we use.
      7. Managed security We manage security enterprise-wide in compliance with our security governance policy.
      8. Compliance to laws and regulations We operate in compliance with all applicable laws and regulations.
      9. Innovation We seek innovative ways to use technology for business advantage.
      10. Customer centricity We deliver best experiences to our customers with our services and products.

      3.2.4 Create a set of EA principles for your organization

      2 hours

      Input: Info-Tech’s ten universal EA principles, Identified promises of value

      Output: A defined set of EA principles for your organization

      Materials: Note-taking materials, Whiteboard or flip chart, markers

      Participants: EA strategy creation team

      Create a set of EA principles for your organization using the steps below:

      1. Gather the EA strategy creation team, download the EA Principles Template – EA Strategy, and have the identified promises of value opened.
      2. Select one universal principle and relate it to the promises of value by discussing with the EA strategy creation team. If there is a relation, record “Yes” in the template on the slide “Select the applicability of 10 universally accepted EA principles.” See example below:
        • Universal principle: Enterprise value focus – We aim to provide maximum long-term benefits to the enterprise as a whole while optimizing total costs of ownership and risks.
        • Related promise of value example: Increase the number of investments that have a direct tie with corporate strategy.
      3. Continue the process in step 2 until all ten universal EA principles have been examined. If there is a universal principle that is unrelated to a promise of value, discuss with the team whether the principle still needs to be included. If the principle is not included, record “No” in the template on the slide “Select the applicability of 10 universally accepted EA principles.”
      4. If there are any promises of value that are not captured by the universally accepted EA principles, the team may choose to create new principles. Create the new principles in the format below and record them in the template.
        • Name: The name of the principle, in a few words.
        • Statement: A sentence that expands on the “Name” section and explains what the principle achieves.

      Download the EA Principles Template – EA Strategy to document this step.

      Organizational stakeholders are more likely to follow EA principles when a rationale and an implication are provided

      After defining the set of EA principles, ensure they are all expanded upon with a rationale and implications. The rationale and implications ensure principles are more likely to be followed because they communicate why the principles are important and how they are to be used.

      Name
      • The name of the EA principle, in a few words.
      Statement
      • A sentence that expands on the “Name” section and explains what the principle achieves.
      Rationale
      • Describes the business benefits and reasoning for establishing the principle.
      • Explicitly links the principle to business/IT vision, mission, priorities, goals, or strategic aspirations (strategic themes).
      Implications
      • Describe when and how the principle is to be applied.
      • Communicate this section with “must” sentences.
      • Refer to domain-specific policies that provide detailed, domain-specific direction on how to apply the principle.

      3.2.5 Add the rationale and implications to the principles that have been created

      2 hours

      Input: Identified set of EA principles

      Output: EA principles that have rationale and implications

      Materials: Note-taking materials, Whiteboard or flip chart, markers

      Participants: EA strategy creation team

      Add the rationale and implication of each EA principle that your organization has selected using the following steps:

      1. Gather the EA strategy creation team and open the EA Principles Template – EA Strategy.
      2. Examine the EA Principles Template – EA Strategy. Look for the detailed descriptions of all the applicable EA universal principles, and discuss with the team whether the pre-populated rationale and implications need to be changed.
      3. Make sure all the rationale and implication sections of the applicable universal EA principles have been examined. Record the changes on the slide devoted to each principle in the template.
      4. Examine any new principles created outside of the universal EA principles. Create the rationale and implication sections for each of those principles. Use the slide “Review the rationale and implications for the applicable universal principles” in the EA Principles Template – EA Strategy to assist with this step.

      Download the EA Principles Template – EA Strategy to document this step.

      3.2.6 Operationalize the EA principles to ensure they are used when decisions are being made

      1-2 hours

      Input: Defined set of EA principles

      Output: EA principles are successfully operationalized

      Materials: Note-taking materials, Whiteboard or flip chart, markers

      Participants: EA strategy creation team

      Begin to operationalize the EA principles by reviewing the proposed principles with business and technology leadership to secure their approval.

      1. Publish the list of principles, their rationale, and their implications.
      2. Include the principles in any existing policies that guide decision making for the use of technology within the business.
      3. Provide existing governance bodies with the authority to enforce adherence to principles, and communicate the waiver process.
      4. Ensure that project-level teams are aware of the principles and have at least one champion guiding the decisions of the team.

      Review a use case for the utilization of EA principles – Sample

      After operationalizing the EA principles for your organization, the organization can now use those principles to guide and inform its IT investment decisions. Below is an example of a scenario where EA principles were used to guide and inform an IT investment decision.

      Organization wants to provision an application but it needs to decide how to do so, and it considers the relevant EA principles:

      • Reuse › buy › build
      • Managed security
      • Innovation

      The organization has decided to go with a specialized vendor, even though it normally prefers to reuse existing components. The vendor has experience in this domain, understands the data security implications, and can help the organization mitigate risk. Lastly, the vendor is known for providing new solutions on a regular basis and is a market leader, making it more likely to provide the organization with innovative solutions.

      An oil and gas company created EA fundamentals to guide the EA function

      CASE STUDY

      Industry: Oil & Gas
      Source: Info-Tech

      Challenge

      As an enterprise architecture function starting from ground zero, the organization did not have the EA fundamentals in place to guide the EA function. Further, the organization also did not possess an EA function scope to define the boundaries of the EA function.

      Due to the lack of EA scope, the EA function did not know which part of the organization to provide contributions toward. A lack of EA fundamentals caused confusion regarding the future direction of the EA function.

      Solution

      Info-Tech worked with the EA team to define the different components of the EA fundamentals. This included EA vision and mission statements, EA goals and objectives, and EA principles.

      Additionally, Info-Tech worked with the EA team to define the EA function scope.

      These EA strategy components were created by examining the needs of the business. The components were aligned with the identified needs of the EA stakeholders.

      Results

      The defined EA function scope helped set out the responsibilities of the enterprise architecture function to the organization.

      The EA vision and mission statements and EA goals and objectives were used to guide the direction of the EA function. These fundamentals helped the EA function improve its maturity and deliver on its promises.

      The EA principles were used in IT review boards to guide the decisions on IT investments in the organization.

      3.2.7 Discuss the need for a classical methodology and/or a combination including Agility practices

      1 hour

      Input: Existing methodologies

      Output: Decisions about need of agility, ceremonies, and protocols to be used

      Materials: Note-taking materials, Whiteboard or flip chart, markers

      Participants: EA strategy creation team

      Add the rationale and implication of adopting an Agile methodology and/or a combination with a traditional methodology.

      1. Is there an EA methodology adopted by the organization? Is there a classical one, or is it purely Agile?
      2. What would need to happen to address the business goals of the organization (e.g. is there a need to be more agile?)? Do you need to have more decisions centralized (e.g. to adopt certain standards, security controls)?
      3. Where on the decentralization continuum does your organization need to be?
      4. What role would Enterprise Architects have (would they need to be part of existing ceremonies? Would they need to blend traditional and agile processes?)?
      5. If a customized methodology is required, identify this as an item to be included as part of the EA roadmap (can be run as a Agile Enterprise Operating Model workshop).

      Design an Enterprise Architecture Strategy

      Phase 4

      Design the EA Services

      Phase 1

      • 1.1 Explore a general EA strategy approach
      • 1.2 Introduce Agile EA architecture

      Phase 2

      • 2.1 Define the business and technology drivers
      • 2.2 Define your value proposition

      Phase 3

      • 3.1 Realize the importance of EA fundamentals
      • 3.2 Finalize the EA fundamentals

      Phase 4

      • 4.1 Select relevant EA services
      • 4.2 Finalize the set of services and secure approval
        •

      This phase will walk you through the following activities:

      • Select relevant EA services
      • Finalize the set of services and secure approval

      This phase involves the following participants:

      • CIO
      • EA Team
      • IT Leaders
      • Business Leaders

      Step 4.1

      Select Relevant EA Services

      Activities
      • 4.1.1 Select the EA services relevant to your organization
      • 4.1.2 Identify if your organization needs additional services outside of the recommended list
      • 4.1.3 Complete all of the service catalog fields for each service to show the organization how each can be consumed

      This step will walk you through the following activities:

      • Communicate a definition of EA services.
      • Link services to the previously identified EA contributions.

      This step involves the following participants:

      • CIO
      • EA Team
      • IT Leaders
      • Business Leaders

      Outcomes of this step

      • A defined set of services the EA function will provide.
      • An EA service catalog that demonstrates to the organization how each provided service can be accessed and consumed.

      Design the EA Services

      Step 3.1 Step 3.2

      The definition of EA services will allow the group to communicate how they can add value to EA stakeholders

      Enterprise architecture services are a set of activities the enterprise architecture function provides for the organization. EA services are important because the services themselves provide a set of benefits for the organization.

      Enterprise Architecture Services

      • A means of delivering value to the business by facilitating outcomes service consumers want to achieve.
      • EA services are defined from the business perspective using business language.
      • EA services are designed to enable required business activities.

      Viewing the EA function from a service perspective resolves the following pains:

      • Business users don’t know how EA can assist them.
      • Business users don’t know how to request access to a service with multiple sources of information available.
      • EA has no way of managing expectations for their users, which tend to inflate.
      • EA does not have a holistic view of all the services they need to provide.

      Link EA services to the previously identified EA contributions

      Previously identified EA contributions can be linked to EA services, which helps the EA function identify a set of EA services that are important to business stakeholders. Further, linking the EA contributions to EA services can define for the EA function the services they need to provide.

      Demonstrate EA service value by linking them to EA contributions

      1. EA stakeholders generate drivers
      2. Drivers have pains that obstruct them
      3. Pains are alleviated by EA contributions
      4. EA contributions help define the EA services needed

        • EA Contributions
          Example EA contribution: Business capability mapping shows the business capabilities of the organization and the technology that supports those capabilities in the current and target state. This provides a view for the set of investments that are needed by the organization, which can then be prioritized.

          • EA Services
            Example EA service: Target-state business capability mapping

      4.1.1 Select the EA services relevant to your organization

      2 hours

      Input: Previously identified EA contributions from the EA value proposition

      Output: A set of EA services selected for the organization from Info-Tech’s defined set of EA services

      Materials: Note-taking materials, Whiteboard or flip chart, markers

      Participants: EA strategy creation team

      Begin the selection of EA services relevant to your organization by following the steps below:

      1. Gather the EA strategy creation team, and the list of identified EA contributions that the team formulated during Phase 2.
      2. Open the EA Service Planning Tool, select one sub-service, and read its definition.
      3. Based on the definition of the sub-service, refer back to the identified list of EA contributions and check if there is an identified EA contribution that matches the service.
        • If the EA service definitions matches one of the identified EA contributions, then that EA service is relevant to the organization. If there is no match, then the EA service may not be relevant to the organization.
      4. Highlight the sub-service if it is relevant. Add a checkmark beside the EA contribution if it is addressed by a sub-service.
      5. Select the next sub-service and repeat steps 2-4. Continue down the list of sub-services in the EA Service Planning Tool until all sub-services have been examined.

      Download the EA Service Planning Tool to assist with this activity.

      4.1.2 Identify if your organization needs additional services outside of the recommended list

      2 hours

      Input: Expertise from the EA strategy creation team, Previously defined EA contributions

      Output: A defined set of EA services outside the list Info-Tech has recommended

      Materials: Note-taking materials, Whiteboard or flip chart, markers

      Participants: EA strategy creation team

      Identify if services outside of the recommended list in the EA Service Planning Tool are relevant to your organization by using the steps below:

      1. Gather the EA strategy creation team and the list of EA contributions with checkmarks for contributions addressed by EA services.
      2. Take the list of unaddressed EA contributions and select one EA contribution in the list. Assess whether an EA service is required to address the EA contribution. Ask the group the following:
        • Can the EA practice provide the service now?
        • Does providing this EA service line up with the previously defined EA function scope and EA fundamentals?
      3. Decide if a service needs to be provided for that contribution. If yes, give the service a name and a definition.
      4. Then, decide if the service fits into one of the service categories in the EA Service Planning Tool. If there is no fit, create another service category. Define the new service category as well.
      5. Continue to the next unaddressed EA contribution and repeat steps 2-4. Repeat this process until all unaddressed EA contributions have been assessed.

      Download the EA Service Planning Tool to assist with this activity.

      Create the EA service catalog to demonstrate to the organization how each service can be accessed and used

      The EA service catalog is an important communicator to the business. It shifts the technology-oriented view of EA to services that show direct benefit to the business. It is a tool that communicates and provides clarity to the business about the EA services that are available and how those services can assist them.

      Define the services to show value Define the service catalog to show how to use those services
      Already defined
      • EA service categories
      • The services needed by the EA stakeholders in each EA service category
      Need to define
      • Should EA deliver this service?
      • Service triggers
      • Service provider
      • Service requestor

      Info-Tech Insight

      The EA group must provide the organization with a list of services it will provide to demonstrate value. This will help the team manage expectations and the workload while giving organizational stakeholders a clear understanding of how to engage EA and what lies outside of EA’s involvement.

      4.1.3 Complete all the service catalog fields for each service to show the organization how each can be consumed

      4 hours

      Input: Expertise from the EA strategy creation team

      Output: Service details for each EA service in your organization

      Materials: Note-taking materials, Whiteboard or flip chart, markers

      Participants: EA strategy creation team

      Complete the details for each relevant EA service in the EA Service Planning Tool by using the following steps:

      1. Gather the EA strategy creation team, and open the EA Service Planning Tool.
      2. Select one of the services you have defined as relevant and begin the process of defining the service. Define the following fields:
        • Should EA deliver this service? Should the EA team provide this service? (Yes/No)
        • Service trigger: What trigger will signal the need for the service?
        • Service provider: Who in the EA team will provide the service?
        • Service requestor: Who outside of the EA team has requested this service?
      3. Have the EA strategy creation team discuss and define each of the fields for the service above. Record the decisions in the corresponding columns of the EA Service Planning Tool.
      4. Select the next required EA service, and repeat steps 2 and 3. Repeat the process until all required EA services have their details defined.

      Download the EA Service Planning Tool to assist with this activity.

      Step 4.2

      Finalize the Set of Services and Secure Approval

      Activities
      • 4.2.1 Secure approval for your organization’s EA strategy
      • 4.2.2 Map the EA contributions to business goals
      • 4.2.3 Quantify the EA effectiveness
      • 4.2.4 Determine the role of the architect in the Agile ceremonies of the organization

      This step will walk you through the following activities:

      • Present the EA strategy to stakeholders.
      • Determine service details for each EA service in your organization.

      This step involves the following participants:

      • CIO
      • EA Team
      • IT Leaders
      • Business Leaders

      Outcomes of this step

      • Secured approval for your organization’s EA strategy.
      • Measure effectiveness of EA contributions.

      Design the EA Services

      Step 4.1 Step 4.2

      Present the EA strategy to stakeholders to secure approval of the finalized EA strategy

      For the EA strategy to be successfully executed, it must be approved by the EA stakeholders. Securing their approval will increase the likelihood of success in the execution of the EA operating model.

      Outputs that make up the EA strategy —› Present outputs to EA strategy stakeholders
      • Business and technology drivers
      • EA function value proposition

      • EA vision statement
      • EA mission statement
      • EA goals and objectives
      • EA scope
      • EA principles

      • EA function services
      • Identified and prioritized EA stakeholders.








      • The checkmark symbol represents the outputs this blueprint assists with creating.

      4.2.1 Secure approval of your organization’s EA strategy

      1 hour

      Input: Completed EA Function Strategy Template, Expertise from EA strategy creation team

      Output: Approval of the EA strategy

      Materials: Note-taking materials, Whiteboard or flip chart, markers

      Participants: EA strategy creation team, Key EA stakeholders

      Use the following steps to assist with securing approval for your organization’s EA strategy:

      1. Call a meeting between the EA strategy creation team and the identified key EA stakeholders. Key stakeholders were defined in activity 2.1.1.
      2. Open the completed EA Function Strategy Template. Use it to help you discuss the merits of the EA strategy with the key stakeholders.
      3. Discuss with the stakeholders any concerns and modifications they wish to make to the strategy. If detailed questions are asked, refer to the other templates created as a part of this blueprint. Record those concerns and address them at a later time.
      4. After presenting the EA strategy, ask the stakeholders for approval. If stakeholders do not approve, refer back to the concerns documented in step 3 and inquire if addressing the concerns will result in approval.
      5. If applicable, address stakeholder concerns with the EA strategy.
      6. Once EA strategy has been approved, publish the EA strategy to ensure there is a mutual understanding of what the EA function will provide to the organization. Move on to Info-Tech’s Define an EA Operating Model blueprint to begin executing upon the EA strategy.

      Use the EA Function Strategy Template to assist with this activity.

      4.2.2 Map the EA contributions to the business goals

      3 hours

      Input: Expertise from EA strategy creation team

      Output: Service details for each EA service in your organization

      Materials: Note-taking materials, Whiteboard or flip chart, markers

      Participants: EA strategy creation team

      Map EA contributions/services to the goals of the organization.

      1. Start from the business goals of the organization.
      2. Determine Business and IT drivers.
      3. Identify EA contributions that help achieve the business goals.

      Download the EA Service Planning Tool to assist with this activity.

      Trace EA drivers to business goals (sample)

      A model connecting 'Enterprise Architecture' with 'Corporate Goals' through 'EA Contributions'.

      4.2.3 Quantify the EA effectiveness

      1 hour

      Input: Expertise from EA strategy creation team

      Output: Defined KPIs (SMART)

      Materials: Note-taking materials, Whiteboard or flip chart, markers

      Participants: EA strategy creation team

      Use SMART key performance indicators (KPIs) to measure EA contributions vis-à-vis business goals.

      Measure the EA strategy effectiveness by tracking the benefits it provides to the corporate business goals

      The success of the EA function spans across three main dimensions:

      • The delivery of EA-enabled business outcomes that are most important to the enterprise.
      • The alignment between the business and IT from a planning perspective.
      • Improvements in the corporate business goals due to EA contributions (standardization, rationalization, reuse, etc.).
      Corporate Business GoalsEA ContributionsMeasurements
      • Reduction in operating costs
      • Decrease in regulatory compliance infractions
      • Increased revenue from existing channels
      • Increased revenue from new channels
      • Faster time to business value
      • Improved business agility
      • Reduction in enterprise risk exposure
      • Alignment of IT investments to business strategy
      • Achievement of business results directly linked to IT involvement
      • Application and platform rationalization
      • Standards in place
      • Flexible architecture
      • Better integration
      • Higher organizational satisfaction with technology-enabled services and solutions
      • Cost reductions based on application and platform rationalization
      • Standard based solutions
      • Time reduction for integration
      • Service reused
      • Stakeholder satisfaction with EA services
      • Increase customer satisfaction
      • Rework minimized
      • Lower cost of integration
      • Risk reduction
      • Faster time to market
      • Better scalability, etc.

      The oil and gas company began the EA strategy creation by crafting an EA value proposition

      CASE STUDY

      Industry: Oil & Gas
      Source: Info-Tech

      Challenge

      The oil and gas corporation faced a great challenge in communicating the role of enterprise architecture to the organization. Although it has the mandate from the CIO to create the EA function, there was no function in existence. Thus, few people in the organization understood EA.

      Because of this lack of understanding, the EA function was often undermined. The EA function was seen as an order taker that provided some services to the organization.

      Solution

      First, Info-Tech worked with the enterprise architecture team to define the EA stakeholders in the organization.

      Second, Info-Tech interviewed those stakeholders to identify their needs. The needs were analyzed and pains that would obstruct addressing those needs were identified.

      Lastly, Info-Tech worked with the team to identify common EA contributions that would solve those pains.

      Results

      Through this process, Info-Tech helped the team at the oil and gas company create a document that could communicate the value of EA. Specifically, the document could articulate the issues obstructing each stakeholder from achieving their needs and how enterprise architecture could solve them.

      With this value proposition, EA was able to demonstrate value to important stakeholders and set itself up for success in its future endeavors.

      The oil and gas company defined EA services to provide and communicate value to the organization

      CASE STUDY

      Industry: Oil & Gas
      Source: Info-Tech

      Challenge

      As a brand new enterprise architecture function, the EA function at the oil and gas corporation did not have a set of defined EA services. Because of this lack of EA services, the organization did not know what contributions EA could provide.

      Further, without the definition of EA services, the EA function did not set out explicit expectations to the business. This caused expectations from the business to be different from those of the EA function, resulting in friction.

      Solution

      Info-Tech worked with the EA function at the oil and gas corporation to define a set of EA services the function could provide.

      The Info-Tech team, along with the organization, assessed the business and technology needs of the stakeholder. Those needs acted as the basis for the EA function to create their initial services.

      Additionally, Info-Tech worked with the team to define the service details (e.g. service benefits, service requestor, service provider) to communicate how to provide services to the business.

      Results

      The defined EA services led the EA function to communicate what it could provide for the business. As well, the defined services clarified the level of expectation for the business.

      The EA team was able to successfully service the business on future projects, adding value through their expertise and knowledge of the organization’s systems. Because of the demonstrated value, EA has been given greater responsibility throughout the organization.

      4.2.4 Determine the role of the architect in the Agile ceremonies of the organization

      1 hour

      Input: Expertise from EA strategy creation team

      Output: Participation in Agile Pre- and Post-PI, Architect Syncs, etc.

      Materials: Note-taking materials, Whiteboard or flip chart, markers

      Participants: EA strategy creation team

      Document the involvement of the enterprise architect in your organization’s Agile ceremonies.

      1. Document the Agile ceremonial used in the organization (based on SAFe or other Agile approaches).
      2. Determine ceremonies the System Architect will participate in.
      3. Determine ceremonies the Solution Architect will participate in
      4. Determine ceremonies the Enterprise Architect will participate in.
      5. Determine Architect Syncs, etc.

      Note: Roles and responsibilities can be further defined as part of the Agile Enterprise Operating Model.

      The EA role relative to agility

      The enterprise architecture role relative to agility specifies the architecture roles as well as the agile protocols they will participate in.
      This statement will guide every architect’s participation in planning meetings, pre- and post-PI, syncs, etc. Use simple and concise terminology; speak loudly and clearly.

      A strong EA role statement relative to agility has the following characteristics:

      • Describes what different architect roles do to achieve the vision of the organization
      • In an agile way
      • Compelling
      • Easy to grasp
      • Sharply focused
      • Specific
      • Concise

      Sample EA mission relative to agility

      • Create strategies that provide guardrails for the organization, provide standards, reusable assets, accelerators, and other decisions at the enterprise level that support agility.
      • Participate in pre-PI and post-PI planning activities, architect syncs, etc.

      A clear statement can include additional details surrounding the Enterprise Architect role relative to agility

      Likewise, below is a sample of connecting keywords together to form an enterprise architect role statement, relative to agility.

      Optimize, transform, and innovate by defining and implementing the [Company]’s target enterprise architecture in an agile way.

      Optimize – We collaborate with the business to analyze and optimize business capabilities and business processes to enable the agile and efficient attainment of [Company name] business objectives.

      Transform – We support IT-enabled business transformation programs by building and maintaining a shared vision of the future-state enterprise and consistently communicating it to stakeholders.

      Innovate – We identify and develop new and creative opportunities for IT to enable the business. We communicate the art of the possible to the business.

      Defining and implementing – We engage with project teams early and guide solution design and selection to ensure alignment to the target-state enterprise architecture and provide guidance as well as accelerators.

      Target enterprise structure in an agile way – We analyze business needs and priorities and assess the current state of the enterprise. We build and maintain the target enterprise architecture blueprints that define:

      • Business capabilities and processes (business architecture)
      • Data, application, and technology assets that enable business capabilities and processes (technology architecture)
      • Architecture principles
      • Standards and reusable assets
      • Continuous exploration, integration, and deployment

      Move to the enterprise architecture operating model blueprint to execute your EA strategy

      Once approved, move on to Info-Tech’s Define an EA Operating Model blueprint to begin executing on the EA strategy.

      Enterprise architecture strategy

      This blueprint focuses on setting up an enterprise architecture function, with the goal of maximizing the likelihood of EA success. The blueprint puts into place the components that will align the EA function with the needs of the stakeholders, guide the decision making of the EA function, and define the services EA can provide to the organization.

      Agile enterprise architecture operating model

      An EA operating model helps you design and organize the EA function, ensuring adherence to architectural standards and delivery of EA services. This blueprint acts on the EA strategy by creating methods to engage, govern, and develop architecture as a part of the larger organization.

      Research contributors and experts

      Photo of Milena Litoiu, Senior Director Research and Advisory, Enterprise Architecture Milena Litoiu
      Senior Director Research and Advisory, Enterprise Architecture
      • Milena Litoiu is a Principal/Senior Manager of Enterprise Architecture. She is Master Certified with The Open Group and she sits on global architecture certification boards.
      • Other certifications include SABSA, CRISC, and Scaled Agile Framework. She started as a certified IT Architect at IBM and has over 25 years experience in this field.
      • Milena teaches enterprise architecture at the University of Toronto and led the development of the Enterprise Architecture Certificate (a course on EA fundamentals, one on EA development and Governance, and one on Trends going forward).
      • She has a Masters in Engineering, an executive MBA, and extensive experience in enterprise architecture as well as methodologies and tools.
      		 Photo of Lan Nguyen, IT Executive, Mentor, Managing Partner at CIOs Beyond Borders Group Lan Nguyen
      IT Executive, Mentor, Managing Partner at CIOs Beyond Borders Group
      • Lan Nguyen has a wealth of experience driving the EA strategy and the digital transformation success at the City of Toronto.
      • Lan is a university lecturer on topics like strategic leadership in the digital enterprise.
      • Lan is a Managing Partner at CIOs Beyond Borders Group.
      • Lan specializes in Partnership Development; Governance; Strategic Planning, Business Development; Government Relations; Business Relationship Management; Leadership Development; Organizational Agility and Change Management; Talent Management; Managed Services; Digital Transformation; Strategic Management of Enterprise IT; Shared Services; Service Quality Improvement, Portfolio Management; Community Development; and Social Enterprise.


      Photo of Dirk Coetsee, Director Research and Advisory, Enterprise Architecture, Data & Analytics Dirk Coetsee
      Director Research and Advisory, Enterprise Architecture, Data & Analytics
      • Dirk Coetsee is a Research & Advisory Director in the Data & Analytics practice. Dirk has over 25 years of experience in data management and architecture within a wide range of industries, especially Financial Services, Manufacturing, and Retail.
      • Dirk spearheaded data architecture at several organizations and was involved in enterprise data architecture, data governance, and data quality and analytics. He architected many operational data stores of ranging complexity and transaction volumes and was part of major enterprise data warehouse initiatives. Lately, he was part of projects that implemented big data, enterprise service bus, and micro services architectures. Dirk has an in-depth knowledge of industry models within the financial and retail spaces.
      • Dirk holds a BSc (Hons) in Operational Research and an MBA with specialization in Financial Services from the University of Pretoria, South Africa.
      		 Photo of Andy Neill, AVP, Enterprise Architecture, Data and Analytics Andy Neill
      AVP, Enterprise Architecture, Data and Analytics
      • Andy is AVP Data and Analytics and Chief Enterprise Architect at Info-Tech Research Group. Previous roles include leading the data architecture practice for Loblaw Companies Ltd, Shoppers Drug Mart and 360 Insights in Canada as well as leading architecture practices at Siemens consultancy, BBC, NHS, Ordnance Survey, and Houses of Parliament and Commons in the UK.
      • His responsibilities at Info-Tech include leading the data and analytics and enterprise architecture research practices and guiding the future of research and client engagement in that space.
      • Andy is the Product Owner for the Technical Counselor seat offering at Info-Tech, which gives world-class holistic support to our senior technical members.
      • He is also a instructor and content creator for the University of Toronto in the field of Enterprise Architecture.


      Photo of Wayne Filin-Matthews, Chief Enterprise Architect, ICMG Winner of Global Chief Enterprise Architect of the Year 2019 Wayne Filin-Matthews
      Chief Enterprise Architect, ICMG Winner of Global Chief Enterprise Architect of the Year 2019
      • Wayne is currently the EA Discipline Lead/Chief Enterprise Architect – Global Digital Transformation Office, COE at Dell Technologies.
      • He is a distinguished Motivator & Tech Lead as well as an influencer.
      • Wayne has led multiple Enterprise Architecture practices at the global level and has valuable contributions in this space managing and growing Enterprise Architecture and CTO practices across strategy, execution, and adoption parts of the IT lifecycle.
      		 Photo of Graham Smith, Experienced lead Enterprise Architect and Independent Consultant Graham Smith
      Experienced lead Enterprise Architect and Independent Consultant
      • Graham is an experienced lead enterprise architect specializing in digital and data transformation, with over 33 years of experience, spanning financial markets, media, information, insurance, and telecommunications sectors. Graham has successfully established and led large teams across India, China, Australia, Americas, Japan, and the UK.
      • He is currently working as an independent consultant in digital and data-led transformation and his work spans established businesses and start-ups alike.

      Thanks also go to all experts who contributed to previous versions of this document:

      • Zachary Curry, Director, Enterprise Architecture and Innovation, FMC Technologies
      • Pam Doucette, Director of Enterprise Architecture, Tufts Health Plan
      • Joe Evers, Consulting Principal, JcEvers Consulting Corp
      • Cameron Fairbairn, Enterprise Architect, Agriculture Financial Services Corporation (AFSC)
      • Michael Fulton, Chief Digital Officer & Senior IT Strategy & Architecture Consultant at CC and C Solutions
      • Tom Graves, Principal Consultant, Tetradian Consulting
      • (JB) Brahmaiah Jarugumilli, Consultant, Federal Aviation Administration – Enterprise Services Center
      • Huw Morgan, IT Research Executive, Enterprise Architect
      • Serge Parisien, Manager, Enterprise Architecture, Canada Mortgage & Housing Corporation

      Additional interviews were conducted but are not listed due to privacy and confidentiality requirements.

      Bibliography

      “Agile Manifesto for Software Development,” Ward Cunningham, 2001. Accessed July 2021.

      “ArchiMate 3.1 Specification.” The Open Group, n.d. Accessed July 2021.

      “Are Your IT Strategy and Business Strategy Aligned?” 5Q Partners, 8 Jan. 2015. Accessed Oct. 2016.

      Bowen, Fillmore. “How agile companies create and sustain high ROI.” IBM. Accessed Oct. 2016.

      Burns, Peter, et al. Building Value through Enterprise Architecture: A Global Study. Booz & Co. 2009. Web. Nov. 2016.

      “Demonstrating the Value of Enterprise Architecture in Delivering Business Capabilities.” Cisco, 2008. Web. Oct. 2016.

      “Disciplined Agile.” Disciplined Agile Consortium, n.d. Web.

      Fowler, Martin. “Building Effective software.” MartinFowler.com. Accessed July 2021.

      Fowler, Martin. “Agile Software Guide.” MartinFowler.com, 1 Aug. 2019.

      Accessed July 2021.

      Haughey, Duncan. “SMART Goals.” Project Smart, 2014. Accessed July 2021.

      Kern, Matthew. “20 Enterprise Architecture Practices.” LinkedIn, 3 March 2016. Accessed Nov. 2016.

      Lahanas, Stephen. “Infrastructure Architecture, Defined.” IT Architecture Journal, Sept. 2014. Accessed July 2021.

      Lean IX website, Accessed July 2021.

      Litoiu, Milena. Course material from Information Technology 2690: Foundations of Enterprise Architecture, 2021, University of Toronto.

      Mocker, M., J.W. Ross, and C.M. Beath. “How Companies Use Digital Technologies to Enhance Customer Findings.” MIT CISR Working Paper No. 434, Feb. 2019. Qtd in Mayor, Tracy. “MIT expert recaps 30-plus years of enterprise architecture.” MIT Sloan, 10 Aug. 2020. Web.

      “Open Agile ArchitectureTM.” The Open Group, 2020. Accessed July 2021.

      “Organizational Design Framework – The Transformation Model.” The Center for Organizational Design, n.d. Accessed 1 Aug. 2020.

      Ross, Jeanne W. et al. Enterprise Architecture as Strategy: Creating a Foundation for Business Execution. Harvard Business School Press, 2006.

      Rouse, Margaret. “Enterprise Architecture (EA).” SearchCIO, June 2007. Accessed Nov. 2016.

      “SAFe 5 for Lean Enterprises.” Scaled Agile Framework, Scaled Agile, Inc. Accessed 2021.

      “Security Architecture.” Technopedia, updated 20 Dec. 2016. Accessed July 2021.

      “Software Engineering Institute.” Carnegie Mellon University, n.d. Web.

      “TOGAF 9.1.” The Open Group, 2011. Accessed Oct. 2016.

      “TOGAF 9.2.” The Open Group, 2018. Accessed July 2021.

      Thompson, Rachel. “Stakeholder Analysis: Winning Support for Your Projects.” MindTools, n.d. Accessed July 2021.

      Wendt, Jerome M. “Redefining ‘SMB’, ‘SME’ and ‘Large Enterprise.’” DCIG, 25 Mar. 2011. Accessed July 2021.

      Wilkinson, Jim. “Business Drivers.” The Strategic CFO, 23 July 2013. Accessed July 2021.

      Zachman, John. “Conceptual, Logical, Physical: It is Simple.” Zachman International, 2011. Accessed July 2021.

      Build Your BizDevOps Playbook

      • Buy Link or Shortcode: {j2store}177|cart{/j2store}
      • member rating overall impact: N/A
      • member rating average dollars saved: N/A
      • member rating average days saved: N/A
      • Parent Category Name: Architecture & Strategy
      • Parent Category Link: /architecture-and-strategy
      • Today’s rapidly scaling and increasingly complex products create mounting pressure on delivery teams to release new features and changes quickly and with sufficient quality.
      • Many organizations see BizDevOps as a solution to help meet this demand. However, they often lack the critical cross-functional collaboration and team-sport culture that are critical for success.
      • The industry provides little consensus and guidance on how to prepare for the transition to BizDevOps.

      Our Advice

      Critical Insight

      • BizDevOps is cultural, not driven by tools. It is about delivering high-quality and valuable releases to stakeholders through collective ownership, continuous collaboration, and team-first behaviors supported by tools.
      • BizDevOps begins with a strong foundation in five key areas. The crux of successful BizDevOps is centered on the strategic adoption and optimization of building great requirements, collaborative practices, iterative delivery, application management, and high-fidelity environments.
      • Teams take STOCK of what it takes to collaborate effectively. Teams and stakeholders must show up, trust the delivery method and people, orchestrate facilitated activities, clearly communicate and knowledge share every time they collaborate.

      Impact and Result

      • Bring the right people to the table. BizDevOps brings significant organizational, process and technology changes to improve delivery effectiveness. Include the key roles in the definition and validation of your BizDevOps vision and practices.
      • Focus on the areas that matter. Review your current circumstances and incorporate the right practices that addresses your key challenges and blockers to becoming BizDevOps.
      • Build your BizDevOps playbook. Gain a broad understanding of the key plays and practices that makes a successful BizDevOps organization. Verify and validate these practices in order to tailor them to your context. Keep your playbook live.

      Build Your BizDevOps Playbook Research & Tools

      Start here – read the Executive Brief

      Find out why you should implement BizDevOps, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Get started with BizDevOps

      Set the right expectations with your stakeholders and define the context of your BizDevOps implementation.

      • Build Your BizDevOps Playbook – Phase 1: Get Started With BizDevOps
      • BizDevOps Playbook

      2. Tailor your BizDevOps playbook

      Tailor the plays in your BizDevOps playbook to your circumstances and vision.

      • Build Your BizDevOps Playbook – Phase 2: Tailor Your BizDevOps Playbook
      [infographic]

      Workshop: Build Your BizDevOps Playbook

      Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

      1 Set Your Expectations

      The Purpose

      Discuss the goals of your BizDevOps playbook.

      Identify the various perspectives who should be included in the BizDevOps discussion.

      Level set expectations of your BizDevOps implementation.

      Key Benefits Achieved

      Identification of the key roles who should be included in the BizDevOps discussion.

      Learning of key practices to support your BizDevOps vision and goals.

      Your vision of BizDevOps in your organization.

      Activities

      1.1 Define BizDevOps.

      1.2 Understand your key stakeholders.

      1.3 Define your objectives.

      Outputs

      Your BizDevOps definition

      List of BizDevOps stakeholders

      BizDevOps vision and objectives

      2 Set the Context

      The Purpose

      Understand the various methods to initiate the structuring of facilitated collaboration.

      Share a common way of thinking and behaving with a set of principles.

      Focus BizDevOps adoption on key areas of software product delivery.

      Key Benefits Achieved

      A chosen collaboration method (Scrum, Kanban, Scrumban) to facilitate collaboration

      A mutually understanding and beneficial set of guiding principles

      Areas where BizDevOps will see the most benefit

      Activities

      2.1 Select your foundation method.

      2.2 Define your guiding principles.

      2.3 Focus on the areas that matter.

      Outputs

      Chosen collaboration model

      List of guiding principles

      High-level assessment of delivery practices and its fit for BizDevOps

      3 Tailor Your BizDevOps Playbook

      The Purpose

      Review the good practices within Info-Tech’s BizDevOps Playbook.

      Tailor your playbook to reflect your circumstances.

      Key Benefits Achieved

      Understanding of the key plays involved in product delivery

      Product delivery plays that reflect the challenges and opportunities of your organization and support your BizDevOps vision

      Activities

      3.1 Review and tailor the plays in your playbook

      Outputs

      High-level discussion of key product delivery plays and its optimization to support BizDevOps

      Cost-Reduction Planning for IT Vendors

      • Buy Link or Shortcode: {j2store}73|cart{/j2store}
      • member rating overall impact: 8.0/10 Overall Impact
      • member rating average dollars saved: $12,733 Average $ Saved
      • member rating average days saved: 5 Average Days Saved
      • Parent Category Name: Cost & Budget Management
      • Parent Category Link: /cost-and-budget-management
      • Unprecedented health and economic conditions are putting extreme pressure and controls on expense management.
      • IT needs to implement proactive measures to reduce costs with immediate results.
      • IT must sustain these reductions beyond the near term since no one knows how long the current conditions will last.

      Our Advice

      Critical Insight

      • Proactively initiating a “War on Waste” (WoW) to reduce the expenses and costs in areas that do not impact operational capabilities of IT is an easy way to reduce IT expenditures.
      • This is accomplished by following the principle “Stop Doing Stupid Stuff” (SDSS), which many organizations deemphasize or overlook during times of growth and prosperity.
      • Initiating a WoW and SDSS program with passion, creativity, and urgency will deliver short-term cost reductions.

      Impact and Result

      • Pinpoint and implement tactical countermeasures and savings opportunities to reduce costs immediately (Reactive: <3 months).
      • Identify and deploy proven practices to capture and sustain expense reduction throughout the mid-term (Proactive: 3-12months).
      • Create a long-term strategy to improve flexibility, make changes more swiftly, and quickly generate cost-cutting opportunities (Strategic: >12 months).
      • Use Info-Tech’s 4 R’s Framework (Required, Removed, Rescheduled, and Reduced) and guiding principles to develop your cost-reduction roadmap.

      Cost-Reduction Planning for IT Vendors Research & Tools

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Start here – read the Storyboard

      Read our concise Executive Brief to find out how you can reduce your IT cost in the short term while establishing a foundation for long-term sustainment of IT cost containment.

      • Cost-Reduction Planning for IT Vendors Storyboard
      • Cost-Cutting Classification and Prioritization Tool
      [infographic]

      Develop a Cloud Testing Strategy for Today's Apps

      • Buy Link or Shortcode: {j2store}470|cart{/j2store}
      • member rating overall impact: N/A
      • member rating average dollars saved: N/A
      • member rating average days saved: N/A
      • Parent Category Name: Cloud Strategy
      • Parent Category Link: /cloud-strategy
      • The growth of the Cloud and the evolution of business operations have shown that traditional testing strategies do not work well with modern applications.
      • Organizations require a new framework around testing cloud applications that account for on-demand scalability and self-provisioning.
      • Expectations of application consumers are continually increasing with speed-to-market and quality being the norm.

      Our Advice

      Critical Insight

      • Cloud technology does not change the traditional testing processes that many organizations have accepted and adopted. It does, however, enhance traditional practices with increased replication capacity, execution speed, and compatibility through its virtual infrastructure and automated processes. Consider these factors when developing the cloud testing strategy.
      • Involving the business in strategy development will keep them engaged and align business drivers with technical initiatives.
      • Implement cloud testing solutions in a well-defined rollout process to ensure business objectives are realized and cloud testing initiatives are optimized.
      • Cloud testing is green and dynamic. Realize the limitations of cloud testing and play on its strengths.

      Impact and Result

      • Engaging in a formal and standardized cloud testing strategy and consistently meeting business needs throughout the organization maintains business buy-in.
      • The Cloud compounds the benefits from virtualization and automation because of the Cloud’s scalability, speed, and off-premise and virtual infrastructure and data storage attributes.
      • Cloud testing presents a new testing avenue. Realize that only certain tests are optimized in the Cloud, i.e., load, stress, and functional testing.

      Develop a Cloud Testing Strategy for Today's Apps Research & Tools

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Develop a cloud testing strategy.

      Obtain organizational buy-ins and build a standardized and formal cloud testing strategy.

      • Storyboard: Develop a Cloud Testing Strategy for Today's Apps
      • None

      2. Assess the organization's readiness for cloud testing.

      Assess your people, process, and technology for cloud testing readiness and realize areas for improvement.

      • Cloud Testing Readiness Assessment Tool

      3. Plan and manage the resources allocated to each project task.

      Organize and monitor cloud project planning tasks throughout the project's duration.

      • Cloud Testing Project Planning and Monitoring Tool
      [infographic]

      The MVP Major Incident Manager

      The time has come to hire a new major incident manager. How do you go about that? How do you choose the right candidate? Major incident managers must have several typically conflicting traits, so how do you pick the right person? Let's dive into that.

      Register to read more …

      Monitor IT Employee Experience

      • Buy Link or Shortcode: {j2store}543|cart{/j2store}
      • member rating overall impact: 10.0/10 Overall Impact
      • member rating average dollars saved: $29,096 Average $ Saved
      • member rating average days saved: 19 Average Days Saved
      • Parent Category Name: Engage
      • Parent Category Link: /engage
      • In IT, high turnover and sub-optimized productivity can have huge impacts on IT’s ability to execute SLAs, complete projects on time, and maintain operations effectively.
      • With record low unemployment rates in IT, retaining top employees and keeping them motivated in their jobs has never been more critical.

      Our Advice

      Critical Insight

      • One bad experience can cost you your top employee. Engagement is the sum total of the day-to-day experiences your employees have with your company.
      • Engagement, not pay, drives results. Engagement is key to your team's productivity and ability to retain top talent. Approach it systematically to learn what really drives your team.
      • It’s time for leadership to step up. As the CIO, it’s up to you to take ownership of your team’s engagement.

      Impact and Result

      • Info-Tech tools and guidance will help you initiate an effective conversation with your team around engagement, and avoid common pitfalls in implementing engagement initiatives.
      • Monitoring employee experience continuously using the Employee Experience Monitor enables you to take a data-driven approach to evaluating the success of your engagement initiatives.

      Monitor IT Employee Experience Research & Tools

      Start here – read the Executive Brief

      Read our concise Executive Brief to find out why you should focus on employee experience to improve engagement in IT, review Info-Tech’s methodology, and understand how our tools will help you construct an effective employee engagement program.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Start monitoring employee experience

      Plan out your employee engagement program and launch the Employee Experience Monitor survey for your team.

      • Drive IT Performance by Monitoring Employee Experience – Phase 1: Start Monitoring Employee Experience
      • None
      • None
      • EXM Setup Guide
      • EXM Training Guide for Managers
      • None
      • EXM Communication Template

      2. Analyze results and ideate solutions

      Interpret your Employee Experience Monitor results, understand what they mean in the context of your team, and involve your staff in brainstorming engagement initiatives.

      • Drive IT Performance by Monitoring Employee Experience – Phase 2: Analyze Results and Ideate Solutions
      • EXM Focus Group Facilitation Guide
      • Focus Group Facilitation Guide Driver Definitions

      3. Select and implement engagement initiatives

      Select engagement initiatives for maximal impact, create an action plan, and establish open and ongoing communication about engagement with your team.

      • Drive IT Performance by Monitoring Employee Experience – Phase 3: Measure and Communicate Results
      • Engagement Progress One-Pager
      [infographic]

      Workshop: Monitor IT Employee Experience

      Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

      1 Launch the EXM

      The Purpose

      Set up the EXM and collect a few months of data to build on during the workshop.

      Key Benefits Achieved

      Arm yourself with an index of employee experience and candid feedback from your team to use as a starting point for your engagement program.

      Activities

      1.1 Identify EXM use case.

      1.2 Identify engagement program goals and obstacles.

      1.3 Launch EXM.

      Outputs

      Defined engagement goals.

      EXM online dashboard with three months of results.

      2 Explore Engagement

      The Purpose

      To understand the current state of engagement and prepare to discuss the drivers behind it with your staff.

      Key Benefits Achieved

      Empower your leadership team to take charge of their own team's engagement.

      Activities

      2.1 Review EXM results to understand employee experience.

      2.2 Finalize focus group agendas.

      2.3 Train managers.

      Outputs

      Customized focus group agendas.

      3 Hold Employee Focus Groups

      The Purpose

      Establish an open dialogue with your staff to understand what drives their engagement.

      Key Benefits Achieved

      Understand where in your team’s experience you can make the most impact as an IT leader.

      Activities

      3.1 Identify priority drivers.

      3.2 Identify engagement KPIs.

      3.3 Brainstorm engagement initiatives.

      3.4 Vote on initiatives within teams.

      Outputs

      Summary of focus groups results

      Identified engagement initiatives.

      4 Select and Plan Initiatives

      The Purpose

      Learn the characteristics of successful engagement initiatives and build execution plans for each.

      Key Benefits Achieved

      Choose initiatives with the greatest impact on your team’s engagement, and ensure you have the necessary resources for success.

      Activities

      4.1 Select engagement initiatives with IT leadership.

      4.2 Discuss and decide on the top five engagement initiatives.

      4.3 Create initiative project plans.

      4.4 Build detailed project plans.

      4.5 Present project plans.

      Outputs

      Engagement project plans.

      Don't try this at home

      • member rating overall impact: N/A
      • member rating average dollars saved: N/A
      • member rating average days saved: N/A
      • byline: When the pros go head to head with hackers

      Brilliant little and very amusing way to deal with a scammer.

      But do not copy this method as it will actually reveal quite a bit and confirm that your email is valid and active.

      Click to watch Joe Lycett

       

      2020 CIO Priorities Report

      • Buy Link or Shortcode: {j2store}97|cart{/j2store}
      • member rating overall impact: N/A
      • member rating average dollars saved: N/A
      • member rating average days saved: N/A
      • Parent Category Name: Innovation
      • Parent Category Link: /innovation
      • The velocity and magnitude of technology changes today has increased dramatically compared to anything that has come before.
      • The velocity and magnitude of advancements in technology has always seemed unprecedented in every wave of technology change we have experienced over the past 40 years. With each new wave of innovation, “unprecedented” is redefined to a new level, and so it remains true that today’s CIO is faced with unprecedented levels of change as a direct result of emerging technologies.
      • What is different today is that we are at the point where the emerging technology itself is now capable of accelerating the pace of change even more through artificial intelligence capabilities.
      • If we are to realize the business value through the adoption of emerging technologies, CIOs must address significant challenges. We believe addressing these challenges lies in the CIO priorities for 2020.

      Our Advice

      Critical Insight

      • First there was IT/business alignment, then there was IT/business integration – both states characterized as IT “getting on the same page” as the business. In the context of emerging technologies, the CIO should no longer be focused on getting on the same page as the CEO.
      • Today it is about the CEO and the CIO collaborating to write a new book about convergence of all things: technology (infrastructure and applications), people (including vendors), process, and data.
      • Digital transformation and adoption of emerging technologies is not a goal, it is a journey – a means to the end, not the end unto itself.

      Impact and Result

      • Use Info-Tech's 2020 CIO Priorities Report to ascertain, based on our research, what areas of focus for 2020 are critical for success in adopting emerging technologies.
      • Adopting these technologies requires careful planning and consideration for what is critical to your business customers.
      • This report provides focus on the business benefits of the technology and not just the capabilities themselves. It puts the CIO in a position to better understand the true value proposition of any of today’s technology advancements.

      2020 CIO Priorities Report Research & Tools

      Start here – read the Executive Brief

      Read our concise Executive Brief to understand the top five priorities for CIOs in 2020 and why these are so critical to success.

      Besides the small introduction, subscribers and consulting clients within this management domain have access to:

      1. Refine and adapt processes

      Learn about how processes can make or break your adoption of emerging technologies.

      • 2020 CIO Priorities Report – Priority 1: Refine and Adapt Processes

      2. Re-invent IT as collaboration engine

      Learn about how IT can transform its role within the organization to optimize business value.

      • 2020 CIO Priorities Report – Priority 2: Re-Invent IT as Collaboration Engine

      3. Acquire and retain talent for roles in emerging technologies

      Learn about how IT can attract and keep employees with the skills and knowledge needed to adopt these technologies for the business.

      • 2020 CIO Priorities Report – Priority 3: Acquire and Retain Talent for Roles in Emerging Technologies

      4. Define and manage cybersecurity and cyber resilience requirements related to emerging technologies

      Understand how the adoption of emerging technologies has created new levels of risk and how cybersecurity and resilience can keep pace.

      • 2020 CIO Priorities Report – Priority 4: Define and Manage Cybersecurity and Cyber Resilience Requirements Related to Emerging Technologies

      5. Leverage emerging technology to create Wow! customer experiences

      Learn how IT can leverage emerging technology for its own customers and those of its business partners.

      • 2020 CIO Priorities Report – Priority 5: Leverage Emerging Technology to Create Wow! Customer Experiences
      [infographic]

      More Articles …