Get the Most Out of Your CRM

In today’s connected world, continuous optimization of enterprise applications to realize your digital strategy is key.

Get the Most Out of Your CRM

In today’s connected world, continuous optimization of enterprise applications to realize your digital strategy is key.

EXECUTIVE BRIEF

Analyst Perspective

Focus optimization on organizational value delivery.

Customer relationship management (CRM) systems are at the core of a customer-centric strategy to drive business results. They are critical to supporting marketing, sales, and customer service efforts.

CRM systems are expensive, their benefits are difficult to quantify, and they often suffer from poor user satisfaction. Post implementation, technology evolves, organizational goals change, and the health of the system is not monitored. This is complicated in today’s digital landscape with multiple integration points, siloed data, and competing priorities.

Too often organizations jump into the selection of replacement systems without understanding the health of their current systems. IT leaders need to stop reacting and take a proactive approach to continually monitor and optimize their enterprise applications. Strategically realign business goals, identify business application capabilities, complete a process assessment, evaluate user adoption, and create an optimization roadmap that will drive a cohesive technology strategy that delivers results.

Lisa Highfield
Research Director,
Enterprise Applications
Info-Tech Research Group

Executive Summary

Your Challenge

In today’s connected world, continuous optimization of enterprise applications to realize your digital strategy is key.

Enterprise applications often involve large capital outlay and unquantified benefits.

CRM application portfolios are often messy. Add to that poor processes, distributed data, and lack of training – business results and user dissatisfaction is common.

Technology owners are often distributed across the business. Consolidation of optimization efforts is key.

Common Obstacles

Enterprise applications involve large numbers of processes and users. Without a clear focus on organizational needs, decisions about what and how to optimize can become complicated.

Competing and conflicting priorities may undermine optimization value by focusing on the approaches that would only benefit one line of business rather than the entire organization.

Teams do not have a framework to illustrate, communicate, and justify the optimization effort in the language your stakeholders understand.

Info-Tech’s Approach

Build an ongoing optimization team to conduct application improvements.

Assess your CRM application(s) and the environment in which they exist. Take a business-first strategy to prioritize optimization efforts.

Validate CRM capabilities, user satisfaction, issues around data, vendor management, and costs to build out an optimization strategy

Pull this all together to develop a prioritized optimization roadmap.

Info-Tech Insight

CRM implementation should not be a one-and-done exercise. A properly optimized CRM ecosystem will reduce costs and increase productivity.

Insight Summary

Continuous assessment and optimization of customer relationship management (CRM) systems is critical to their success.

• Applications and the environments in which they live are constantly evolving.
• Get the Most Out of Your CRM provides business and application managers a method to complete a health assessment on their CRM systems to identify areas for improvement and optimization.
• Put optimization practices into effect by:
  • Aligning and prioritizing key business and technology drivers.
  • Identifying CRM process classification, and performing a gap analysis.
  • Measuring user satisfaction across key departments.
  • Evaluating vendor relations.
  • Understanding how data fits.
  • Pulling it all together into an optimization roadmap.

CRM platforms are the applications that provide functional capabilities and data management around the customer experience (CX).

Marketing, sales, and customer service are enabled through CRM technology.

CRM technologies facilitate an organization’s relationships with customers, service users, employees, and suppliers.

CRM technology is critical to managing the lifecycle of these relationships, from lead generation, to sales opportunities, to ongoing support and nurturing of these relationships.

Customer experience management (CXM)

CRM platforms sit at the core of a well-rounded customer experience management ecosystem.

Customer Relationship Management

• Web Experience Management Platform
• E-Commerce & Point-of-Sale Solutions
• Social Media Management Platform
• Customer Intelligence Platform
• Customer Service Management Tools
• Marketing Management Suite

Customer relationship management suites are one piece of the overall customer experience management ecosystem, alongside tools such as customer intelligence platforms and adjacent point solutions for sales, marketing, and customer service. Review Info-Tech’s CXM blueprint to build a complete, end-to-end customer interaction solution portfolio that encompasses CRM alongside other critical components. The CXM blueprint also allows you to develop strategic requirements for CRM based on customer personas and external market analysis.

CRM by the numbers

1/3

Statistical analysis of CRM projects indicate failures vary from 18% to 69%. Taking an average of those analyst reports, about one-third of CRM projects are considered a failure.
Source: CIO Magazine, 2017

85%

Companies that apply the principles of behavioral economics outperform their peers by 85% in sales growth and more than 25% in gross margin.
Source: Gallup, 2012

40%

In 2019, 40% of executives name customer experience the top priority for their digital transformation.
Source: CRM Magazine, 2019

CRM dissatisfaction

Info-Tech Insight

While technology is the key enabler of building strong customer experiences, there are many other drivers of dissatisfaction. IT must stand shoulder to shoulder with the business to develop a technology framework for customer relationship management.

Marketing, Sales, and Customer Service, along with IT, can only optimize CRM with the full support of each other. The cooperation of the departments is crucial when trying to improve CRM technology capabilities and customer interaction.

Application optimization is risky without a plan

Avoid the common pitfalls.

• Not considering application optimization as a business and IT partnership that requires continuous formal engagement of all participants.
• Not having a good understanding of current state, including integration points and data.
• Not adequately accommodating feedback and changes after digital applications are deployed and employed.
• Not treating digital applications as a motivator for potential future IT optimization effort, and not incorporating digital assets in strategic business planning.
• Not involving department leads, management, and other subject matter experts to facilitate the organizational change digital applications bring.

“A successful application optimization strategy starts with the business need in mind and not from a technological point of view. No matter from which angle you look at it, modernizing a legacy application is a considerable undertaking that can’t be taken lightly. Your best approach is to begin the journey with baby steps.”
– Ernese Norelus, Sreeni Pamidala, and Oliver Senti
Medium, 2020

Info-Tech’s methodology for Get the Most Out of Your CRM

Get the Most Out of Your CRM Workbook

Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals.

Key deliverable:

CRM Optimization Roadmap (Tab 8)

Complete an assessment of processes, user satisfaction, data quality, and vendor management using the Workbook or the APA diagnostic.

CRM Business Model (Tab 2)

Align your business and technology goals and objectives in the current environment.

Prioritized CRM Optimization Goals (Tab 3)

Identify and prioritize your CRM optimization goals.

Application Portfolio Assessment (APA)

Assess IT-enabled user satisfaction across your CRM portfolio.

Prioritized Process Assessment (Tab 5)

Understand areas for improvement.

Case Study

Align strategy and technology to meet consumer demand.

INDUSTRY - Entertainment
SOURCE - Forbes, 2017

Challenge

Beginning as a mail-out service, Netflix offered subscribers a catalog of videos to select from and have mailed to them directly. Customers no longer had to go to a retail store to rent a video. However, the lack of immediacy of direct mail as the distribution channel resulted in slow adoption.

Blockbuster was the industry leader in video retail but was lagging in its response to industry, consumer, and technology trends around customer experience

Solution

In response to the increasing presence of tech-savvy consumers on the internet, Netflix invested in developing its online platform as its primary distribution channel. The benefit of doing so was two-fold: passive brand advertising (by being present on the internet) and meeting customer demands for immediacy and convenience. Netflix also recognized the rising demand for personalized service and created an unprecedented, tailored customer experience.

Results

Netflix’s disruptive innovation is built on the foundation of great customer experience management. Netflix is now a $28-billion company, which is tenfold what Blockbuster was worth.

Netflix used disruptive technologies to innovatively build a customer experience that put it ahead of the long-time, video rental industry leader, Blockbuster.

Info-Tech offers various levels of support to best suit your needs

DIY Toolkit

“Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

Guided Implementation

“Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

Workshop

“We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

Consulting

“Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

Diagnostics and consistent frameworks used throughout all four options

Guided Implementation

What does a typical GI on this topic look like?

A Guided Implementation (GI) is series of calls with an Info-Tech analyst to help implement our best practices in your organization.

A typical GI is between 8 to 12 calls over the course of 4 to 6 months.

Workshop Overview

Contact your account representative for more information.
workshops@infotech.com 1-888-670-8889

Phase 1

Map Current-State Capabilities

• 1.1 Identify Stakeholders and Build Your Optimization Team
• 1.2 Build a CRM Strategy Model
• 1.3 Inventory Current System State
• 1.4 Define Business Capabilities
• 1.5 Understand CRM Costs

Get the Most Out of Your CRM

This phase will walk you through the following activities:

• Align your organizational goals
• Gain a firm understanding of your current state
• Inventory CRM and related applications
• Confirm the organization’s capabilities

This phase involves the following participants:

• Product Owners
• CMO
• Departmental leads – Sales, Marketing, Customer Service, or other
• Applications Director
• Senior Business Analyst
• Senior Developer
• Procurement Analysts

Inventory of CRM and related systems

Develop an integration map to specify which applications will interface with each other.

Integration is paramount: your CRM application often integrates with other applications within the organization. Create an integration map to reflect a system of record and the exchange of data. To increase customer engagement, channel integration is a must (i.e. with robust links to unified communications solutions, email, and VoIP telephony systems).

CRM plays a key role in the more holistic customer experience framework. However, it is heavily influenced by and often interacts with many other platforms.

Data is one key consideration that needs to be considered here. If customer information is fragmented, it will be nearly impossible to build a cohesive view of the customer. Points of integration (POIs) are the junctions between the CRM(s) and other applications where data is flowing to and from. They are essential to creating value, particularly in customer insight-focused and omnichannel-focused deployments.

Customer expectations are on the rise

CRM strategy is a critical component of customer experience (CX).

CUSTOMER EXPERIENCE

1. Thoughtfulness is in
   Connect with customers on a personal level
2. Service over products
   The experience is more important than the product
3. Culture is now number one
   Culture is the most overlooked piece of customer experience strategy
4. Engineering and service finally join forces
   Companies are combining their technology and service efforts to create
   strong feedback loops
5. The B2B world is inefficiently served
   B2B needs to step up with more tools and a greater emphasis placed on
   customer experience

Source: Forbes, 2019

Build a cohesive CRM strategy that aligns business goals with CRM capabilities.

Info-Tech Insight

Customers expect to interact with organizations through the channels of their choice. Now more than ever, you must enable your organization to provide tailored customer experiences.

IT is critical to the success of your CRM strategy

Today’s shared digital landscape of the CIO and CMO

CIO

• IT Operations
• Service Delivery and Management
• IT Support
• IT Systems and Application
• IT Strategy and Governance
• Cybersecurity

Collaboration and Partnership

• Digital Strategy = Transformation
  Business Goals | Innovation | Leadership | Rationalization
• Customer Experience
  Architecture | Design | Omnichannel Delivery | Management
• Insight (Market Facing)
  Analytics | Business Intelligence | Machine Learning | AI
• Marketing Integration + Operating Model
  Apps | Channels | Experiences | Data | Command Center
• Master Data
  Customer | Audience | Industry | Digital Marketing Assets

CMO

• PEO Media
• Brand Management
• Campaign Management
• Marketing Tech
• Marketing Ops
• Privacy, Trust, and Regulatory Requirements

Info-Tech Insight

Technology is the key enabler of building strong customer experiences: IT must stand shoulder to shoulder with the business to develop a technology framework for customer relationship management.

Step 1.1

Identify Stakeholders and Build Your Optimization Team

Activities

1.1.1 Identify the stakeholders whose support will be critical to success

1.1.2 Select your CRM optimization team

Map Current-State Capabilities

This step will walk you through the following activities:

• Identify CRM drivers and objectives.
• Explore CRM challenges and pain points.
• Discover CRM benefits and opportunities.
• Align the CRM foundation with the corporate strategy.

This step involves the following participants:

• Stakeholders
• Project sponsors and leaders

Outcomes of this step

• Stakeholder map
• CRM optimization team composition

CRM optimization stakeholders

Understand the roles necessary to get the most out of your CRM.

Understand the role of each player within your optimization initiative. Look for listed participants on the activity slides to determine when each player should be involved.

Info-Tech Insight

Do not limit input or participation. Include subject matter experts and internal stakeholders at stages within the optimization initiative. Such inputs can be solicited on a one-off basis as needed. This ensures you take a holistic approach to creating your CRM optimization strategy.

1.1.1 Identify stakeholders critical to success

1 hour

1. Hold a meeting to identify the stakeholders that should be included in the project’s steering committee.
2. Finalize selection of steering committee members.
3. Contact members to ensure their willingness to participate.
4. Document the steering committee members and the milestone/presentation expectations for reporting project progress and results.
   

Input

• Stakeholder interviews
• Business process owners list

Output

• CRM optimization stakeholders
• Steering committee members

Materials

• N/A

Participants

• Product Owners
• CMO
• Departmental Leads – Sales, Marketing, Customer Service (and others)
• Applications Director
• Senior Business Analyst
• Senior Developer
• Procurement Analyst

The CRM optimization team

Consider the core team functions when composing the CRM optimization team. Form a cross-functional team (i.e. across IT, Marketing, Sales, Service, Operations) to create a well-aligned CRM optimization strategy.

Don’t let your core team become too large when trying to include all relevant stakeholders. Carefully limiting the size of the optimization team will enable effective decision making while still including functional business units such as Marketing, Sales, Service, and Customer Service.

1.1.2 Select your CRM optimization team

30 minutes

1. Have the CMO and other key stakeholders discuss and determine who will be involved in the CRM optimization project.
   • Depending on the initiative and the size of the organization the size of the team will vary.
   • Key business leaders in key areas – Sales, Marketing, Customer Service, and IT – should be involved.
2. Document the members of your optimization team in the Get the Most Out of Your CRM Workbook, tab “1. Optimization Team.”
   • Depending on your initiative and size of your organization, the size of this team will vary.

Get the Most Out of Your CRM Workbook

Input

• Stakeholders

Output

• List of CRM Optimization Team members

Materials

• Get the Most Out of Your CRM Workbook

Participants

• Product Owners
• CMO
• Departmental Leads – Sales, Marketing, Customer Service
• Applications Director
• Senior Business Analyst
• Senior Developer
• Procurement Analyst

Step 1.2

Build a CRM Strategy Model

Activities

• 1.2.1 Explore environmental factors and technology drivers
• 1.2.2 Discuss challenges and pain points
• 1.2.3 Discuss opportunities and benefits
• 1.2.4 Align CRM strategy with organizational goals

Map Current-State Capabilities

This step will walk you through the following activities:

• Identify CRM drivers and objectives.
• Explore CRM challenges and pain points.
• Discover the CRM benefits and opportunities.
• Align the CRM foundation with the corporate strategy.

This step involves the following participants:

• CRM Optimization Team

Outcomes of this step

• CRM business model
• Strategy alignment

Align the CRM strategy with the corporate strategy

Corporate Strategy

Your corporate strategy:

• Conveys the current state of the organization and the path it wants to take.
• Identifies future goals and business aspirations.
• Communicates the initiatives that are critical for getting the organization from its current state to the future state.

Unified Strategy

• The CRM optimization can be and should be linked, with metrics, to the corporate strategy and ultimate business objectives.

CRM Strategy

Your CRM Strategy:

• Communicates the organization’s budget and spending on CRM.
• Identifies IT initiatives that will support the business and key CRM objectives.
• Outlines staffing and resourcing for CRM initiatives.

CRM projects are more successful when the management team understands the strategic importance and the criticality of alignment. Time needs to be spent upfront aligning business strategies with CRM capabilities. Effective alignment between Sales, Marketing, Customer Service, Operations, IT, and the business should happen daily. Alignment doesn’t just need to occur at the executive level but at each level of the organization.

Sample CRM objectives

Identifying organizational objectives of high priority will assist in breaking down business needs and CRM objectives. This exercise will better align the CRM systems with the overall corporate strategy and achieve buy-in from key stakeholders.

CRM business model Template

Understand objectives for creating a strong CRM strategy

Info-Tech Insight

One of the biggest drivers for CRM adoption is the ability to make decisions through consolidated data. This driver is a result of external considerations. Many industries today are highly competitive, uncertain, and rapidly changing. To succeed under these pressures, there needs to be timely information and visibility into all components of the organization.

1.2.1 Explore environmental factors and technology drivers

30 minutes

1. Identify business drivers that are contributing to the organization’s need for CRM.
2. Understand how the company is running today and what the organization’s future will look like. Try to identify the purpose for becoming an integrated organization. Use a whiteboard and markers to capture key findings.
3. Consider environmental factors: external considerations, organizational drivers, technology drivers, and key functional requirements.
4. Use the Get the Most Out of Your CRM Workbook, tab “2. Business Model,” to complete this exercise.

Get the Most Out of Your CRM Workbook

External Considerations	Organizational Drivers	Technology Considerations	Functional Requirements
Funding Constraints Regulations	Compliance Scalability Operational Efficiency	Data Accuracy Data Quality Better Reporting	Information Availability Integration Between Systems Secure Data

Create a realistic CRM foundation by identifying the challenges and barriers to the project

There are several different factors that may stifle the success of an CRM portfolio. Organizations creating an CRM foundation must scan their current environment to identify internal barriers and challenges.

Common Internal Barriers

1.2.2 Discuss challenges and pain points

30 minutes

1. Identify challenges with current systems and processes.
2. Brainstorm potential barriers to success. Use a whiteboard and markers to capture key findings.
3. Consider the project barriers: functional gaps, technical gaps, process gaps, and barriers to CRM success.
4. Use the Get the Most Out of Your CRM Workbook, tab “2. Business Model,” to complete this exercise.

Get the Most Out of Your CRM Workbook

Functional Gaps	Technical Gaps	Process Gaps	Barriers to Success
No sales tracking within core CRM	Inconsistent reporting – data quality concerns	Duplication of data Lack of system integration	Cultural mindset Resistance to change Lack of training Funding

1.2.3 Discuss opportunities and benefits

30 minutes

1. Identify opportunities and benefits from an integrated system.
2. Brainstorm potential enablers for successful CRM enablement and the ideal portfolio.
3. Consider the project enablers: business benefits, IT benefits, organizational benefits, and enablers of CRM success.
4. Use the Get the Most Out of Your CRM Workbook, tab “2. Business Model,” to complete this exercise.

Business Benefits	IT Benefits	Organizational Benefits	Enablers of Success
Business-IT alignment	Compliance Scalability Operational Efficiency	Data Accuracy Data Quality Better Reporting	Change Management Training Alignment to Strategic Objectives

1.2.4 Align CRM strategy with organizational goals

1 hour

1. Discuss your corporate objectives (organizational goals). Choose three to five corporate objectives that are a priority for the organization in the current year.
2. Break into groups and assign each group one corporate objective.
3. For each objective, produce several ways an optimized CRM system will meet the given objective.
4. Think about the modules and CRM functions that will help you realize these benefits.
5. Use the Get the Most Out of Your CRM Workbook, tab “2. Business Model,” to complete this exercise.

Input

• Organizational goals
• CRM strategy model

Output

• Optimization benefits map

Materials

• Get the Most Out of Your CRM Workbook

Participants

• Product Owners
• CMO
• Departmental Leads – Sales, Marketing, Customer Service
• Applications Director
• Senior Business Analyst
• Senior Developer
• Procurement Analyst

Download the Get the Most Out of Your CRM Workbook

Step 1.3

Inventory Current System State

Activities

1.3.1 Inventory applications and interactions

Map Current-State Capabilities

This step will walk you through the following activities:

• Inventory applications
• Map interactions between systems

This step involves the following participants:

• CRM Optimization Team
• Enterprise Architect
• Data Architect

Outcomes of this step

• Systems inventory
• Systems diagram

1.3.1 Inventory applications and interactions

1-3 hours

1. Individually list all electronic systems involved in the organization. This includes anything related to customer information and interactions, such as CRM, ERP, e-commerce, finance, email marketing, and social media, etc.
2. Document data flows into and out of each system to the ERP. Refer to the example on the next slide (CRM data flow).
3. Review the processes in place (e.g. reporting, marketing, data moving into and out of systems). Document manual processes. Identify integration points. If flowcharts exist for these processes, it may be useful to provide these to the participants.
4. If possible, diagram the system. Include information direction flow. Use the sample CRM map, if needed.

CRM data flow

Be sure to include enterprise applications that are not included in the CRM application portfolio. Popular systems to consider for POIs include billing, directory services, content management, and collaboration tools.

When assessing the current application portfolio that supports CRM, the tendency will be to focus on the applications under the CRM umbrella, relating mostly to Marketing, Sales, and Customer Service. Be sure to include systems that act as input to, or benefit due to outputs from, the CRM or similar applications.

Sample CRM map

Step 1.4

Define Business Capabilities

Activities

1.4.1 Define business capabilities

1.4.2 List your key CRM processes

Map Current-State Capabilities

This step will walk you through the following activities:

• Define your business capabilities
• List your key CRM processes

This step involves the following participants:

• CRM Optimization Team
• Business Architect

Outcomes of this step

• Business capabilities map
• Key CRM processes list

Business capability map (Level 0)

In business architecture, the primary view of an organization is known as a business capability map.

A business capability defines what a business does to enable value creation, rather than how.

Business capabilities:

• Represent stable business functions.
• Are unique and independent of each other.
• Typically will have a defined business outcome.

A business capability map provides details that help the business architecture practitioner direct attention to a specific area of the business for further assessment.

Capability vs. process vs. feature

Understanding the difference

When examining CRM optimization, it is important we approach this from the appropriate layer.

Capability:

• The ability of an entity (e.g. organization or department) to achieve its objectives (APQC, 2017).
• An ability that an organization, person, or system possesses. Typically expressed in general and high-level terms and typically require a combination of organization, people, processes, and technology to achieve (TOGAF).

Process:

• Can be manual or technology enabled. A process is a series of interrelated activities that convert inputs into results (outputs). Processes consume resources, require standards for repeatable performance, and respond to control systems that direct the quality, rate, and cost of performance. The same process can be highly effective in one circumstance and poorly effective in another with different systems, tools, knowledge, and people (APQC, 2017).

Feature:

• Is a distinguishing characteristic of a software item (e.g. performance, portability, or functionality) (IEEE, 2005).

In today’s complex organizations, it can be difficult to understand where inefficiencies stem from and how performance can be enhanced.
To fix problems and maximize efficiencies business capabilities and processes need to be examined to determine gaps and areas of lagging performance.

Info-Tech’s CRM framework and industry tools such as the APQC’s Process Classification Framework can help make sense of this.

1.4.1 Define business capabilities

1-3 hours

1. Look at the major functions or processes within the scope of CRM.
2. Compile an inventory of current systems that interact with the chosen processes. In its simplest form, document your application inventory in a spreadsheet (see tab 3 of the CRM Application Inventory Tool). For large organizations, interview representatives of business domains to help create your list of applications.
3. Make sure to include any processes that are manual versus automated.
4. Use your current state drawing from activity 1.3.1 to link processes to applications for further effect.

CRM Application Inventory Tool

Input

• Current systems
• Key processes
• APQC Framework
• Organizational process map

Output

• List of key business processes

Materials

• CRM Application Inventory Tool
• CRM APQC Framework
• Whiteboard, PowerPoint, or flip charts
• Pens/markers

Participants

• CRM Optimization Team

CRM process mapping

The operating model

An operating model is a framework that drives operating decisions. It helps to set the parameters for the scope of CRM and the processes that will be supported. The operating model will serve to group core operational processes. These groupings represent a set of interrelated, consecutive processes aimed at generating a common output.

The Value Stream

Value Stream Defined

Value streams connect business goals to the organization’s value realization activities in the marketplace. Those activities are dependent on the specific industry segment in which an organization operates.

There are two types of value streams: core value streams and support value streams.

• Core value streams are mostly externally facing. They deliver value to either an external or internal customer and they tie to the customer perspective of the strategy map.
• Support value streams are internally facing and provide the foundational support for an organization to operate.

An effective method for ensuring all value streams have been considered is to understand that there can be different end-value receivers.

APQC Framework

Help define your inventory of sales, marketing, and customer services processes.

Operating Processes

1. Develop Vision and Strategy
2. Develop and Manage Products and Services
3. Market and Sell Products and Services
4. Deliver Physical Products
5. Deliver Services

Management and Support Processes

6. Manage Customer Service
7. Develop and Manage Human Capital
8. Manage Information Technology (IT)
9. Manage Financial Resources
10. Acquire, Construct, and Manage Assets
11. Manage Enterprise Risk, Compliance, Remediation, and Resiliency
12. Manage External Relationships
13. Develop and Manage Business Capabilities

Source: APQC, 2020

If you do not have a documented process model, you can use the APQC Framework to help define your inventory of sales business processes.

APQC’s Process Classification Framework is a taxonomy of cross-functional business processes intended to allow the objective comparison of organizational performance within and among organizations.

Go to this link

Process mapping hierarchy

APQC provides a process classification framework. It allows organizations to effectively define their processes and manage them appropriately.

THE APQC PROCESS CLASSIFICATION FRAMEWORK (PCF)® was developed by non-profit APQC, a global resource for benchmarking and best practices, and its member companies as an open standard to facilitate improvement through process management and benchmarking, regardless of industry, size, or geography. The PCF organizes operating and management processes into 12 enterprise level categories, including process groups and over 1,000 processes and associated activities. To download the full PCF or industry-specific versions of the PCF as well as associated measures and benchmarking, visit www.apqc.org/pcf.

Cross-industry classification framework

Info-Tech Insight

Focus your initial assessment on the level 1 processes that matter to your organization. This allows you to target your scant resources on the areas of optimization that matter most to the organization and minimize the effort required from your business partners.

You may need to iterate the assessment as challenges are identified. This allows you to be adaptive and deal with emerging issues more readily and become a more responsive partner to the business.

1.4.2 List your key CRM processes

1-3 hours

1. Reflect on your organization’s CRM capabilities and processes.
2. Refer to tab 4, “Process Importance,” in your Get the Most Out of Your CRM Workbook. You can use your own processes if you prefer. Consult tab 10. “Framework (Reference)” in the Workbook to explore additional capabilities.
3. Use your CRM goals as a guide.

Get the Most Out of Your CRM Workbook

*Adapted from the APQC Cross-Industry Process Classification Framework, 2019.

Step 1.5

Understand CRM Costs

Activities

1.5.1 List CRM-related costs (optional)

Map Current-State Capabilities

This step will walk you through the following activities:

• Define your business capabilities
• List your key CRM processes

This step involves the following participants:

• Finance Representatives
• CRM Optimization Team

Outcomes of this step

• Current CRM and related operating costs

1.5.1 List CRM-related costs (optional)

3+ hours

Before you can make changes and optimization decisions, you need to understand the high-level costs associated with your current application architecture. This activity will help you identify the types of technology and people costs associated with your current systems.

1. Identify the types of technology costs associated with each current system:
   1. System Maintenance
   2. Annual Renewal
   3. Licensing
2. Identify the cost of people associated with each current system:
   1. Full-Time Employees
   2. Application Support Staff
   3. Help Desk Tickets
3. Use the Get the Most Out of Your CRM Workbook, tab “9. Costs (Optional),” to complete this exercise.

Get the Most Out of Your CRM Workbook

Phase 2

Assess Your Current State

• 2.1 Conduct a Gap Analysis for CRM Processes
• 2.2 Assess User Satisfaction
• 2.3 Review Your Satisfaction With the Vendor and Product

Get the Most Out of Your CRM

This phase will guide you through the following activities:

• Determine process relevance
• Perform a gap analysis
• Perform a user satisfaction survey
• Assess software and vendor satisfaction

This phase involves the following participants:

• CRM optimization team
• Users across functional areas of your CRM and related technologies

Step 2.1

Conduct a Gap Analysis for CRM Processes

Activities

• 2.1.1 Determine process relevance
• 2.1.2 Perform process gap analysis

Assess Your Current State

This step will walk you through the following activities:

• Determine process relevance
• Perform a gap analysis

This step involves the following participants:

• CRM optimization team

Outcomes of this step

• Gap analysis for CRM-related processes (current vs. desired state)

2.1.1 Determine process relevance

1-3 hours

1. Open tab “4. Process Importance,” in the Get the Most Out of Your CRM Workbook.
2. Rate each process for level of importance to your organization on the following scale:
   • Crucial
   • Important
   • Secondary
   • Unimportant
   • Not applicable

Get the Most Out of Your CRM Workbook

2.1.2 Perform process gap analysis

1-3 hours

1. Open tab “5. Process Assessment,” in the Get the Most Out of Your CRM Workbook.
2. For each line item, identify your current state and your desired state on the following scale:
   • Not important
   • Poor
   • Moderate
   • Good
   • Excellent

Get the Most Out of Your CRM Workbook

Step 2.2

Assess User Satisfaction

Activities

• 2.2.1 Prepare and complete a user satisfaction survey
• 2.2.2 Enter user satisfaction

Assess Your Current State

This step will walk you through the following activities:

• Preparation and completion of an application portfolio assessment (APA)
• Entry of the user satisfaction scores into the workbook

This step involves the following participants:

• CRM optimization team
• Users across functional areas of CRM and related technologies

Outcomes of this step

• Understanding of user satisfaction across applications and processes
• Insight into CRM data quality

Benefits of the Application Portfolio Assessment

Assess the health of the application portfolio

• Get a full 360-degree view of the effectiveness, criticality, and prevalence of all relevant applications to get a comprehensive view of the health of the applications portfolio.
• Identify opportunities to drive more value from effective applications, retire nonessential applications, and immediately address at-risk applications that are not meeting expectations.

Provide targeted department feedback

• Share end-user satisfaction and importance ratings for core IT services, IT communications, and business enablement to focus on the right end-user groups or lines of business, and ramp up satisfaction and productivity.

Insight into the state of data quality

• Data quality is one of the key issues causing poor CRM user satisfaction and business results. This can include the relevance, accuracy, timeliness, or usability of the organization’s data.
• Targeted, open-ended feedback around data quality will provide insight into where optimization efforts should be focused.

2.2.1 Prepare and complete a user satisfaction survey

1 hour

Option 1: Use Info-Tech’s Application Portfolio Assessment to generate your user satisfaction score. This tool not only measures application satisfaction but also elicits great feedback from users regarding support they receive from the IT team.

1. Download the CRM Application Inventory Tool.
2. Complete the “Demographics” tab (tab 2).
3. Complete the “Inventory” tab (tab 3).
   1. Complete the inventory by treating each process within the organization as a separate row. Use the processes identified in the process gap analysis as a reference.
   2. Treat every department as a separate column in the department section. Feel free to add, remove, or modify department names to match your organization.
   3. Include data quality for all applications applicable.

Option 2: Use the method of choice to elicit current user satisfaction for each of the processes identified as important to the organization.

1. List processes identified as important (from the Get the Most Out of Your CRM Workbook, tab 4, “Process Importance”).
2. Gather user contact information by department.
3. Ask users to rate satisfaction: Extremely Satisfied, Satisfied, Neutral, Dissatisfied, and Extremely Dissatisfied (on Get the Most Out of Your CRM Workbook, tab 5. “Process Assessment”).

Understand user satisfaction across capabilities and departments within your organization.

Download the CRM Application Inventory Tool

2.2.2 Enter user satisfaction

20 minutes

Using the results from the Application Portfolio Assessment or your own user survey:

1. Open your Get the Most Out of Your CRM Workbook, tab “5. Process Assessment.”
2. For each process, record up to three different department responses.
3. Enter the answers to the survey for each line item using the drop-down options:
   • Extremely Satisfied
   • Satisfied
   • Neutral
   • Dissatisfied
   • Extremely Dissatisfied

Understand user satisfaction across capabilities and departments within your organization.

Get the Most Out of Your CRM Workbook

Step 2.3

Review Your Satisfaction With the Vendor and Product

Activities

2.3.1 Rate your vendor and product satisfaction

2.3.2 Enter SoftwareReviews scores from your CRM Product Scorecard (optional)

Assess Your Current State

This step will walk you through the following activities:

• Rate your vendor and product satisfaction
• Compare with survey data from SoftwareReviews

This step involves the following participants:

• CRM Owner(s)
• Procurement Representative
• Vendor Contracts Manager

Outcomes of this step

• Quantified satisfaction with vendor and product

Use a SoftwareReviews Product Scorecard to evaluate your satisfaction compared to other organizations.

Source: SoftwareReviews, March 2019

Where effective IT leaders spend their time

80% satisfaction score, and the other list is CIOs with <80% satisfaction score.">

Info-Tech Insight

The data shows that effective IT leaders invest a significant amount of time (8%) on vendor management initiatives.

Be proactive in managing you calendar and block time for these important tasks.

CIOs who prioritize vendor management see improved results

Analysis of CIOs’ calendars revealed that how CIOs spend their time has a correlation to both stakeholder IT satisfaction and CEO-CIO alignment.

Those CIOs that prioritized vendor management were more likely to have a business satisfaction score greater than 80%.

2.3.1 Rate your vendor and product satisfaction

30 minutes

Use Info-Tech’s vendor satisfaction survey to identify optimization areas with your CRM product(s) and vendor(s).

Option 1 (recommended): Conduct a satisfaction survey using SoftwareReviews. This option allows you to see your results in the context of the vendor landscape.

Download the Get the Most Out of Your CRM Workbook

Option 2: Use your Get the Most Out of Your CRM Workbook, tab “6. Vendor Optimization,” to review your satisfaction with your software.

SoftwareReviews’ Customer Relationship Management

2.3.2 Enter SoftwareReviews scores (optional)

30 minutes

1. Download the scorecard for your CRM product from the SoftwareReviews website. (Note: Not all products are represented or have sufficient data, so a scorecard may not be available.)
2. Use your Get the Most Out of Your CRM Workbook, tab “6. Vendor Optimization,” to record the scorecard results.
3. Use your Get the Most Out of Your CRM Workbook, tab “6. Vendor Optimization,” to flag areas where your score may be lower than the product scorecard. Brainstorm ideas for optimization.

Download the Get the Most Out of Your CRM Workbook

SoftwareReviews’ Customer Relationship Management

Phase 3

Build Your Optimization Roadmap

• 3.1 Identify Key Optimization Areas
• 3.2 Compile Optimization Assessment Results

Get the Most Out of Your CRM

This phase will walk you through the following activities:

• Identify key optimization areas
• Create an optimization roadmap

This phase involves the following participants:

• CRM Optimization Team

Build your optimization roadmap

Address process gaps

• CRM and related technologies are invaluable to sales, marketing, and customer service enablement, but they must have supported processes driven by business goals.
• Identify areas where capabilities need to be improved and work towards.

Support user satisfaction

• The best technology in the world won’t deliver business results if it is not working for the users who need it.
• Understand concerns, communicate improvements, and support users in all roles.

Improve data quality

• Data quality is unique to each business unit and requires tolerance, not perfection.
• Implement a set of data quality initiatives that are aligned with overall business objectives and aimed at addressing data practices and the data itself.

Proactively manage vendors

• Vendor management is a critical component of technology enablement and IT satisfaction.
• Assess your current satisfaction against those of your peers and work towards building a process that is best fit for your organization.

Info-Tech Insight

Enabling a high-performing, customer-centric sales, marketing, and customer service operations program requires excellent management practices and continuous optimization efforts.

Technology portfolio and architecture is important, but we must go deeper. Taking a holistic view of CRM technologies in the environments in which they operate allows for the inclusion of people and process improvements – this is key to maximizing business results.

Using a formal CRM optimization initiative will drive business-IT alignment, identify IT automation priorities, and dig deep into continuous process improvement.

Step 3.1

Identify Key Optimization Areas

Activities

• 3.1.1 Explore process gaps
• 3.1.2 Analyze user satisfaction
• 3.1.3 Assess data quality
• 3.1.4 Analyze product satisfaction and vendor management

Build Your Optimization Roadmap

This step will guide you through the following activities:

• Explore existing process gaps
• Identify the impact of processes on user satisfaction
• Identify the impact of data quality on user satisfaction
• Review your overall product satisfaction and vendor management

This step involves the following participants:

• CRM Optimization Team

Outcomes of this step

• Application optimization plan

3.1.1 Explore process gaps

1 hour

1. Review the compiled CRM Process Assessment in the Get the Most Out of Your CRM Workbook, tab “7. Process Prioritization.”
2. These are processes you should prioritize.

• The activities in the rest of Step 3.1 help you create optimization strategies for the different areas of improvement these processes relate to: user satisfaction, data quality, product satisfaction, and vendor management.

Get the Most Out of Your CRM Workbook

Plan your product optimization strategy for each area of improvement

3.1.2 Analyze user satisfaction

1 hour

1. Use the APA survey results from activity 2.2.1 (or your own internal survey) to identify areas where the organization is performing low in user satisfaction across the CRM portfolio.
   1. Understand application portfolio and IT service satisfaction.
   2. Identify cost savings opportunities from unused or unimportant apps.
   3. Build a roadmap for improving user IT services.
   4. Manage needs by department and seniority.
2. Consolidate your optimization strategies in the Get the Most Out of Your CRM Workbook, tab “8. Optimization Roadmap.” (See next slide for screenshot.)

Get the Most Out of Your CRM Workbook

Plan your user satisfaction optimization strategy

Next steps in improving your data quality

3.1.3 Assess data quality

1 hour

1. Use your APA survey results (if available) to identify areas where the organization is performing low in data quality initiatives. Common areas for improvement include:
   • Overall data quality management
   • Effective data governance
   • Poor data integration
   • The need to implement extensible data warehousing
     
2. Consolidate your optimization strategies in the Get the Most Out of Your CRM Workbook, tab “8. Optimization Roadmap.” (See next slide for screenshot.)

Get the Most Out of Your CRM Workbook

Plan your data quality optimization strategy

Use Info-Tech’s vendor management initiative (VMI)

Create a right-size, right-fit strategy for managing the vendors relevant to your organization.

Info-Tech Insight

A VMI is a formalized process within an organization, responsible for evaluating, selecting, managing, and optimizing third-party providers of goods and services.

The amount of resources you assign to managing vendors depends on the number and value of your organization’s relationships. Before optimizing your vendor management program around the best practices presented in this blueprint, assess your current maturity and build the process around a model that reflects the needs of your organization.

Info-Tech uses VMI interchangeably with the terms “vendor management office (VMO),” “vendor management function,” “vendor management process,” and “vendor management program.”

Jump Start Your Vendor Management Initiative

3.1.4 Analyze product satisfaction and vendor management

1 hour

1. Use the Get the Most Out of Your CRM Workbook, tab “6. Vendor Optimization.”
2. Download the SoftwareReviews Vendor Scorecard.
3. Using the scorecards, compare your results with those of your peers.
4. Consolidate areas of improvement and optimization strategies in the Get the Most Out of Your CRM Workbook, tab “8. Optimization Roadmap.” (See next slide for screenshot.)

See previous slide for help around implementing a vendor management initiative.

Get the Most Out of Your CRM Workbook

Plan your vendor management optimization strategy

Step 3.2

Compile Optimization Assessment Results

Activities

• 3.2.1 Identify key optimization areas

Build Your Optimization Roadmap

This step will guide you through the following activities:

• Use your work from previous activities and prioritization to build your list of optimization activities and lay them out on a roadmap

This step involves the following participants:

• CRM Optimization Team

Outcomes of this step

• Application optimization plan

3.2.1 Identify key optimization areas

1-3 hours

Before you can make changes and optimization decisions, you need to understand the high-level costs associated with your current application architecture. This activity will help you identify the types of technology and people costs associated with your current systems.

1. Consolidate your findings and identify optimization priorities (Step 3.1).
2. Prioritize those most critical to the organization, easiest to change, and whose impact will be highest.
3. Use the information gathered from exercise 1.5.1 on Get the Most Out of Your CRM Workbook, tab “9. Costs (Optional).”
4. These costs could affect the priority or timeline of the initiatives. Consolidate your thoughts on your Get the Most Out of Your CRM Workbook, tab 8, “Optimization Roadmap.” Note: There is no column specific to costs on tab 8.

This is meant as a high-level roadmap. For formal, ongoing optimization project management, refer to “Build a Better Backlog” (Phase 2 of the Info-Tech blueprint Deliver on Your Digital Product Vision).

Next steps: Manage your technical debt

Use a holistic assessment of the “interest” paid on technical debt to quantify and prioritize risk and enable the business make better decisions.

• Technical debt is an IT risk, which in turn is a category of business risk.
• The business must decide how to manage business risk.
• At the same time, business decision makers may not be aware of technical debt or be able to translate technical challenges into business risk. IT must help the business make decisions around IT risk by describing the risk of technical debt in business terms and by outlining the options available to address risk.
• Measure the ongoing business impact (the “interest” paid on technical debt) to establish the business risk of technical debt. Consider a range of possible impacts including direct costs, lost goodwill, lost flexibility and resilience, and health, safety, and compliance impacts.
• When weighing these impacts, the business may choose to accept the risk of technical debt if the cost of addressing the debt outweighs the benefit. But it’s critically important that the business accepts that risk – not IT.

Manage Your Technical Debt

Take it a step further…

Deliver on Your Digital Product Vision

Phase 2: Build a Better Product Backlog

Build a structure for your backlog that supports your product vision.

Deliver on Your Digital Product Vision

Build a better backlog

An ongoing CRM optimization effort is best facilitated through a continuous Agile process. Use info-Tech’s developed tools to build out your backlog.

The key to a better backlog is a common structure and guiding principles that product owners and product teams can align to.

Info-Tech Insight

Exceptional customer value begins with a clearly defined backlog focused on items that will create the greatest human and business benefits.

A product owner and the product backlog are critical to realize the benefits of Agile development

A product owner is accountable for defining and prioritizing the work that will be of the greatest value to the organization and its customers. The backlog is the key to facilitating this process and accomplishing the most fundamental goals of delivery.

For more information on the role of a product owner, see Build a Better Product Owner.

Highly effective Agile teams spend 28% of their time on product backlog management and roadmapping (Quantitative Software Management, 2015).

1. Manage Stakeholders

• Stakeholders need to be kept up to speed on what the future holds for a product, or at least they should be heard. This task falls to the product owner.

2. Inform and Protect the Team

• The product owner is a servant leader of the team. They need to protect the team from all the noise and give them the time they need to focus on what they do best: develop.

3. Maximize Value to the Product

• Sifting through all of these voices and determining what is valuable, or what is most valuable, falls to the product owner.

A backlog stores and organizes PBIs at various stages of readiness.

Your backlog must give you a holistic understanding of demand for change in the product

A well-formed backlog can be thought of as a DEEP backlog:

Detailed Appropriately: PBIs are broken down and refined as necessary.

Emergent: The backlog grows and evolves over time as PBIs are added and removed.

Estimated: The effort a PBI requires is estimated at each tier.

Prioritized: The PBI’s value and priority are determined at each tier.

	3 - IDEAS Composed of raw, vague, and potentially large ideas that have yet to go through any formal valuation.
	2 - QUALIFIED Researched and qualified PBIs awaiting refinement.
	1 - READY Discrete, refined PBIs that are ready to be placed in your development teams’ sprint plans.

Summary of Accomplishment

Get the Most Out of Your CRM

CRM technology is critical to facilitate an organization’s relationships with customers, service users, employees, and suppliers. CRM implementation should not be a one-and-done exercise. There needs to be an ongoing optimization to enable business processes and optimal organizational results.

Get the Most Out of Your CRM allows organizations to proactively implement continuous assessment and optimization of a customer relationship management system. This includes:

• Alignment and prioritization of key business and technology drivers
• Identification of CRM processes including classification and gap analysis
• Measurement of user satisfaction across key departments
• Improved vendor relations
• Data quality initiatives

This formal CRM optimization initiative will drive business-IT alignment, identify IT automation priorities, and dig deep into continuous process-improvement.

If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop.

Contact your account representative for more information

workshops@infotech.com
1-866-670-8889

Research Contributors

Ben Dickie
Research Practice Lead
Info-Tech Research Group

Ben Dickie is a Research Practice Lead at Info-Tech Research Group. His areas of expertise include customer experience management, CRM platforms, and digital marketing. He has also led projects pertaining to enterprise collaboration and unified communications.

Scott Bickley
Practice Lead & Principal Research Director
Info-Tech Research Group

Scott Bickley is a Practice Lead & Principal Research Director at Info-Tech Research Group focused on vendor management and contract review. He also has experience in the areas of IT asset management (ITAM), software asset management (SAM), and technology procurement, along with a deep background in operations, engineering, and quality systems management.

Andy Neil
Practice Lead, Applications
Info-Tech Research Group

Andy is Senior Research Director, Data Management and BI, at Info-Tech Research Group. He has over 15 years of experience in managing technical teams, information architecture, data modeling, and enterprise data strategy. He is an expert in enterprise data architecture, data integration, data standards, data strategy, big data, and the development of industry-standard data models.

Bibliography

Armel, Kate. “Data-driven Estimation, Management Lead to High Quality.” Quantitative Software Management Inc. 2015. Web.

Chappuis, Bertil, and Brian Selby. “Looking beyond Technology to Drive Sales Operations.” McKinsey & Company, 24 June 2016. Web.

Cross-Industry Process Classification Framework (PCF) Version 7.2.1. APQC, 26 Sept. 2019. Web.

Fleming, John, and Hater, James. “The Next Discipline: Applying Behavioral Economics to Drive Growth and Profitability.” Gallup, 22 Sept. 2012. Accessed 6 Oct. 2020.

Hinchcliffe, Dion. “The evolving role of the CIO and CMO in customer experience.” ZDNet, 22 Jan. 2020. Web.

Karlsson, Johan. “Backlog Grooming: Must-Know Tips for High-Value Products.” Perforce. 18 May 2018. Web. Feb. 2019.

Klie, L. “CRM Still Faces Challenges, Most Speakers Agree: CRM systems have been around for decades, but interoperability and data siloes still have to be overcome.” CRM Magazine, vol. 23, no. 5, 2019, pp. 13-14.

Kumar, Sanjib, et al. “Improvement of CRM Using Data Mining: A Case Study at Corporate Telecom Sector.” International Journal of Computer Applications, vol. 178, no. 53, 2019, pp. 12-20, doi:10.5120/ijca2019919413.

Morgan, Blake. “50 Stats That Prove The Value Of Customer Experience.” Forbes, 24 Sept. 2019. Web.

Norelus, Ernese, et al. “An Approach to Application Modernization: Discovery and Assessment Phase.” IBM Garage, Medium, 24 Feb 2020. Accessed 4 Mar. 2020.

“Process Frameworks.” APQC, 4 Nov. 2020. Web.

“Process vs. Capability: Understanding the Difference.” APCQ, 2017. Web.

Rubin, Kenneth S. "Essential Scrum: A Practical Guide to the Most Popular Agile Process." Pearson Education, 2012.

Savolainen, Juha, et al. “Transitioning from Product Line Requirements to Product Line Architecture.” 29th Annual International Computer Software and Applications Conference (COMPSAC'05), IEEE, vol. 1, 2005, pp. 186-195, doi: 10.1109/COMPSAC.2005.160

Smith, Anthony. “How To Create A Customer-Obsessed Company Like Netflix.” Forbes, 12 Dec. 2017. Web.

“SOA Reference Architecture – Capabilities and the SOA RA.” The Open Group, TOGAF. Web.

Taber, David. “What to Do When Your CRM Project Fails.” CIO Magazine, 18 Sept. 2017. Web.

“Taudata Case Study.” Maximizer CRM Software, 17 Jan. 2020. Web.

Prevent Data Loss Across Cloud and Hybrid Environments

Leverage existing tools and focus on the data that matters most to your organization.

Analyst Perspective

Data loss prevention is an additional layer of protection

Driven by reduced operational costs and improved agility, the migration to cloud services continues to grow at a steady rate. A recent report by Palo Alto Networks indicates workload in the cloud increased by 13% last year, and companies are expecting to move an additional 11% of their workload to the cloud in the next 24 months1.

However, moving to the cloud poses unique challenges for cyber security practitioners. Cloud services do not offer the same level of management and control over resources as traditional IT approaches. The result can be reduced visibility of data in cloud services and reduced ability to apply controls to that data, particularly data loss prevention (DLP) controls.

It’s not unusual for organizations to approach DLP as a point solution. Many DLP solutions are marketed as such. The truth is, DLP is a complex program that uses many different parts of an organization’s security program and architecture. To successfully implement DLP for data in the cloud, an organization should leverage existing security controls and integrate DLP tools, whether newly acquired or available in cloud services, with its existing security program.

Bob Wilson
CISSP
Research Director, Security and Privacy
Info-Tech Research Group

Executive Summary

Info-Tech Insight

Data loss prevention is the outcome of a well-designed strategy that incorporates multiple, sometimes disparate, tools within your existing security program.

Your challenge

Protecting data is a critical responsibility for organizations, no matter where it is located.

45% of breaches occurred in the cloud (“Cost of a Data Breach 2022,” IBM Security, 2022).

It can take upwards of 12 weeks to identify and contain a breach (“Cost of a Data Breach 2022,” IBM Security, 2022).

• Compliance obligations will require organizations to protect certain data.
• All data states can exist in the cloud, and each state provides a unique opportunity for data loss.
• Insider threats, whether intentional or not, are especially challenging for organizations. It’s necessary to prevent illicit data use while still allowing work to happen.

Info-Tech Insight

Data loss prevention doesn’t depend on a single tool. Many of the leading cloud service providers offer DLP controls with their services and these controls should be considered.

Common obstacles

As organizations increasingly move data into the cloud, their environments become more complex and vulnerable to insider threats

• It’s not uncommon for an organization not to know what data they use, where that data exists, or how they are supposed to protect it.
• Cloud systems, especially software as a service (SaaS) applications, may not provide much visibility into how that data is stored or protected.
• Insider threats are a primary concern, but employees must be able to access data to perform their duties. It isn’t always easy to strike a balance between adequate access and being too restrictive with controls.

Insider threats are a significant concern

Info-Tech Insight

An insider threat management (ITM) program focuses on the user. DLP programs focus on the data.

Insight summary

DLP is not just a single tool. It’s an additional layer of security that depends on different components of your security program, and it requires time and effort to mature.

Organizations should leverage existing security architecture with the DLP controls available in the cloud services they use.

Data loss prevention is not a point solution

Data loss prevention is the outcome of a well-designed strategy that incorporates multiple, sometimes disparate tools within your existing security program.

Prioritize data

Start with the data that matters most to your organization.

Define an objective

Having a clearly defined objective will make implementing a DLP program much easier.

DLP is a layer

Data loss prevention is not foundational, and it depends on many other parts of a mature information security program.

The low hanging fruit is sweet

Start your DLP implementation with a quick win in mind and build on small successes.

DLP is a work multiplier

Your organization must be prepared to investigate alerts and respond to incidents.

Prevent data loss across cloud or hybrid environments

Data loss prevention is not a point solution.
It’s the outcome of a well-designed strategy that incorporates multiple, sometimes disparate tools within your existing security program.

Info-Tech Insight

Leverage existing security tools where possible.

Data loss prevention (DLP) overview

DLP is an additional layer of security.

DLP is a set of technologies and processes that provides additional data protection by identifying, monitoring, and preventing data from being illicitly used or transmitted.

DLP depends on many components of a mature security program, including but not limited to:

• Acceptable use policy
• Data classification policy and data handling guidelines
• Identity and access management

DLP is achieved through some or all of the following tactics:

• Identify: Data is detected using policies, rules, and patterns.
• Monitor: Data is flagged and data activity is logged.
• Prevent: Action is taken on data once it has been detected.

Info-Tech Insight

DLP is not foundational. Your information security program needs to be moderately mature to support a DLP strategy.

DLP approaches and methods

DLP uses a handful of techniques to achieve its tactics:

• Policy and access rights: Limits access to data based on user permissions or other contextual attributes.
• Isolation or virtualization: Data is isolated in an environment with channels for data leakage made unavailable.
• Cryptographic approach: Data is encrypted.
• Quantifying and limiting: Use or transfer of data is restricted by quantity.
• Social and behavioral analysis: The DLP system detects anomalous activity, such as users accessing data outside of business hours.
• Pattern matching: Data content is analyzed for specific patterns.
• Data mining and text clustering: Large sets are analyzed, typically with machine learning (ML), to identify patterns.
• Data fingerprinting: Data files are matched against a pre-calculated hash or based on file contents.
• Statistical Analysis: Data content is analyzed for sensitive data. Usually involves machine learning.

DLP has two primary approaches for applying techniques:

• Content-based: Data is identified through inspecting its content. Fingerprinting and pattern matching are examples of content-based methods.
• Context-based: Data is identified based on its situational or contextual attributes. Some factors that may be used are source, destination, and format.

Some DLP tools use both approaches.

Info-Tech Insight

Different DLP products will support different methods. It is important to keep these in mind when choosing a DLP solution.

Start by defining your data

Define data by answering the 5 “W”s

Who? Who owns the data? Who needs access? Who would be impacted if it was lost?
What? What data do you have? What type of data is it? In what format does it exist?
When? When is the data generated? When is it used? When is it destroyed?
Where? Where is the data stored? Where is it generated? Where is it used?
Why? Why is the data needed?

Use what you discover about your data to create a data inventory!

Compliance requirements

Compliance requirements often dictate what must be done to manage and protect data and vary from industry to industry.

Some examples of compliance requirements to consider:

• Healthcare - Health Insurance Portability and Accountability Act (HIPAA)
• Financial Services - Gramm-Leach-Bliley Act (GLBA)
• Payment Card Industry Data Security Standards (PCI DSS)

Info-Tech Insight

Why is especially important. If you don’t need a specific piece of data, dispose of it to reduce risk and administrative overhead related to maintaining or protecting data.

Classify your data

Data classification facilitates making decisions about how data is treated.

Data classification is a process by which data is categorized.

• The classifications are often based on the sensitivity of the data or the impact a loss or breach of that data would have on the organization.
• Data classification facilitates decisions about data handling and how information security controls are implemented. Instead of considering many different types of data individually, decisions are based on a handful of classification levels.
• A mature data classification should include a formalized policy, handling standards, and a steering committee.

Refer to our Discover and Classify Your Data blueprint for guidance on data classification.

Sample data classification schema

Info-Tech Insight

Data classification should be implemented as a continuous program, not a one-time project.

Understand data risk

Knowing where and how your data is at risk will inform your DLP strategy.

Data exists in three states, and each state presents different opportunities for risk. Different DLP methodologies will be appropriate for different states.

Data states

In use

• End-user devices
• Mobile devices
• Servers

In motion

• Cloud services
• Email
• Web/web apps
• Instant messaging
• File transfers

At rest

• Cloud services
• Databases
• End-user devices
• Email archives
• Backups
• Servers
• Physical storage devices

Causes of Risk

The most common causes of data loss can be categorized by people, processes, and technology.

Check out our Combine Security Risk Management Components Into One Program blueprint for guidance on risk management, including how to do a full risk assessment.

Prioritize your data

Know what data matters most to your organization.

Prioritizing the data that most needs protection will help define your DLP goals.

The prioritization of your data should be a business decision based on your comprehension of the data. Drivers for prioritizing data can include:

• Compliance-driven: Noncompliance is a risk in itself and your organization may choose to prioritize data based on meeting compliance requirements.
• Audit-driven: Data can be prioritized to prepare for a specific audit objective or in response to an audit finding.
• Business-driven: Data could be prioritized based on how important it is to the organization’s business processes.

Info-Tech Insight

It’s not feasible for most organizations to apply DLP to all their data. Start with the most important data.

Activity: Prioritize your data

Input: Lists of data, data types, and data environments
Output: A list of data types with an estimated priority
Materials: Data Loss Prevention Strategy Planner worksheet
Participants: Security leader, Data owners

1-2 hours

For this activity, you will use the Data Loss Prevention Strategy Planner workbook to prioritize your data.

1. Start with tab “2. Setup” and fill in the columns. Each column features a short explanation of itself, and the following slides will provide more detail about the columns.
2. On tab “3. Data Prioritization,” work through the rows by selecting a data type and moving left to right. This sheet features a set of instructions at the top explaining each column, and the following slides also provide some guidance. On this tab, you may use data types and data environments multiple times.

Click to download the Data Loss Prevention Strategy Planner

Activity: Prioritize your data

In the Data Loss Prevention Strategy Planner tool, start with tab “2. Setup.”

Next, move to tab “3. Data Prioritization.”

Click to download the Data Loss Prevention Strategy Planner

Determine DLP objectives

Your DLP strategy should be able to function as a business case.

DLP objectives should achieve one or more of the following:

• Prevent disclosure or unauthorized use of data, regardless of its state.
• Preserve usability while providing adequate security.
• Improve security, privacy, and compliance capabilities.
• Reduce overall risk for the enterprise.

Example objectives:

• Prevent users from emailing ePHI to addresses outside of the organization.
• Detect when a user is uploading an unusually large amount of data to a cloud drive.

Most common DLP use cases:

• Protection of data, primarily from internal threats.
• Meet compliance requirements to protect data.
• Automate the discovery and classification of data.
• Provide better data management and visibility across the enterprise.
• Manage and protect data on mobile devices.

Info-Tech Insight

Having a clear idea of your objectives will make implementing a DLP program easier.

Align DLP with your existing security program/architecture

DLP depends on many different aspects of your security program.
To the right are some components of your existing security program that will support DLP.

1. Data handling standards or guidelines: These specify how your organization will handle data, usually based on its classification. Your data handling standards will inform the development of DLP rules, and your employees will have a clear idea of data handling expectations.

2. Identity and access management (IAM): IAM will control the access users have to various resources and data and is integral to DLP processes.

3. Incident response policy or plan: Be sure to consider your existing incident handling processes when implementing DLP. Modifying your incident response processes to accommodate alerts from DLP tools will help you efficiently process and respond to incidents.

4. Existing security tools: Firewalls, email gateways, security information and event management (SIEM), and other controls should be considered or leveraged when implementing a DLP solution.

5. Acceptable use policy: An organization must set expectations for acceptable/unacceptable use of data and IT resources.

6. User education and awareness: Aside from baseline security awareness training, organizations should educate users about policies and communicate the risks of data leakage to reduce risk caused by user error.

Info-Tech Insight

Consider DLP as a secondary layer of protection; a safety net. Your existing security program should do most of the work to prevent data misuse.

Cloud service models

A fundamental challenge with implementing DLP with cloud services is the reduced flexibility that comes with managing less of the technology stack. Each cloud model offers varying levels of abstraction and control to the user.

Infrastructure as a service (IaaS): This service model provides customers with virtualized technology resources, such as servers and networking infrastructure. IaaS allows users to have complete control over their virtualized infrastructure without needing to purchase and maintain hardware resources or server space. Popular examples include Amazon Web Servers, Google Cloud Engine, and Microsoft Azure.

Platform as a service (PaaS): This service model provides users with an environment to develop and manage their own applications without needing to manage an underlying infrastructure. Popular examples include Google Cloud Engine, OpenShift, and SAP Cloud.

Software as a service (SaaS): This service model provides customers with access to software that is hosted and maintained by the cloud provider. SaaS offers the least flexibility and control over the environment. Popular examples include Salesforce, Microsoft Office, and Google Workspace.

Info-Tech Insight

Cloud service providers may include DLP controls and functionality for their environments with the subscription. These tools are usually well suited for DLP functions on that platform.

Different DLP tools

DLP products often fall into general categories defined by where those tools provide protection. Some tools fit into more than one category.

Cloud DLP refers to DLP products that are designed to protect data in cloud environments.

• Cloud access security broker (CASB): This system, either in-cloud or on-premises, sits between cloud service users and cloud service providers and acts as a point of control to enforce policies on cloud-based resources. CASBs act on data in motion, for the most part, but can detect and act on data at rest through APIs.
• Existing tools integrated within a service: Many cloud services provide DLP tools to manage data loss in their service.

Endpoint DLP: This DLP solution runs on an endpoint computing device and is suited to detecting and controlling data at rest on a computer as well as data being uploaded or downloaded. Endpoint DLP would be feasible for IaaS.

Network DLP: Network DLP, deployed on-premises or as a cloud service, enforces policies on network flows between local infrastructure and the internet.

• “Email DLP”: Detects and enforces security policies specifically on data in motion as emails.

Choosing a DLP solution

You will also find that some DLP solutions are better suited for some cloud service models than others.

DLP solution types that are better suited for SaaS: CASB and Integrated Tools

DLP solution types that are better suited for PaaS: CASB, Integrated Tools, Network DLP

DLP solution types that are better suited for IaaS: CASB, Integrated Tools, Network DLP, and Endpoint DLP

Your approach for DLP will vary depending on the data state you’ll be acting on and whether you are trying to detect or prevent.

Click to download the Data Loss Prevention Strategy Planner
Check the tab labeled “6. DLP Features Reference” for a list of common DLP features.

Activity: Plan DLP methods

Input: Knowledge of data states for data types
Output: A set of technical DLP policy rules for each data type by environment
Materials: The same Data Loss Prevention Strategy Planner worksheet from the earlier activity
Participants: Security leader, Data owners

1-2 hours

Continue with the same workbook used in the previous activity.

1. On tab “4. DLP Methods,” indicate the expected data state the DLP control will act on. Then, select the type of DLP control your organization intends to use for that data type in that data environment.
2. DLP actions are suggested based on the classification of the data type, but these may be overridden by manually selecting your preferred action.
3. You will find more detail on this activity on the following slide, and you will find some additional guidance in the instructional text at the top of the worksheet.
4. Once you have populated the columns on this worksheet, a summary of suggested DLP rules can be found on tab “5. Results.”

Click to download the Data Loss Prevention Strategy Planner

Activity: Plan DLP methods

Use tab “4. DLP Methods” to plan DLP rules and technical policies.

See tab “5. Results” for a summary of your DLP policies.

Click to download the Data Loss Prevention Strategy Planner

Implement your DLP program

Take the steps to properly implement your DLP program

1. It’s important to shift the culture. You will need leadership’s support to implement controls and you’ll need stakeholders’ participation to ensure DLP controls don’t negatively affect business processes.
2. Integrate DLP tools with your security program. Most cloud service providers, like Amazon, Microsoft, and Google provide DLP controls in their native environment. Many of your other security controls, such as firewalls and mail gateways, can be used to achieve DLP objectives.
3. DLP is best implemented with a crawl, walk, then run approach. Following change management processes can reduce friction.
4. Communicating controls to users will also reduce friction.

Info-Tech Insight

After a DLP program is implemented, alerts will need to be investigated and incidents will need a response. Be prepared for DLP to be a work multiplier!

Measure and improve

Metrics of effectiveness

DLP attempts to tackle the challenge of promptly detecting and responding to an incident.
To measure the effectiveness of your DLP program, compare the number of events, number of incidents, and mean time to respond to incidents from before and after DLP implementation.

Metrics that indicate friction

A high number of false positives and rule exceptions may indicate that the rules are not working well and may be interfering with legitimate use.
It’s important to address these issues as the frustration felt by employees can undermine the DLP program.

Tune DLP rules

Establish a process for routinely using metrics to tune rules.
This will improve performance and reduce friction.

Info-Tech Insight

Aside from performance-based tuning, it’s important to evaluate your DLP program periodically and after major system or business changes to maintain an awareness of your data environment.

Related Info-Tech Research

Research Contributors

Andrew Amaro
CSO and Founder
Klavan Physical and Cyber Security Services

Arshad Momin
Cyber Security Architect
Unicom Engineering, Inc.

James Bishop
Information Security Officer
StructureFlow

Michael Mitchell
Information Security and Privacy Compliance Manager
Unicom Engineering, Inc.

One Anonymous Contributor

Bibliography

Alhindi, Hanan, Issa Traore, and Isaac Woungang. "Preventing Data Loss by Harnessing Semantic Similarity and Relevance." jisis.org Journal of Internet Services and Information Security, 31 May 2021. Accessed 2 March 2023. https://jisis.org/wp-content/uploads/2022/11/jisis-2021-vol11-no2-05.pdf

Cash, Lauryn. "Why Modern DLP is More Important Than Ever." Armorblox, 10 June 2022. Accessed 10 February 2023. https://www.armorblox.com/blog/modern-dlp-use-cases/

Chavali, Sai. "The Top 4 Use Cases for a Modern Approach to DLP." Proofpoint, 17 June 2021. Accessed 7 February 2023. https://www.proofpoint.com/us/blog/information-protection/top-4-use-cases-modern-approach-dlp

Crowdstrike. "What is Data Loss Prevention?" Crowdstrike, 27 Sept. 2022. Accessed 6 Feb. 2023. https://www.crowdstrike.com/cybersecurity-101/data-loss-prevention-dlp/

De Groot, Juliana. "What is Data Loss Prevention (DLP)? Definition, Types, and Tips." Digital Guardian, 8 February 2023. Accessed 9 Feb. 2023. https://digitalguardian.com/blog/what-data-loss-prevention-dlp-definition-data-loss-prevention

Denise. "Learn More About DLP Key Use Cases." CISO Platform, 28 Nov. 2019. Accessed 10 February 2023. https://www.cisoplatform.com/profiles/blogs/learn-more-about-dlp-key-use-cases

Google. "Cloud Data Loss Prevention." Google Cloud Google, n.d. Accessed 7 Feb. 2023. https://cloud.google.com/dlp#section-6

Gurucul. "2023 Insider Threat Report." Cybersecurity Insiders, 13 Jan. 2023. Accessed 23 Feb. 2023. https://gurucul.com/2023-insider-threat-report

IBM Security. "Cost of a Data Breach 2022." IBM Security, 1 Aug. 2022. Accessed 13 Feb. 2023. https://www.ibm.com/downloads/cas/3R8N1DZJ

Mell, Peter & Grance, Tim. "The NIST Definition of Cloud Computing." NIST CSRC NIST, Sept. 2011. Accessed 7 Feb. 2023. https://csrc.nist.gov/publications/detail/sp/800-145/final

Microsoft. "Plan for Data Loss Prevention (DLP)." Microsoft 365 Solutions and Architecture Microsoft, 6 Feb. 2023. Accessed 14 Feb. 2023. https://learn.microsoft.com/en-us/microsoft-365/compliance/dlp-overview-plan-for-dlp

Nanchengwa, Christopher. "The Four Questions for Successful DLP Implementation." ISACA Journal ISACA, 1 Jan. 2019. Accessed 6 Feb. 2023. https://www.isaca.org/resources/isaca-journal/issues/2019/volume-1/the-four-questions-for-successful-dlp-implementation

Palo Alto Networks. "The State of Cloud Native Security 2023." Palo Alto Networks, 2 March 2023. Accessed 23 March 2023. https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/reports/state-of-cloud-native-security-2023.pdf

Pritha. "Top Six Metrics for your Data Loss Prevention Program." CISO Platform, 27 Nov. 2019. Accessed 10 Feb. 2023. https://www.cisoplatform.com/profiles/blogs/top-6-metrics-for-your-data-loss-prevention-program

Raghavarapu, Mounika. "Understand DLP Key Use Cases." Cymune, 12 June 2021. Accessed 7 Feb. 2023. https://www.cymune.com/blog-details/DLP-key-use-cases

Sheela, G. P., & Kumar, N. "Data Leakage Prevention System: A Systematic Report." International Journal of Recent Technology and Engineering BEIESP, 30 Nov. 2019. Accessed 2 March 2023. https://www.ijrte.org/wp-content/uploads/papers/v8i4/D6904118419.pdf

Sujir, Shiv. "What is Data Loss Prevention? Complete Guide [2022]." Pathlock, 15 Sep. 2022. Accessed 7 February 2023. https://pathlock.com/learn/what-is-data-loss-prevention-complete-guide-2022/

Wlosinski, Larry G. "Data Loss Prevention - Next Steps." ISACA Journal, 16 Feb. 2018. Accessed 21 Feb. 2023. https://www.isaca.org/resources/isaca-journal/issues/2018/volume-1/data-loss-preventionnext-steps

Define Your Digital Business Strategy

After a major crisis, find your place in the digital economy.

Info-Tech Research Group

Info-Tech is a provider of best-practice IT research advisory services that make every IT leader’s job easier.

35,000 members sharing best practices you can leverage

Millions spent developing tools and templates annually

Leverage direct access to over 100 analysts as an extension of your team

Use our massive database of benchmarks and vendor assessments

Get up to speed in a fraction of the time

Analyst Perspective

Build business resilience and prepare for a digital economy.

Dana Daher
Senior Research Analyst

To survive one of the greatest economic downturns since the Great Depression, organizations had to accelerate their digital transformation by engaging with the Digital Economy. To sustain growth and thrive as the pandemic eases, organizations must focus their attention on building business resilience by transforming how they deliver value today.
This requires a value-driven approach to digital transformation that is capable of identifying what aspects of the business to transform, what technologies to embrace, what processes to automate, and what new business models to create. And most importantly, it needs to unify digital possibilities with your customer experiences.
If there was ever a time for an organization to become a digital business, it is today.

Executive Summary

Your Challenge

• Your organization has difficulty adapting new technologies or rethinking the existing business models.
• Your management lacks a framework to rethink how your organization delivers value today, which causes annual planning to become an ideation session that lacks focus.
• There is uncertainty on how to meet evolving customer needs and how to compete in a digital economy.

Common Obstacles

• Your organization might approach digital transformation as if we were still in 2019, not recognizing that the pandemic resulted in a major shift to an end-to-end digital economy.
• Your senior-most leadership thinks digital is "IT's problem" because digital is viewed synonymously with technology.
• On the other hand, your IT team lacks the authority to make decisions without the executives’ involvement in the discussion around digital.

Info-Tech’s Approach

• Design a strategy that applies innovation to your business model, streamline and transform processes, and make use of technologies to enhance interactions with customers and employees.
• Use digital for transforming non-routine cognitive activities and for de-risking key elements of the value chain.
• Create a balanced roadmap that improves digital maturity and prepares you for long-term success in a digital economy.

Info-Tech Insight

After a major crisis, focus on restarting the growth engine and bolstering business resilience.

Your digital business strategy aims to transform the business

Digital Business Strategy

• Looks for ways to transform the business by identifying what technologies to embrace, what processes to automate, and what new business models to create.
• Unifies digital possibilities with your customer experiences.
• Accountability lies with the executive leadership.
• Must involve cross-functional participation from senior management from the different areas of the organization.

IT Strategy

• Aims to identify how to change, fix, or improve technology in support of the organization’s business strategy.
• Accountability lies with the CIO.
• Must involve IT management and gather strategic input from the business.

Becoming a digital business

Automate tasks to free up time for innovation.

Business activities (tasks, procedures, and processes, etc.) are used to create, sell, buy, and deliver goods and services.

When we convert information into a readable format used by computers, we call this digitization (e.g. converting paper into digital format). When we convert these activities into a format to be processed by a computer, we have digitalization (e.g. scheduling appointments online).

These two processes alter how work takes place in an organization and form the foundation of the concept digital transformation.

We maintain that digital transformation is all about becoming a “digital business” – an organization that performs more than 66% of all work activities via executable code.

As organizations take a step closer to this optimal state, new avenues are open to identify advances to promote growth, enhance customer experiences, secure sustainability, drive operational efficiencies, and unearth potential future business ventures.

Key Concepts:

Digital: The representation of a physical item in a format used by computers

Digitization: Conversion of information and processes into a digital format

Digitalization: Conversion of information into a format to be processed by a computer

Why transform your business?

COVID-19 has irrefutably changed livelihoods, businesses, and the economy. During the pandemic, digital tools have acted as a lifeline, helping businesses and economies survive, and in the process, have acted as a catalyst for digital transformation.

As organizations continue to safeguard business continuity and financial recovery, in the long term, recovery won’t be enough.

Although many pandemic/recession recovery periods have occurred before, this next recovery period will present two first-time challenges no one has faced before. We must find ways to:

• Recover from the COVID-19 recession.
• Compete in a digital economy.

To grow and thrive in this post-pandemic world, organizations must provide meaningful and lasting changes to brace for a future defined by digital technologies. – Dana Daher, Info-Tech Research Group

We are amid an economic transformation

What we are facing today is a paradigm shift transforming the ways in which we work, live, and relate to one another.

In the last 60 years alone, performance and productivity have been vastly improved by IT in virtually all economic activities and sectors. And today, digital technologies continue to advance IT's contribution even further by bringing unprecedented insights into economic activities that have largely been untouched by IT.

As technological innovation and the digitalization of products and services continue to support economic activities, a fundamental shift is occurring that is redefining how we live, work, shop, and relate to one another.

These rapid changes are captured in a new 21st century term:

The Digital Economy.

90% of CEOs believe the digital economy will impact their industry. But only 25% have a plan in place. – Paul Taylor, Forbes, 2020

Analyst Perspective

Become a Digital Business

Kenneth McGee
Research Fellow

Today, the world faces two profoundly complex, mega-challenges simultaneously:

1. Ending the COVID-19 pandemic and recession.
2. Creating strategies for returning to business growth.

Within the past year, healthcare professionals have searched for and found solutions that bring real hope to the belief the global pandemic/recession will soon end.

As progress towards ending COVID-19 continues, business professionals are searching for the most effective near-term and long-term methods of restoring or exceeding the rates of growth they were enjoying prior to 2020.

We believe developing a digital business strategy can deliver cost savings to help achieve near-term business growth while preparing an enterprise for long-term business growth by effectively competing within the digital economy of the future.

The Digital Economy

The digital economy refers to a concept in which all economic activity is facilitated or managed through digital technologies, data, infrastructure, services, and products (OECD, 2020).

The digital economy captures decades of digital trends including:

• Declining enterprise computing costs
• Improvements in computing power and performance; unprecedent analytic capabilities
• Rapid growth in network speeds, affordability, and geographic reach
• High adoption rates of PCs, mobile, and other computing devices

These trends among others have set the stage to permanently alter how buying and selling will take place within and between local, regional, national, and international economies.

The emerging digital economy concept is so compelling that the world economists, financial experts, and others are currently investigating how they must substantially rewrite the rules governing how taxes, trade, tangible and intangible assets, and countless other financial issues will be assessed and valued in a digital economy.

Download Info-Tech’s Digital Economy Report

Signals of Change

The digital economy captures technological developments transforming the way in which we live, work, and socialize

Technological evolution

Info-Tech’s approach to digital business strategy

A path to thrive in a digital economy.

1. Identify top value chains to be transformed
2. Identify a digitally enabled growth opportunity
3. Transform stakeholder journeys
4. Build a digital transformation roadmap

Info-Tech Insight

Pre-pandemic digital strategies have been primarily focused on automation. However, your post-pandemic digital strategy must focus on driving resilience for growth opportunities.

The Info-Tech difference:

• Understand how your organization creates value today to identify opportunities for digital transformation.
• Leverage strategic foresight to evaluate how complex trends can evolve over time and identify opportunities to leapfrog competitors.
• Design a journey map to empathize with your customers and identify opportunities to streamline or enhance existing and new experiences.
• Create a balanced roadmap that improves digital maturity and prepares you for long-term success in a digital economy.

A digital transformation starts by transforming how you deliver value today

As digital transformation is an effort to transform how you deliver value today, it is important to understand the different value-generating activities that deliver an outcome for and from your customers.

We do this by looking at value streams –which refer to the specific set of activities an industry player undertakes to create and capture value for and from the end consumer (and so the question to ask is, how do you make money as an organization?).

Our approach helps you to digitally transform those value streams that generate the most value for your organization.

Higher Education Value stream

Recruitment → Admission → Student Enrolment → Instruction & Research → Graduation → Advancement

Local Government Value Stream

Sustain Land, Property, and the Environment → Facilitate Civic Engagement → Protect Local Health and Safety → Grow the Economy → Provide Regional Infrastructure

Manufacturing Value Stream

Design Product → Produce Product → Sell Product

Visit Info-Tech’s Industry Coverage Research to identify your industry’s value streams

Assess your external environment to identify new value generators

Assessing your external environment allows you to identify trends that will have a high impact on how you deliver value today.

Traditionally, a PESTLE analysis is used to assess the external environment. While this is a helpful tool, it is often too broad as it identifies macro trends that are not relevant to an organization's addressable market. That is because not every factor that affects the macro environment (for example, the country of operation) affects a specific organization’s industry in the same way.

And so, instead of simply assessing the macro environment and trying to project its evolution along the PESTLE factors, we recommend to:

• Conduct a PESTLE first and deduce, from the analysis, what are possible shifts in six characteristics of an organization’s industry, or
• Proceed immediately with identifying evolutionary trends that impact the organization’s direct market.

Info-Tech Insight

While PESTLE is helpful to scan the macro environment, the analysis often lacks relevance to an organization’s industry.

An analysis of evolutionary shifts in five industry-specific characteristics would be more effective for identifying trends that impact the organization

A Market Evolution Trend Analysis (META) identifies changes in prevailing market conditions that are directly relevant to an organization’s industry, and thus provides some critical input to the strategy design process, since these trends can bring about strategic risks or opportunities.
Shifts in these five characteristics directly impact an organization:

ORGANIZATION

• Customer Expectations
• Talent Availability
• Regulatory System
• Supply Chain Continuity
• Technological Landscape

Capture existing and new value generators through a customer journey map

As we prioritize value streams, we break them down into value chains – that is the “string” of processes that interrelate that work.

However, once we identify these value chains and determine what parts we wish to digitally transform, we take on the perspective of the user, as the way they interact with your products and services will be different to the view of those within the organization who implement and provide those services.

This method allows us to build an empathetic and customer-centric lens, granting the capability to uncover challenges and potential opportunities. Here, we may define new experiences or redesign existing ones.

A digital transformation is not just about customer journeys but also about building business resilience

Pre-pandemic, a digital transformation was primarily focused around improving customer experiences. Today, we are facing a paradigm shift in the way in which we capture the priorities and strategies for a digital transformation.

As the world grows increasingly uncertain, organizations need to continue to focus on improving customer experience while simultaneously protecting their enterprise value.

Ultimately, a digital transformation has two purposes:

1. The classical model – whereby there is a focus on improving digital experiences.
2. Value protection or the reduction of enterprise risk by systematically identifying how the organization delivers value and digitally transforming it to protect future cashflows and improve the overall enterprise value.

Key deliverable:

Digital Business Strategy Presentation Template

A highly visual and compelling presentation template that enables easy customization and executive-facing content.

*Coming in 2022

Blueprint deliverables

The Digital Business Strategy Workbook supports each step of this blueprint to help you accomplish your goals:

Initiative Prioritization

Use the weighted scorecard approach to evaluate and prioritize your opportunities and initiatives.

Roadmap Gantt Chart

Populate your Gantt chart to visually represent your key initiative plan over the next 12 months.

Journey Mapping Workbook

Populate the journey maps to evaluate a user experience over its end-to-end journey.

Info-Tech offers various levels of support to best suit your needs

DIY Toolkit

“Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

Guided Implementation

“Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

Workshop

“We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

Consulting

“Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

Diagnostics and consistent frameworks used throughout all four options

Guided Implementation

What does a typical GI on this topic look like?

A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.
A typical GI is between 8 to 12 calls over the course of 2 to 4 months.

Workshop Requirements

Business Inputs

Gather business strategy documents and find information on:

• Business goals
• Current transformation initiatives
• Business capabilities to create or enhance
• Identify top ten revenue and expense generators
• Identify stakeholders

Interview the following stakeholders to uncover business context information:

• CEO
• CIO

Download the Business Context Discovery Tool

Optional Diagnostic

• Assess your digital maturity (Concierge Service)

Visit Assess Your Digital Maturity

Phase 1

Identify top value chains to be transformed

• Understand the business
• Assess your business ecosystem
• Identify two value chains for transformation

This phase will walk you through the following activities:

Understand how your organization delivers value today and identify value chains to be transformed.

This phase involves the following participants:

A cross-functional cohort across all levels of the organization.

Outcomes

• Business ecosystem
• Existing value chains to be transformed

Step 1.1

Understand the business

Activities

• Review business documents.

Identify top value chains to be transformed

This step will walk you through the following activities:

In this section you will gain an understanding of the business context for your strategy.

This step involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes of this step

Business Context

Understand the business context

Understanding the business context is a must for all strategic initiatives. A pre-requisite to all strategic planning should be to elicit the business context from your business stakeholders.

1.1 Understand the business context

Objective: Elicit the business context with a careful review of business and strategy documents.

1. Gather the strategy creation team and review your business context documents. This includes business strategy documents, interview notes from executive stakeholders, and other sources for uncovering the business strategy.
2. Brainstorm in smaller groups answers to the question you were assigned:
   • What are the strengths and weaknesses of the organization?
   • What are some areas of improvement or opportunity?
   • What does it mean to have a digital business strategy?
3. Discuss the questions above with participants and document key findings. Share with the group and work through the balanced scorecard questions to complete this exercise.
4. Document your findings.

Assess your digital readiness with Info-Tech’s Digital Maturity Assessment

Input

• Business Strategy Documents
• Executive Stakeholder Interviews

Output

• Business Context Information

Materials

• Collaboration/ Brainstorming Tool (whiteboard, flip chart, digital equivalent)

Participants

• Executive Team

Step 1.2

Assess your business ecosystem

Activities

• Identify disruptors and incumbents.

Info-Tech Insight

Your digital business strategy cannot be formulated without a clear vision of the evolution of your industry.

Identify top value chains to be transformed

This step will walk you through the following activities:

In this section, we will assess who the incumbents and disruptors are in your ecosystem and identify who your stakeholders are.

This step involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes of this step

Business Ecosystem

Assess your business ecosystem

Understand the nature of your competition.

Learn what your competitors are doing.

To survive, grow, or transform in today's digital era, organizations must first have a strong pulse on their business ecosystem. Learning what your competitors are doing to grow their bottom line is key to identifying how to grow your own. Start by understanding who the key incumbents and disruptors in your industry are to identify where your industry is heading.

Incumbents: These are established leaders in the industry that possess the largest market share. Incumbents often focus their attention to their most demanding or profitable customers and neglect the needs of those down market.

Disruptors: Disruptors are primarily new entrants (typically startups) that possess the ability to displace the existing market, industry, or technology. Disruptors are often focused on smaller markets that the incumbents aren’t focused on. (Clayton Christenson, 1997)

’Disruption’ specifically refers to what happens when the incumbents are so focused on pleasing their most profitable customers that they neglect or misjudge the needs of their other segments.– Ilan Mochari, Inc., 2015

Example Business Ecosystem Analysis

1.2 Understand your business ecosystem

Objective: Identify the incumbents and disruptors in your business ecosystem.

1. Identify the key incumbents and disruptors in your business ecosystem.
   • Incumbents: These are established leaders in the industry that possess the largest market share.
   • Disruptors: Disruptors are primarily new entrants (startups) that possess the ability to displace the existing market, industry, or technology.
2. Identify target market and key customers. Who are the primary beneficiaries of your products or service offerings? Your key customers are those who keep you in business, increase profits, and are impacted by your operations.
3. Identify what their core products or services are. Assess what core problem their products solve for key customers and what key features of their solution support this.
4. Assess what the competitors' key differentiators are. There are many differentiators that an organization can have, examples include product, brand, price, service, or channel.
5. Identify what the organization’s value proposition is. Why do customers come to them specifically? Leverage insights from the key differentiators to derive this.
6. Finally, assess how your organization derives value relative to your competitors.

Input

• Market Assessment

Output

• Key Incumbents and Disruptors

Materials

• Collaboration/ Brainstorming Tool (whiteboard, flip chart, digital equivalent)

Participants

• Executive Team

Step 1.3

Value-chain prioritization

Activities

• Identify and prioritize value chains for innovation.

Identify top value chains to be transformed

This step will walk you through the following activities:

Identify and prioritize how your organization currently delivers value today and identify value chains to be transformed.

This step involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes of this step

Prioritized Value Chains

Determine what value the organization creates

Identify areas for innovation.

Value streams and value chains connect business goals to the organization’s value realization activities. They enable an organization to create and capture value in the market place by engaging in a set of interconnected activities. Those activities are dependent on the specific industry segment an organization operates within.

Different types of value your organization creates

Value Streams

A value stream refers to the specific set of activities an industry player undertakes to create and capture value for and from the end consumer.

Value Chains

A value chain is a ”string” of processes within a company that interrelate and work together to meet market demand. Examining the value chain of a company will reveal how it achieves competitive advantage.

Visit Info-Tech’s Industry Coverage Research to identify value streams

Begin with understanding your industry’s value streams

Value Streams

Recruitment

• The promotion of the institution and the communication with prospective students is accommodated by the recruitment component.
• Prospective students are categorized as domestic and international, undergraduate and graduate. Each having distinct processes.

Admission

• Admission into the university involves processes distinct from recruitment. Student applications are processed and evaluated and the students are informed of the decision.
• This component is also concerned with transfer students and the approval of transfer credits.

Student Enrolment

• Student enrolment is concerned with matriculation when the student first enters the institution, and subsequent enrolment and scheduling of current students.
• The component is also concerned with financial aid and the ownership of student records.

Instruction & Research

• Instruction involves program development, instructional delivery and assessment, and the accreditation of courses of study.
• The research component begins with establishing policy and degree fundamentals and concerns the research through to publication and impact assessment.

Graduation

• Graduation is not only responsible for the ceremony but also the eligibility of the candidate for an award and the subsequent maintenance of transcripts.

Advancement

• Alumni relations are the first responsibility of advancement. This involves the continual engagement with former students.
• Fundraising is the second responsibility. This includes the solicitation and stewardship of gifts from alumni and other benefactors.

Value stream defined…

Value streams connect business goals to the organization’s value realization activities in the marketplace. Those activities are dependent on the specific industry segment in which an organization operates.

There are two types of value streams: core value streams and support value streams.

• Core value streams are mostly externally facing. They deliver value to either an external or internal customer and they tie to the customer perspective of the strategy map.
• Support value streams are internally facing and provide the foundational support for an organization to operate.

An effective method for ensuring all value streams have been considered is to understand that there can be different end-value receivers.

Leverage your industry’s capability maps to identify value chains

Business Capability Map Defined

A business capability defines what a business does to enable value creation, rather than how. Business capabilities:

• Represent stable business functions.
• Are unique and independent of each other.
• Typically, will have a defined business outcome.

A capability map is a great starting point to identify value chains within an organization as it is a strong indicator of the processes involved to deliver on the value streams.

Info-Tech Insight

Leverage your industry reference architecture to define value streams and value chains.

Visit Info-Tech’s Industry Coverage Research to identify value streams

Prioritize value streams to be supported or enhanced

Use an evaluation criteria that considers both the human and business value generators that these streams provide.

Info-Tech Insight

To produce maximum impact, focus on value streams that provide two-thirds of your enterprise value.

Business Value

Assess the value generators to the business, e.g. revenue dollars, enterprise value, cost or differentiation (competitiveness), etc.

Human Value

Assess the value generators to people, e.g. student/faculty satisfaction, well-being, and social cohesion.

Identify value chains for transformation

Value chains, pioneered by the academic Michael Porter, refer to the ”string” of processes within a company that interrelate and work together to meet market demand. An organization’s value chain is connected to the larger part of the value stream. This perspective of how value is generated encourages leaders to see each activity as a part of a series of steps required deliver value within the value stream and opens avenues to identify new opportunities for value generation.

Prioritize value chains for transformation

Once we have identified the key value chains within each value stream element, evaluate the individual processes within the value chain to identify opportunities for transformation. Evaluate the value chain processes based on the level of pain experienced by a stakeholder to accomplish that task, and the financial impact that level of the process has on the organization.

1.3 Value chain analysis

Objective: Determine how the organization creates value, and prioritize value chains for innovation.

1. The first step of delivering value is defining how it will happen. Use the organization’s industry segment to start a discussion on how value is created for customers. Working back from the moment value is realized by the customer, consider the sequential steps required to deliver value in your industry segment.
2. Define and validate the organization’s value stream. Write a short description of the value stream that includes a statement about the value provided and a clear start and end for the value stream.
3. Prioritize the value streams based on an evaluation criteria that reflects business and human value generators to the organization.
4. Identify value chains that are associated with each value stream. The value chains refer to a string of processes within the value stream element. Each value chain also captures a particular stakeholder that benefits from the value chain.
5. Once we have identified the key value chains within each value stream element, evaluate the individual processes within the value chain and identify areas for transformation. Evaluate the value chain processes based on the level of pain or exposure to risk experienced by a stakeholder to accomplish that task and the financial impact that level of the process has on the organization.

Visit Info-Tech’s Industry Coverage Research to identify value streams and capability maps

Input

• Market Assessment

Output

• Key Incumbents and Disruptors

Materials

• Collaboration/ Brainstorming Tool (whiteboard, flip chart, digital equivalent)

Participants

• Executive Team

Phase 2

Identify a digitally enabled growth opportunity

• Conduct horizon scan
• Identify leapfrog idea
• Conduct value chain impact analysis

This phase will walk you through the following activities:

Assess trends that are impacting your industry and identify strategic growth opportunities.

This phase involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes

Identify new growth opportunities and value chains impacted

Phase 2.1

Horizon scanning

Activities

• Scan the internal and external environment for trends.

Info-Tech Insight

Systematically scan your environment to identify avenues or opportunities to skip one or several stages of technological development and stay ahead of disruption.

Identify a digitally enabled growth opportunity

This step will walk you through the following activities:

Scan the environment for external environment for megatrends, trends, and drivers. Prioritize trends and build a trends radar to keep track of trends within your environment.

This step involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes of this step

Growth opportunity

Horizon scanning

Understand how your industry is evolving.

Horizon scanning is a systematic analysis of detecting early signs of future changes or threats.

Horizon scanning involves scanning, analyzing, and communicating changes in an organization’s environment to prepare for potential threats and opportunities. Much of what we know about the future is based around the interactions and trajectory of macro trends, trends, and drivers. These form the foundations for future intelligence.

Macro Trends

A macro trend captures a large-scale transformative trend that could impact your addressable market.

Trends

A trend captures a business use case of the macro trend. Consider trends in relation to competitors in your industry.

Drivers

A driver is an underlying force causing the trend to occur. There can be multiple causal forces, or drivers, that influence a trend, and multiple trends can be influenced by the same causal force.

Identify signals of change in the present and their potential future impacts.

Identifying macro trends

A macro trend captures a large-scale transformative trend that could change the addressable market. Here are some examples of macro trends to consider when horizon scanning for your own organization:

Talent Availability

• Decentralized workforce
• Hybrid workforce
• Diverse workforce
• Skills gap
• Digital workforce
• Multigenerational workforce

Customer Expectations

• Personalization
• Digital experience
• Data ownership
• Transparency
• Accessibility

Technological Landscape

• AI & robotics
• Virtual world
• Ubiquitous connectivity,
• Genomics
• Materials (smart, nano, bio)

Regulatory System

• Market control
• Economic shifts
• Digital regulation
• Consumer protection
• Global green

Supply Chain Continuity

• Resource scarcity
• Sustainability
• Supply chain digitization
• Circular supply chains
• Agility

Identifying trends and drivers

A trend captures a business use case of a macro trend. Assessing trends can reduce some uncertainties about the future and highlight potential opportunities for your organization. A driver captures the internal or external forces that lead the trend to occur. Understanding and capturing drivers is important to understanding why these trends are occurring and the potential impacts to your value chains.

Leverage industry roundtables and trend reports to understand the art of the possible

Uncover important business and industry trends that can inform possibilities for technology innovation.

Explore trends in areas such as:

• Machine Learning
• Citizen Dev 2.0
• Venture Architecture
• Autonomous Organizations
• Self-Sovereign Cloud
• Digital Sustainability

Market research is critical in identifying factors external to your organization and identifying technology innovation that will provide a competitive edge. It’s important to evaluate the impact each trend or opportunity will have in your organization and market.

Visit Info-Tech’s Trends & Priorities Research Center

Visit Info-Tech’s Industry Coverage Research to identify your industry’s value streams

Images are from Info-Tech’s Rethinking Higher Education Report and 2021 Tech Trends Report

Example horizon scanning activity

Visit Info-Tech’s Industry Coverage Research to identify your industry’s value streams

Prioritize trends

Develop a cross-industry holistic view of trends.

Visualize emerging and prioritize action.

Moving from horizon scanning to action requires an evaluation process to determine which trends can lead to growth opportunities. First, we need to make a short list of trends to analyze. For your digital strategy, consider trends on the time horizon that are under 24 months. Next, we need to evaluate the shortlisted opportunities by a second set of criteria: relevance to your organization and impact on industry.

Timing

The estimated time to disruption this trend will have for your industry. Assess whether the trend will require significant developments to support its entry into the ecosystem.

Relevance

The relevance of the trend to your organization. Does the trend fulfil the vision or goals of the organization?

Impact

The degree of impact the trend will have on your industry. A trend with high impact will drive new business models, products, or services.

Prioritize trends to adopt into your organization

Prioritize trends based on timing, impact, and relevance.

2.1 Scanning the horizon

Objective: Generate trends

60 minutes

• Start by selecting macro trends that are occurring in your environment using the five categories. These are the large-scale transformative trends that impact your addressable market. Macro trends have three key characteristics:
  • They span over a long period of time.
  • They impact all geographic regions.
  • They impact governments, individuals, and organizations.
• Begin to break down these macro trends into trends. Trends should reflect the direction of a macro trend and capture the pattern in events. Consider trends that directly impact your organization.
• Understand the drivers behind these trends. Why are they occurring? What is driving them? Understanding the drivers helps us understand the value they may generate.
• Deprioritize trends that are expected to happen beyond 24 months.
• Prioritize trends that have a high impact and relevance to the organization.
• If you identify more than one trend, discuss with the group which trend you would like to pursue and limit it to one opportunity.

Input

• Macro Trends
• Trends

Output

• Trends Prioritization

Materials

• Digital Strategy Workbook

Participants

• Executive Team

Step 2.2

Leapfrogging ideation

Activities

• Identify leapfrog ideas.
• Identify impact to value chain.

Info-Tech Insight

A systematic approach to leapfrog ideation is one of the most critical ways in which an organization can build the capacity for resilient innovation.

This step will walk you through the following activities:

Evaluate trend opportunities and determine the strategic opportunities they pose. You will also work towards identifying the impact the trend has on your value chain.

This step involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes of this step

• Strategic growth opportunities
• Value chain impact

Leapfrog into the future

Turn trends into growth opportunities.

To thrive in the digital age, organizations must innovate big, leverage internal creativity, and prepare for flexibility.

In this digital era, organizations are often playing catch up to a rapidly evolving technological landscape and following a strict linear approach to innovation. However, this linear catch-up approach does not help companies get ahead of competitors. Instead, organizations must identify avenues to skip one or several stages of technological development to leapfrog ahead of their competitors.

The best way to predict the future is to invent it. – Alan Kay

Leapfrogging takes place when an organization introduces disruptive innovation into the market and sidesteps competitors who are unable to mobilize to respond to the opportunities.

Case Study

Classroom of the Future

Higher Education: Barco’s Virtual Classroom at UCL

University College London (UCL), in the United Kingdom, selected Barco weConnect virtual classroom technology for its continuing professional development medical education offering. UCL uses the platform for synchronous teaching, where remote students can interact with a lecturer.

One of the main advantages of the system is that it enables direct interaction with students through polls, questions, and whiteboarding. The system also allows you to track student engagement in real time.

The system has also been leveraged for scientific research and publications. In their “Delphi” process, key opinion leaders were able to collaborate in an effective way to reach consensus on a subject matter. The processes that normally takes months were successfully completed in 48 hours (McCann, 2020).

Results

The system has been largely successful and has supported remote, real-time teaching, two-way engagement, engagement with international staff, and an overall enriched teaching experience.

Funnel trends into leapfrog ideas

Go from trend insights into ideas.

Brainstorm ways of generating leapfrog ideas from trend insights.

Dealing with trends is one of the most important tasks for innovation. It provides the basis of developing the future orientation of the organization. However, being aware of a trend is one thing, to develop strategies for response is another.

To identify the impact the trend has on the organization, consider the four areas of growth strategies for the organization:

1. New Customers: Leverage the trend to target new customers for existing products or services.
2. New Business Models: Adjust the business model to capture a change in how the organization delivers value.
3. New Markets: Enter or create new markets by applying existing products or services to different problems.
4. New Product or Service Offerings: Introduce new products or services to the existing market.

From trend to leapfrog ideas

2.2 Identify and prioritize opportunities

60 minutes

1. Gather the prioritized trend identified in the horizon scanning exercise (the trend identified to be “adopted” within the organization).
2. Analyze each trend identified and assess whether the trend provides an opportunity for a new customers, new markets, new business models, or new products and services.

Input

• “Adopt” Trends

Output

• Trends to pursue
• Breakdown of strategic opportunities that the trends pose

Materials

• Collaboration/ Brainstorming Tool (whiteboard, flip chart, digital equivalent)

Participants

• Executive Team

Step 2.3

Value chain impact

Activities

• Identify impact to value chain.

This step will walk you through the following activities:

Evaluate trend opportunities and determine the strategic opportunities they pose. Prioritize the opportunities and identify impact to your value chain.

This step involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes of this step

• Strategic growth opportunities

Value chain analysis

Identify implications of strategic growth opportunities to the value chains.

As we identify and prioritize the opportunities available to us, we need to assess their impacts on value chains. Does the opportunity directly impact an existing value chain? Or does it open us to the creation of a new value chain?

The value chain perspective allows an organization to identify how to best minimize or enhance impacts and generate value.
As we move from opportunity to impact, it is important to break down opportunities into the relevant pieces so we can see a holistic picture of the sources of differentiation.

2.3 Value chain impact

Objective: Identify impacts to the value chain from the opportunities identified.
60 minutes

1. Once you have identified the opportunity, turn back to the value stream, and with the working group, identify the value stream impacted most by the opportunity. Leverage the human impact/business impact criteria to support the identification of the value stream to be impacted.
2. Within the value stream, brainstorm what parts of the value chain will be impacted by the new opportunity. Or ask whether this new opportunity provides you with a new value chain to be created.
3. If this opportunity will require a new value chain, identify what set of new processes or steps will be created to support this new entrant.
4. Identify any critical value chains that will be impacted by the new opportunity. What areas of the value chain pose the greatest risk? And where can we estimate the financial revenue will be impacted the most?

Input

• Opportunity

Output

• Value chains impacted

Materials

• Collaboration/ Brainstorming Tool (whiteboard, flip chart, digital equivalent)

Participants

• Executive Team

Phase 3

Transform stakeholder journeys

• Identify stakeholder personas and scenarios
• Conduct journey map
• Identify projects

This phase will walk you through the following activities:

Take the prioritized value chains and create a journey map to capture the end-to-end experience of a stakeholder.

Through a journey mapping exercise, you will identify opportunities to digitize parts of the journey. These opportunities will be broken down into functional initiatives to tackle in your strategy.

This phase involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes

1. Stakeholder persona
2. Stakeholder scenario
3. Stakeholder journey map
4. Opportunities

Step 3.1

Identify stakeholder persona and journey scenario

Activities

• Identify stakeholder persona.
• Identify stakeholder journey scenario.

Transform stakeholder journeys

This step will walk you through the following activities:

In this step, you with identify stakeholder personas and scenarios relating to the prioritized value chains.

This step involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes of this step

• A taxonomy of critical stakeholder journeys.

Identify stakeholder persona and journey scenario

From value chain to journey scenario.

Stakeholder personas and scenarios help us build empathy towards our customers. It helps put us into the shoes of a stakeholder and relate to their experience to solve problems or understand how they experience the steps or processes required to accomplish a goal. A user persona is a valuable basis for stakeholder journey mapping.

A stakeholder scenario describes the situation the journey map addresses. Scenarios can be real (for existing products and services) or anticipated.

A stakeholder persona is a fictitious profile to represent a customer or a user segment. Creating this persona helps us understand who your customers really are and why they are using your service or product.

Learn more about applying design thinking methodologies

Identify stakeholder scenarios to map

For your digital strategy, leverage the existing and opportunity value chains identified in phase 1 and 2 for journey mapping.

Identify two existing value chains to be transformed. In section 1, we identified existing value chains to be transformed. For example, your stakeholder persona is a member of the faculty (engineering), and the scenario is the curricula design process.

Identify one new value chain. In section 2, we identified a new value chain. However, for a new opportunity, the scenario is more complex as it may capture many different areas of a value chain. Subsequently, a journey map for a new opportunity may require mapping all parts of the value chain.

Identify stakeholder persona

Who are you transforming for?

To define a stakeholder scenario, we need to understand who we are mapping for. In each value chain, we identified a stakeholder who gains value from that value chain. We now need to develop a stakeholder persona: a representation of the end user to gain a strong understanding of who they are, what they need, and their pains and gains.

One of the best ways to flesh out your stakeholder persona is to engage with the stakeholders directly or to gather the input of those who may engage with them within the organization.

For example, if we want to define a journey map for a student, we might want to gather the input of students or teaching faculty that have firsthand encounters with different student types and are able to define a common student type.

Info-Tech Insight

Run a survey to understand your end users and develop a stronger picture of who they are and what they are seeking to gain from your organization.

Example Stakeholder Persona

Name: Anne
Age: 35
Occupation: Engineering Faculty
Location: Toronto, Canada

Pains

What are their frustrations, fears, and anxieties?

• Time restraints
• Using new digital tools
• Managing a class while incorporating individual learning
• Varying levels within the same class
• Unmotivated students

What do they need to do?

What do they want to get done? How will they know they are successful?

• Design curricula in a hybrid mode without loss of quality of experience of in-classroom learning.

Gains

What are their wants, needs, hopes, and dreams?

• Interactive content for students
• Curriculum alignment
• Ability to run a classroom lab (in hybrid format)
• Self-paced and self-directed learning opportunities for students

(Adapted from Osterwalder, et al., 2014)

Define a journey statement for mapping

Now that we understand who we are mapping for, we need to define a journey statement to capture the stakeholder journey.
Leverage the following format to define the journey statement.
As a [stakeholder], I need to [prioritized value chain task], so that I can [desired result or overall goal].

3.1 Identify stakeholder persona and journey scenario

Objective: Identify stakeholder persona and journey scenario statement for journey mapping exercise.

1. Start by identifying who your stakeholder is. Give your stakeholder a demographic profile – capture a typical stakeholder for this value chain.
2. Identify what the gains and pains are during this value chain and what the stakeholder is seeking to accomplish.
3. Looking at the value chain, create a statement that captures the goals and needs of the stakeholder. Use the following format to create a statement:
   As a [stakeholder], I need to [prioritized value chain task], so that I can [desired result or overall goal].

Input

• Prioritized Value Chains (existing and opportunity)

Output

• Stakeholder Persona
• Stakeholder Journey Statement

Materials

• Collaboration/ Brainstorming Tool (whiteboard, flip chart, digital equivalent)
• Stakeholder Persona Canvas

Participants

• Executive Team
• Stakeholders (if possible)
• Individual who works directly with stakeholders

Step 3.2

Map stakeholder journeys

Activities

• Map stakeholder journeys.

Transform stakeholder journeys

This step will walk you through the following activities:

Prioritize the journeys by focusing on what matters most to the stakeholders and estimating the organizational effort to improve those experiences.

This step involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes of this step

• Candidate journeys identified for redesign or build.

Leverage customer journey mapping to capture value chains to be transformed

Conduct a journey mapping exercise to identify opportunities for innovation or automation.

A journey-based approach helps an organization understand how a stakeholder moves through a process and interacts with the organization in the form of touch points, channels, and supporting characters. By identifying pain points in the journey and the activity types, we can identify opportunities for innovation and automation along the journey.

Embrace design thinking methodologies to elevate the stakeholder journey and to build a competitive advantage for your organization.

Internal vs. external stakeholder perspective

In journey mapping, we always start with the stakeholder's perspective, then eventually transition into what the organization does business-wise to deliver value to each stakeholder. It is important to keep in mind both perspectives while conducting a journey mapping exercise as there are often different roles, processes, and technologies associated with each of the journey steps.

Stakeholder Journey
(External Perspective)

• Awareness
• Consideration
• Selecting
• Negotiating
• Approving

Business Processes
(Internal Perspective)

• Preparation
• Prospecting
• Presentation
• Closing
• Follow-Up

Info-Tech Insight

Take the perspective of an end user, who interacts with your products and services, as it is different from the view of those inside the organization, who implement and provide those services.

Build a stakeholder journey map

A stakeholder journey map is a tool used to illustrate the user’s perceptions, emotions, and needs as they move through a process and interact with the organization in the form of touch points, channels, and supporting characters.

Stakeholder Journey Map: Journey Activity

The journey activity refers to the steps taken to accomplish a goal.

The journey activity comprises the steps or sequence of tasks the stakeholder takes to accomplish their goal. These steps reflect the high-level process your candidates perform to complete a task or solve a problem.

Stakeholder Journey Map: Touch Points

Touch points are the points of interaction between a stakeholder and the organization.

A touch point refers to any time a stakeholder interacts with your organization or brand. Consider three main points of interaction with the customer in the journey:

• Before: How did they find out about you? How did they first contact you to start this journey? What channels or mediums were used?
  • Social media
  • Rating & reviews
  • Word of mouth
  • Advertising
• During: How was the sale or service accomplished?
  • Website
  • Catalog
  • Promotions
  • Point of sale
  • Phone system
• After: What happened after the sale or service?
  • Billing
  • Transactional emails
  • Marketing emails
  • Follow-ups
  • Thank-you emails

Stakeholder Journey Map: Nature of Activity

The nature of activity refers to the type of task the journey activity captures.

We categorize the activity type to identify opportunities for automation. There are four main types of task types, which in combination (as seen in the table below) capture a task or job to be automated.

Info-Tech Insight

Where automation makes sense, routine manual activities should be transformed first, followed by routine cognitive activities. Non-routine cognitive activities are the final frontier.

Stakeholder Journey Map: Metrics

Metrics are a quantifiable measurement of a process, activity, or initiative.

Metrics are crucial to justify expenses and to estimate growth for capacity planning and resourcing. There are multiple benefits to identifying and implementing metrics in a journey map:

• Metrics provide accurate indicators for accurate IT and business decisions.
• Metrics help you identify stakeholder touch point efficiencies and problems and solve issues before they become more serious.
• Active metrics tracking makes root cause analysis of issues much easier.

Example of journey mapping metrics: Cost, effort, turnaround time, throughput, net promoter score (NPS), satisfaction score

Stakeholder Journey Map: Key Moments & Pain Points

Key moments and pain points refer to the emotional status of a stakeholder at each stake of the customer journey.

The key moments are defining pieces or periods in a stakeholder's experience that create a critical turning point or memory.

The pain points are the critical problems that the stakeholder is facing during the journey or business continuity risks. Prioritize identifying pain points around key moments.

Info-Tech Insight

To identify key moments, look for moments that can dramatically influence the quality of the journey or end the journey prematurely. To improve the experience, analyze the hidden needs and how they are or aren’t being met.

Stakeholder Journey Map: Opportunities

An opportunity is an investment into people, process, or technology for the purposes of building or improving a business capability and accomplishing a specific organizational objective.

An opportunity refers to the initiatives or projects that should address a stakeholder pain. Opportunities should also produce a demonstrable financial impact – whether direct (e.g. cost reduction) or indirect (e.g. risk mitigation) – and be evaluated based on how technically difficult it will be to implement.

Customer

Create new or different experiences for customers

Workforce

Generate new organizational skills or new ways of working

Operations

Improve responsiveness and resilience of operations

Innovation

Develop different products or services

Example of stakeholder journey output: Higher Education

Stakeholder: A faculty member
Journey: As an engineering faculty member, I want to design my curricula in a hybrid mode of delivery so that I can simulate in-classroom experiences

3.2 Stakeholder journey mapping

Objective: Conduct journey mapping exercise for existing value chains and for opportunities.

1. Gather the working group and, with the journey mapping workbook, begin to map out the journey scenario statements identified in the value chain analysis. In total, there should be three journey maps:
   • Two for the existing value chains. Map out the specific point in the value chain that is to be transformed.
   • One for the opportunity value chain. Map out all parts of the value chain to be impacted by the new opportunity.
2. Start with the journey activity and map out the steps involved to accomplish the goal of the stakeholder.
3. Identify the touch points involved in the value chain.
4. Categorize the nature of the activity in the journey activity.
5. Identify metrics for the journey. How can we measure the success of the journey?
6. Identify pain points and opportunities in parallel with one another.

Input

• Value Chain Analysis
• Stakeholder Personas
• Journey Mapping Scenario

Output

• Journey Map

Materials

• Digital Strategy Workbook, Stakeholder Journey tab

Participants

• Executives
• Individuals in the organization that have a direct interaction with the stakeholders

Info-Tech Insight

Aim to build out 90% of the stakeholder journey map with the working team; validate the last 10% with the stakeholder themselves.

Step 3.3

Prioritize opportunities

Activities

• Prioritize opportunities.

Transform stakeholder journeys

This step will walk you through the following activities:

Prioritize the opportunities that arose from the stakeholder journey mapping exercise.

This step involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes of this step

Prioritized opportunities

Prioritization of opportunities

Leverage design-thinking methods to prioritize opportunities.

As there may be many opportunities arising from the journey map, we need to prioritize ideas to identify which ones we can tackle first – or at all. Leverage IDEO’s design-thinking “three lenses of innovation” to support prioritization:

• Feasibility: Do you currently have the capabilities to deliver on this opportunity? Do we have the right partners, resources, or technology?
• Desirability: Is this a solution the stakeholder needs? Does it solve a known pain point?
• Viability: Does this initiative have an impact on the financial revenue of the organization? Is it a profitable solution that will support the business model? Will this opportunity require a complex cost structure?

3.3 Prioritization of opportunities

Objective: Prioritize opportunities for creating a roadmap.

1. Gather the opportunities identified in the journey mapping exercise
2. Assess the opportunities based on IDEO’s three lenses of innovation:
   • Feasibility: Do you currently have the capabilities to deliver on this opportunity? Do we have the right partners, resources, or technology?
   • Viability: Does this initiative have an impact on the financial revenue of the organization? Is it a profitable solution that will support the business model? Will this opportunity require a complex cost structure?
   • Desirability: Is this a solution the stakeholder needs? Does it solve a known pain point?
3. Opportunities that score high in all three areas are prioritized for the roadmap.

Input

• Opportunities From Journey Map

Output

• Prioritized Opportunities

Materials

• Digital Strategy Workbook

Participants

• Executives

Step 3.4

Define digital goals

Activities

Transform stakeholder journeys

This step will walk you through the following activities:

Define a digital goal as it relates to the prioritized opportunities and the stakeholder journey map.

This step involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes of this step

Digital goals

Define digital goals

What digital goals can be derived from the stakeholder journey?

With the prioritized set of opportunities for each stakeholder journey, take a step back and assess what the sum of these opportunities mean for the journey. What is the overall goal or objective of these opportunities? How do these opportunities change or facilitate the journey experience? From here, identify a single goal statement for each stakeholder journey.

3.4 Define digital goals

Objective: Identify digital goals derived from the journey statements.

1. With the prioritized set of opportunities for each stakeholder journey (the two existing journeys and one opportunity journey) take a step back and assess what the sum of these opportunities means for each journey.
   • What is the overall goal or objective of these opportunities?
   • How do these opportunities change or facilitate the journey experience?
2. From here, identify a single goal for each stakeholder journey.

Input

• Opportunities From Journey Map
• Stakeholder Persona

Output

• Digital Goals

Materials

• Prioritization Matrix

Participants

• Executives

Step 3.5

Breakdown opportunities into series of initiatives

Activities

• Identify initiatives from the opportunities.

Transform stakeholder journeys

This step will walk you through the following activities:

Identify people, process, and technology initiatives for the opportunities identified.

This step involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes of this step

• People, process, and technology initiatives

Break down opportunities into a series of initiatives

Brainstorm initiatives for each high-priority opportunity using the framework below. Describe each initiative as a plan or action to take to solve the problem.

Opportunity → Initiatives:

People: What initiatives are required to manage people, data, and other organizational factors that are impacted by this opportunity?

Process: What processes must be created, changed, or removed based on the data?

Technology: What systems are required to support this opportunity?

Break down opportunities into a series of initiatives

Info-Tech Insight

Ruthlessly evaluate if a initiative should stand alone or if it can be rolled up with another. Fewer initiatives or opportunities increases focus and alignment, allowing for better communication.

3.5 Break down opportunities into initiatives

Objective: Break down opportunities into people, process, and technology initiatives.

1. Split into groups and identify initiatives required to deliver on each opportunity. Document each initiative on sticky notes.
2. Have each team answer the following questions to identify initiatives for the prioritized opportunities:
   • People: What initiatives are required to manage people, data, and other organizational factors that are impacted by this opportunity?
   • Process: What processes must be created, changed, or removed based on the data?
   • Technology: What systems are required to support this opportunity?
3. Document findings in the Digital Strategy Workbook.

Input

• Opportunities

Output

• Opportunity initiatives categorized by people, process and technology

Materials

• Digital Strategy Workbook

Participants

• Executive team

Phase 4

Build a digital transformation roadmap

• Detail initiatives
• Build a unified roadmap roadmap

This phase will walk you through the following activities:

Build a digital transformation roadmap that captures people, process, and technology initiatives.

This phase involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes

• Digital transformation roadmap

Step 4.1

Detail initiatives

Activities

• Detail initiatives.

Build a digital transformation roadmap

This step will walk you through the following activities:

Detail initiatives for each priority initiative on your horizon.

This step involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes of this step

• A roadmap for your digital business strategy.

Create initiative profiles for each high-priority initiative on your strategy

Step 4.2

Build a roadmap

Activities

• Create a roadmap of initiatives.

Build a digital transformation roadmap

Info-Tech Insight

A roadmap that balances growth opportunities with business resilience will transform your organization for long-term success in the digital economy.

This step will walk you through the following activities:

Identify timing of initiatives and build a Gantt chart roadmap.

This step involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes of this step

• A roadmap for your digital transformation and the journey canvases for each of the prioritized journeys.

Build a roadmap to visualize your key initiative plan

Visual representations of data are more compelling than text alone.

Develop a high-level document that travels with the initiative from inception through executive inquiry, project management, and finally execution.

A initiative needs to be discrete: able to be conceptualized and discussed as an independent item. Each initiative must have three characteristics:

• Specific outcome: Describe an explicit change in the people, processes, or technology of the enterprise.
• Target end date: When the described outcome will be in effect.
• Owner: Who on the IT team is responsible for executing on the initiative.

4.2 Build your roadmap (30 minutes)

1. For the Gantt chart:
   • Input the Roadmap Start Year date.
   • Change the months and year in the Gantt chart to reflect the same roadmap start year.
   • Populate the planned start and planned end date for the pre-populated list of high-priority initiatives in each category (people, process, and technology).

Input

• Initiatives
• Initiative start & end dates
• Initiative category

Output

• Digital strategy roadmap visual

Materials

• Digital Strategy Workbook

Participants

• Senior Executive

Learn more about project portfolio management strategy

Step 4.3

Create a refresh strategy

Activities

• Refresh your strategy.

Build a digital transformation roadmap

Info-Tech Insight

A digital strategy is a design process, it must be revisited to pressure test and account for changes in the external environment.

This step will walk you through the following activities:

Detail a refresh strategy.

This step involves the following participants:

A cross-functional cohort across levels in the organization.

Outcomes of this step

• Refresh strategy

Create a refresh strategy

It is important to dedicate time to your strategy throughout the year. Create a refresh plan to assess for the changing business context and its impact on the digital business strategy. Make sure the regular planning cycle is not the primary trigger for strategy review. Put a process in place to review the strategy and make your organization proactive. Start by examining the changes to the business context and how the effect would trickle downwards. It’s typical for organizations to build a refresh strategy around budget season and hold planning and touch points to accommodate budget approval time.
Example:

4.3 Create a refresh strategy (30 minutes)

1. Work with the digital strategy creation team to identify the time frequencies the organization should consider to refresh the digital business strategy. Time frequencies can also be events that trigger a review (i.e. changing business goals). Record the different time frequencies in the Refresh of the Digital Business Strategy slide of the section.
2. Discuss with the team the different audience members for each time frequency and the scope of the refresh. The scope represents what areas of the digital business strategy need to be re-examined and possibly changed.

Example:

Input

• Digital Business Strategy

Output

• Refresh Strategy

Materials

• Digital Business Strategy Presentation Template
• Collaboration/ Brainstorming Tool (whiteboard, flip chart, digital equivalent)

Participants

• Executive Leaders

Related Info-Tech Research

Design a Customer-Centric Digital Operating Model

Establish a new way of working to deliver value on your digital transformation initiatives.

Develop a Project Portfolio Management Strategy

Drive project throughput by throttling resource capacity.

Adopt Design Thinking in Your Organization

Innovation needs design thinking.

Digital Maturity Improvement Service

Prepare your organization for digital transformation – or risk falling behind.

Research Contributors and Experts

Kenneth McGee

Research Fellow
Info-Tech Research Group

Kenneth McGee is a Research Fellow within the CIO practice at Info-Tech Research Group and is focused on IT business and financial management issues, including IT Strategy, IT Budgets and Cost Management, Mergers & Acquisitions (M&A), and Digital Transformation. He also has extensive experience developing radical IT cost reduction and return-to-growth initiatives during and following financial recessions.

Ken works with CIOs and IT leaders to help establish twenty-first-century IT organizational charters, structures, and responsibilities. Activities include IT organizational design, IT budget creation, chargeback, IT strategy formulation, and determining the business value derived from IT solutions. Ken’s research has specialized in conducting interviews with CEOs of some of the world’s largest corporations. He has also interviewed a US Cabinet member and IT executives at the White

House. He has been a frequent keynote speaker at industry conventions, client sales kick-off meetings, and IT offsite planning sessions.

Jack Hakimian

Vice President
Info-Tech Research Group

Jack has more than 25 years of technology and management consulting experience. He has served multi-billion dollar organizations in multiple industries including Financial Services and Telecommunications. Jack also served a number of large public sector institutions.

Prior to joining the Info-Tech Research Group, he worked for leading consulting players such as Accenture, Deloitte, EY, and IBM.

Jack led digital business strategy engagements as well as corporate strategy and M&A advisory services for clients across North America, Europe, the Middle East, and Africa. He is a seasoned technology consultant who has developed IT strategies and technology roadmaps, led large business transformations, established data governance programs, and managed the deployment of mission-critical CRM and ERP applications.

He is a frequent speaker and panelist at technology and innovation conferences and events and holds a Master’s degree in Computer Engineering as well as an MBA from the ESCP-EAP European School of Management.

Bibliography

Abrams, Karin von. “Global Ecommerce Forecast 2021.” eMarketer, Insider Intelligence, 7 July 2021. Web.

Christenson, Clayton. The Innovator's Dilemma: When New Technologies Cause Great Firms to Fail. Harvard Business School, 1997. Book.

Drucker, Peter F., and Joseph A. Maciariello. Innovation and Entrepreneurship. Routledge, 2015.

Eagar, Rick, David Boulton, and Camille Demyttenaere. “The Trends in Megatrends.” Arthur D Little, Prism, no. 2, 2014. Web.

Enright, Sara, and Allison Taylor. “The Future of Stakeholder Engagement.” The Business of a Better World, October 2016. Web.

Hatem, Louise, Daniel Ker, and John Mitchell. “A roadmap toward a common framework for measuring the digital economy.” Report for the G20 Digital Economy Task Force, OECD, 2020. Web.

Kemp, Simon. “Digital 2021 April Statshot Report.” DataReportal, Global Digital Insights, 21 Apr. 2021. Web.

Larson, Chris. “Disruptive Innovation Theory: 4 Key Concepts.” Business Insights, Harvard Business School, HBS Online, 15 Nov. 2016. Web.

McCann, Leah. “Barco's Virtual Classroom at UCL: A Case Study for the Future of All University Classrooms?” rAVe, 2 July 2020. Web.

Mochari, Ilan. “The Startup Buzzword Almost Everyone Uses Incorrectly.” Inc., 19 Nov. 2015. Web.

Osterwalder, Alexander, et al. Value Proposition Design. Wiley, 2014.

Reed, Laura. “Artificial Intelligence: Is Your Job at Risk?” Science Node, 9 August 2017.

Rodeck, David. “Alphabet Soup: Understanding the Shape of a Covid-19 Recession.” Forbes, 8 June 2020. Web.

Tapscott, Don. Wikinomics. Atlantic Books, 2014.

Taylor, Paul. “Don't Be A Dodo: Adapt to the Digital Economy.” Forbes, 27 Aug. 2015. Web.

The Business Research Company. "Wholesale Global Market Report 2021: COVID-19 Impact and Recovery to 2030." Research and Markets, January 2021. Press Release.

“Topic 1: Megatrends and Trends.” BeFore, 11 October 2018.

“Updated Digital Economy Estimates – June 2021.” Bureau of Economic Analysis, June 2021. Web.

Williamson, J. N. The Leader Manager. John Wiley & Sons, 1984.

Get Started With FinOps

FinOps goes beyond identifying cloud savings. It empowers every cloud user to maximize the value of their spend.

Executive Brief

Analyst Perspective

The first step of FinOps is collectively realizing that maximizing value is every cloud user's responsibility.

Natalie Sansone, PhD Research Director, Infrastructure & Operations Info-Tech Research Group

As cloud adoption increases, and with it the complexity of cloud environments, managing and optimizing cloud spend has become both a top challenge and priority for IT organizations. In response, the practice of FinOps has emerged to help organizations maximize the value they get from the cloud. As its popularity surges, organizations are told they must do FinOps, but many feel their practice is not yet mature. One of their biggest obstacles is empowering engineers and other cloud users to work toward this shared goal with other teams. To grow and mature your FinOps practice, your first challenge is breaking down silos, encouraging collaboration across varying business units, and getting all cloud users to be accountable for their cloud usage and spend and to understand the shared goals of FinOps. Beyond finding ways to reduce cloud costs, FinOps is a cultural shift that enables better collaboration between distributed teams. It allows them to leverage data to identify opportunities to maximize business value from cloud investments. Whether you’re starting the FinOps journey or looking to mature your practice, this blueprint will help you organize by defining the required role and tasks. Then you can work through a collective exercise to ensure everyone understands who is involved and responsible for each activity. You’ll gain the information you need and be better positioned to continuously improve and mature your processes, but success begins with everyone understanding that FinOps is a shared responsibility.

Executive Summary

Info-Tech Insight

FinOps is not just about driving cloud savings. It’s a cultural shift empowering every cloud user to maximize the value of their spend. The first step of FinOps is therefore to help everyone understand their share of responsibility.

What is FinOps?

Definition

“FinOps is an evolving cloud financial management discipline and cultural practice that enables organizations to get maximum business value by helping engineering, finance, technology, and business teams to collaborate on data-driven spending decisions.”

Definition Updated: November 2021 by the FinOps Foundation Technical Advisory Council

The ultimate purpose of FinOps is to bring business value to your organization by reducing cloud waste.

• FinOps is the people, processes, and tools you use to eliminate waste and ensure you get the most value from your cloud spend.
• FinOps is the framework within which teams can operate to ensure they are optimizing their use of cloud resources.
• FinOps brings financial accountability to cloud spend.
• FinOps is a culture practice where everyone collaborates and takes ownership for their cloud usage while being supported and governed by a central group. It breaks down silos so teams that haven’t worked closely together in the past collaborate toward shared goals.
• It brings financial accountability and cultural change to cloud spend by enabling distributed teams to better collaborate and leverage data to decide where/when to invest in cloud for maximum business value.
• FinOps is not done by an individual or just one team. It’s a change in the way that many disparate teams work together, from engineering to finance to business teams.

Common misconceptions about FinOps

1 “What is FinOps?” FinOps Foundation, 2023

FinOps’ popularity has exploded in recent years

2012 - The practice of FinOps begins to emerge through early scalers in public cloud like Adobe and Intuit

2017 - Many IT departments begin to use the cloud for limited use cases, but very few enterprises are all in the cloud

2019 - Many companies begin moving to a cloud-first strategy, shifting IT spend from capital to operational expenditure (CapEx to OpEx), complicating cloud bills

February 2019 - The FinOps Foundation is born out of Cloudability’s Customer Advisory Board meeting where many cloud practitioners discuss the need for a community of practitioners

June 2020 - The FinOps Foundation merges with Linux Foundation and sets the standard for cloud financial management

Sources: Carr, 2022; Linux Foundation, 2023, Storment & Fuller, 2023.

Where did the term come from?

The term FinOps has risen in popularity over the last few years. Originally, organizations used the term cloud cost management, then cloud cost optimization, then more broadly, cloud financial management. The latter has now been largely replaced by FinOps.

Why is FinOps so essential? (1/2)

The shift from fixed to variable spend has changed the way organizations must manage and report on costs.

In the traditional data center era:

• The enterprise procured infrastructure through large capital refreshes of data center hardware.
• Infrastructure teams tried their best to avoid running out of storage before the next hardware refresh. Equipment was intentionally oversized to accommodate unexpected growth.
• IT teams would not worry about how much infrastructure resources they consumed, provided they stayed within planned capacity limits. If capacity ran low, resource usage would be adjusted.
• The business might not like laying out large capital expenditures, but it had full visibility into the cost and got to approve spending in advance using financial controls.
• Monthly costs were well-understood and monthly or infrequent reporting was acceptable because day-to-day costs did not vary.
• Mature organizations might chargeback or showback costs to application teams based on number of virtual machines or other measures, but traditional on-premises chargeback wouldn't save money overall.

Why is FinOps so essential? (2/2)

The shift from fixed to variable spend has changed the way organizations must manage and report on costs.

In the cloud era:

• Infrastructure resources must no longer be provisioned in advance through spending capital budgets.
• Capacity management isn’t a major concern. Spare capacity is always available, and savings can result from not paying for unnecessary capacity.
• Cloud services often offer pay-as-you-go pricing models, allowing more control and flexibility to pay only for the resources you consume.
• When services use more resources than they need, running costs increase. Cost reductions are realized through reducing the size of allocated resources.
• The variable consumption model can reduce operating costs but can make budgeting and forecasting difficult. IT and the business can no longer predict what they will pay for infrastructure resources.
• Billing is no longer straightforward and monthly. Resources are individually charged in micro amounts. Costs must be regularly reviewed as unexpected or forgotten resource usage can add up significantly.

Managing cloud spend remains a challenge for many organizations

Given the variable nature of cloud costs and complex pricing structures, it can be easy to overspend without mature FinOps processes in place. Indeed, 82% of organizations cite managing cloud spend as one of their top challenges.

Respondents reported that public cloud spend was over budget by an average of 18%, up from 13% the previous year.

Source: Flexera 2023 State of the Cloud Report, n=750

While FinOps adoption has rapidly increased, maturity has not

Most organizations understand the value of FinOps but are not mature in their practice.

NetApp’s 2023 State of CloudOps Report found that:

96% say FinOps is important to their cloud strategy

9% have a mature FinOps practice

92% report that they struggle with FinOps

Source: NetApp, 2023 State of CloudOps Report, n=310 IT decision makers in the United States responsible for public cloud infrastructure investments.

Flexera’s 2023 State of the Cloud report found that 72% of organizations have a dedicated FinOps team.

Flexera’s annual report also found that year over year, cloud cost responsibilities are increasingly shifting away from Finance/Accounting and Vendor Management teams and over to FinOps teams as they emerge and mature.

Source: Flexera, 2023 State of the Cloud Report, n=750 decision-makers and users around the world

Enterprise Network Design Considerations

It is not just about connectivity.

Executive Summary

Info-Tech Insight

Connectivity and security are tightly coupled

Security, risk, and trust models play into how networks are designed and deployed. If these models are not considered during network design, band-aids and workarounds will be deployed to achieve the needed goals, potentially bypassing network controls.

Many services are no longer within the network

The cloud “gold rush” has made it attractive for many enterprises to migrate services off the traditional network and into the cloud. These services are now outside of the traditional network and associated controls. This shifts the split of east-west vs. north-south traffic patterns, as well as extending the network to encompass services outside of enterprise IT’s locus of control.

Users are demanding an anywhere, any device access model

Where users access enterprise data or services and from which devices dictate the connectivity needed. With the increasing shift of work that the business is completing remotely, not all devices and data paths will be under the control of IT. This shift does not allow IT to abdicate from the responsibility to provide a secure network.

Enterprise networks are changing

The new network reality

The enterprise network of 2020 and beyond is changing:

• Services are becoming more distributed.
• The number of services provided “off network” is growing.
• Users are more often remote.
• Security threats are rapidly escalating.

The above statements are all accurate for enterprise networks, though each potentially to differing levels depending on the business being supported by the network. Depending on how affected the network in question currently is and will be in the near future, there are different common network archetypes that are best able to address these concerns while delivering business value at an appropriate price point.

High-Level Design Considerations

1. Understand Business Needs

Understand what the business needs are and where users and resources are located.

2. Define Your Trust Model

Trust is a spectrum and tied tightly to security.

3. Align With an Archetype

How will the network be deployed?

4. Understand Available Tooling

What tools are in the market to help achieve design principles?

Understand business needs

Mission

Never ignore the basics. Start with revisiting the mission and vision of the business to address relevant needs.

Users

Identify where users will be accessing services from. Remote vs. “on net” is a design consideration now more than ever.

Resources

Identify required resources and their locations, on net vs. cloud.

Controls

Identify required controls in order to define control points and solutions.

Define a trust model

Trust is a spectrum

• There is a spectrum of trust, from fully trusted to not trusted at all. Each organization must decide for their network (or each area thereof) the appropriate level of trust to assign.
• The ease of network design and deployment is directly proportional to the trust spectrum.
• When resources and users are outside of direct IT control, the level of appropriate trust should be examined closely.

Implicit

Trust everything within the network. Security is perimeter based and designed to stop external actors from entering the large trusted zone.

Controlled

Multiple zones of trust within the network. Segmentation is a standard practice to separate areas of higher and lower trust.

Zero

Verify trust. The network is set up to recognize and support the principle of least privilege where only required access is supported.

Align with an archetype

Archetypes are a good guide

• Using a defined archetype as a guiding principle in network design can help clarify appropriate tools or network structures.
• Different aspects of a network can have different archetypes where appropriate (e.g. IT vs. OT [operational technology] networks).

Traditional

Services are provided from within the traditional network boundaries and security is provided at the network edge.

Hybrid

Services are provided both externally and from within the traditional network boundaries, and security is primarily at the network edge.

Inverted

Services are provided primarily externally, and security is cloud centric.

Traditional networks

Resources within network boundaries

Moat and castle security perimeter

Abstract

A traditional network is one in which there are clear boundaries defined by a security perimeter. Trust can be applied within the network boundaries as appropriate, and traffic is generally routed through internally deployed control points that may be centralized. Traditional networks commonly include large firewalls and other “big iron” security and control devices.

Network Design Tenets

• The full network path from resource to user is designed, deployed, and controlled by IT.
• Users external to the network must first connect to the network to gain access to resources.
• Security, risk, and trust controls will be implemented by internal enterprise hardware/software devices.

Control

In the traditional network, it is assumed that all required control points can be adequately deployed across hardware/software that is “on prem” and under the control of central IT.

Info-Tech Insight

With increased cloud services provided to end users, this network is now more commonly used in data centers or OT networks.

Traditional networks

Defining Characteristics

• Traffic flows in a defined path under the control of IT to and from central IT resources.
• Due to visibility into, and the control of, the traffic between the end user and resources, IT can relatively simply implement the required security controls on owned hardware.

Common Components

• Traditional offices
• Remote users/road warriors
• Private data center/colocation space

Hybrid networks

Resources internal and external to network

Network security perimeter combined with cloud protection

Abstract

A hybrid network is one that combines elements of a traditional network with cloud resources. As some of these resources are not fully under the control of IT and may be completely “offnet” or loosely coupled to the on-premises network, the security boundaries and control points are less likely to be centralized. Hybrid networks allow the flexibility and speed of cloud deployment without leaving behind traditional network constructs. This generally makes them expensive to secure and maintain.

Network Design Tenets

• The network path from resource to user may not be in IT’s locus of control.
• Users external to the network must first connect to the network to gain access to internal resources but may directly access publicly hosted ones.
• Security, risk, and trust controls may potentially be implemented by a mixture of internal enterprise hardware/software devices and external control points.

Control

The hallmark of a hybrid network is the blending of public and private resources. This blending tends to necessitate both public and private points of control that may not be homogenous.

Info-Tech Insight

With multiple control points to address, take care in simplifying designs while addressing all concerns to ease operational load.

Hybrid networks

Defining Characteristics

• Traffic flows to central resources across a defined path under the control of IT.
• Traffic to cloud assets may be partially under the control of IT.
• For central resources, the traffic to and from the end user can have the required security controls relatively simply implemented on owned hardware.
• For public cloud assets, IT may or may not have some control over part of the path.

Common Components

• Traditional offices
• Remote users/road warriors
• Private data center/colocation space
• Public cloud assets (IaaS/PaaS/SaaS)

Inverted perimeter

Resources primarily external to the network

Security control points are cloud centric

Abstract

An inverted perimeter network is one in which security and control points cover the entire workflow, on or off net, from the consumer of services through to the services themselves with zero trust. Since the control plane is designed to encompass the workflow in a secure manner, much of the underlying connectivity can be abstracted. In an extreme version of this deployment, IT would abstract end-user access, and any cloud-based or on-premises resources would be securely published through the control plane with context-aware precision access.

Network Design Tenets

• The network path from resource to user is abstracted and controlled by IT through services like secure access service edge (SASE).
• Users only need internet access and appropriate credentials to gain access to resources.
• Security, risk, and trust controls will be implemented through external cloud based services.

Control

An inverted network abstracts the lower-layer connectivity away and focuses on implementing a cloud-based zero trust control plane.

Info-Tech Insight

This model is extremely attractive for organizations that consume primarily cloud services and have a large remote work force.

Inverted networks

Defining Characteristics

• The end user does not have to be in a defined location.
• All central resources that are to be accessed are hosted on cloud resources.
• IT has little to no control of the path between the end user and central resources.

Common Components

• Traditional offices
• Regent offices/shared workspaces
• Remote users/road warriors
• Public cloud assets (IaaS/PaaS/SaaS)

Understand available tooling

Don’t buy a hammer and go looking for nails

• A network archetype must be defined in order to understand what tools (hardware or software) are appropriate for consideration in a network build or refresh.
• Tools are purpose built and generally designed to solve specific problems if implemented and operated correctly. Choose the tools to align with the challenges that you are solving as opposed to choosing tools and then trying to use those purchases to overcome challenges.
• The purchase of a tool does not allow for abdication of proper design. Tools must be chosen appropriately and integrated properly to orchestrate the best solutions. Purchasing a tool and expecting the tool to solve all your issues rarely succeeds.

“It is essential to have good tools, but it is also essential that the tools should be used in the right way.” — Wallace D. Wattles

Software-defined WAN (SD-WAN)

Simplified branch office connectivity

Archetype Value: Traditional Networks

What It Is Not

SD-WAN is generally not a way to slash spending by lowering WAN circuit costs. Though it is traditionally deployed across lower cost access, to minimize risk and realize the most benefits from the platform many organizations install multiple circuits with greater bandwidths at each endpoint when replacing the more costly traditional circuits. Though this maximizes the value of the technology investment, it will result in the end cost being similar to the traditional cost plus or minus a small percentage.

What It Is

SD-WAN is a subset of software-defined networking (SDN) designed specifically to deploy a secure, centrally managed, connectivity agnostic, overlay network connecting multiple office locations. This technology can be used to replace, work in concert with, or augment more traditional costly connectivity such as MPLS or private point to point (PtP) circuits. In addition to the secure overlay, SD-WAN usually also enables policy-based, intelligent controls, based on traffic and circuit intelligence.

Why Use It

You have multiple endpoint locations connected by expensive lower bandwidth traditional circuits. Your target is to increase visibility and control while controlling costs if and where possible. Ease of centralized management and the ability to more rapidly turn up new locations are attractive.

Cloud access security broker (CASB)

Inline policy enforcement placed between users and cloud services

Archetype Value: Hybrid Networks

What It Is Not

CASBs do not provide network protection; they are designed to provide compliance and enforcement of rules. Though CASBs are designed to give visibility and control into cloud traffic, they have limits to the data that they generally ingest and utilize. A CASB does not gather or report on cloud usage details, licencing information, financial costing, or whether the cloud resource usage is aligned with the deployment purpose.

What It Is

A CASB is designed to establish security controls beyond a company’s environment. It is commonly deployed to augment traditional solutions to extend visibility and control into the cloud. To protect assets in the cloud, CASBs are designed to provide central policy control and apply services primarily in the areas of visibility, data security, threat protection, and compliance.

Why Use It

You a mixture of on-premises and cloud assets. In moving assets out to the cloud, you have lost the traditional controls that were implemented in the data center. You now need to have visibility and apply controls to the usage of these cloud assets.

Secure access service edge (SASE)

Convergence of security and service access in the cloud

Archetype Value: Inverted Networks

What It Is Not

Though the service will consist of many service offerings, SASE is not multiple services strung together. To present the value proposed by this platform, all functionality proposed must be provided by a single platform under a “single pane of glass.” SASE is not a mature and well-established service. The market is still solidifying, and the full-service definition remains somewhat fluid.

What It Is

SASE exists at the intersection of network-as-a-service and network-security-as-a-service. It is a superset of many network and security cloud offerings such as CASB, secure web gateway, SD-WAN, and WAN optimization. Any services offered by a SASE provider will be cloud hosted, presented in a single stack, and controlled through a single pane of glass.

Why Use It

Your network is inverting, and services are provided primarily as cloud assets. In a full realization of this deployment’s value, you would abstract how and where users gain initial network access yet remain in control of the communications and data flow.

Activity

Understand your enterprise network options

Activity: Network assessment in an hour

• Learn about the Enterprise Network Roadmap Technology Assessment Tool
• Complete the Enterprise Network Roadmap Technology Assessment Tool

This activity involves the following participants:

• IT strategic direction decision makers.
• IT managers responsible for network.
• Organizations evaluating platforms for mission critical applications.

Outcomes of this step:

• Completed Enterprise Network Roadmap Technology Assessment Tool

Info-Tech Insight

Review your design options with security and compliance in mind. Infrastructure is no longer a standalone entity and now tightly integrates with software-defined networks and security solutions.

Build an assessment in an hour

Learn about the Enterprise Network Roadmap Technology Assessment Tool.

This workbook provides a high-level analysis of a technology’s readiness for adoption based on your organization’s needs.

• The workbook then places the technology on a graph that measures both the readiness and fit for your organization. In addition, it provides warnings for specific issues and lets you know if you have considerable uncertainty in your answers.
• At a glance you can now communicate what you are doing to help the company:
  • Grow
  • Save money
  • Reduce risk
• Regardless of your specific audience, these are important stories to be able to tell.

Build an assessment in an hour

Complete the Enterprise Network Roadmap Technology Assessment Tool.

Dispense with detailed analysis and customizations to present a quick snapshot of the road ahead.

1. Weightings: Adjust the Weighting tab to meet organizational needs. The provided weightings for the overall solution areas are based on a generic firm; individual firms will have different needs.
2. Data Entry: For each category, answer the questions for the technology you are considering. When you have completed the questionnaire, go to the next tab for the results.
3. Results: The Enterprise Network Roadmap Technology Assessment Tool provides a value versus readiness assessment of your chosen technology customized to your organization.

Related Info-Tech Research

Effectively Acquire Infrastructure Services

Acquiring a service is like buying an experience. Don’t confuse the simplicity of buying hardware with buying an experience.

Outsource IT Infrastructure to Improve System Availability, Reliability, and Recovery

There are very few IT infrastructure components you should be housing internally – outsource everything else.

Build Your Infrastructure Roadmap

Move beyond alignment: Put yourself in the driver’s seat for true business value.

Drive Successful Sourcing Outcomes With a Robust RFP Process

Leverage your vendor sourcing process to get better results.

Research Authors

Scott Young, Principal Research Advisor, Info-Tech Research Group

Scott Young is a Director of Infrastructure Research at Info-Tech Research Group. Scott has worked in the technology field for over 17 years, with a strong focus on telecommunications and enterprise infrastructure architecture. He brings extensive practical experience in these areas of specialization, including IP networks, server hardware and OS, storage, and virtualization.

Troy Cheeseman, Practice Lead, Info-Tech Research Group

Troy has over 24 years of experience and has championed large enterprise-wide technology transformation programs, remote/home office collaboration and remote work strategies, BCP, IT DRP, IT operations and expense management programs, international right placement initiatives, and large technology transformation initiatives (M&A). Additionally, he has deep experience working with IT solution providers and technology (cloud) startups.

Bibliography

Ahlgren, Bengt. “Design considerations for a network of information.” ACM Digital Library, 21 Dec. 2008.

Cox Business. “Digital transformation is here. Is your business ready to upgrade your mobile work equation?” BizJournals, 1 April 2022. Accessed April 2022.

Elmore, Ed. “Benefits of integrating security and networking with SASE.” Tech Radar, 1 April 2022. Web.

Greenfield, Dave. “From SD-WAN to SASE: How the WAN Evolution is Progressing.” Cato Networks, 19 May 2020. Web

Korolov, Maria. “What is SASE? A cloud service that marries SD-WAN with security.” Network World, 7 Sept. 2020. Web.

Korzeniowski, Paul, “CASB tools evolve to meet broader set of cloud security needs.” TechTarget, 26 July 2019. Accessed March 2022.

Define the Role of Project Management in Agile and Product-Centric Delivery

Projects and products are not mutually exclusive.

Table of Contents

3 Analyst Perspective

4 Executive Summary

7 Step 1.1: Clarify How You Want to Talk About Projects and Products

13 Step 1.2: Align Project Management and Agility

16 Step 1.3: Specify the Different Activities for Project Management

20 Step 1.4: Identify Key Differences in Funding of Products Instead of Projects

25 Where Do I Go Next?

26 Bibliography

Analyst Perspective

Project management still has an important role to play!

When moving to more product-centric delivery practices, many assume that projects are no longer necessary. That isn’t necessarily the case!

Product delivery can mean different things to different organizations, and in many cases it can involve the need to maintain both projects and project delivery.

Projects are a necessary vehicle in many organizations to drive value delivery, and the activities performed by project managers still need to be done by someone. It is the form and who is involved that will change the most.

Ari Glaizel Practice Lead, Applications Delivery and Management Info-Tech Research Group

Executive Summary

Info-Tech Insight

There is no one-size-fits-all approach to product delivery. For many organizations product delivery requires detailed project management practices, while for others it requires much less. Taking an outcome-first approach when planning your product transformation is critical to make the right decision on the balance between project and product management.

Your evolution of delivery practice is not a binary switch

1. PROJECTS WITH WATERFALL The project manager is accountable for delivery of the project, and the project manager owns resources and scope.
2. PROJECTS WITH AGILE DELIVERY A transitional state where the product owner is accountable for feature delivery and the project manager accountable for the overall project.
3. PRODUCTS WITH AGILE PROJECT AND OPERATIONAL DELIVERY The product owner is accountable for the delivery of the project and products, and the project manager plays a role of facilitator and enabler.
4. PRODUCTS WITH AGILE DELIVERY Delivery of products can happen without necessarily having projects. However, projects could be instantiated to cover major initiatives.

Info-Tech Insight

• Organizations do not need to go to full product and Agile delivery to improve delivery practices! Every organization needs to make its own determination on how far it needs to go. You can do it in one step or take each step and evaluate how well you are delivering against your goals and objectives.
• Many organizations will go to Products With Agile Project and Operational Delivery, and some will go to Products With Agile Delivery.

Activities to undertake as you transition to product-centric delivery

1. PROJECTS WITH WATERFALL
   • Clarify how you want to talk about projects and products. The center of the conversation will start to change.
2. PROJECTS WITH AGILE DELIVERY
   • Align project management and agility. They are not mutually exclusive (but not necessarily always aligned).
3. PRODUCTS WITH AGILE PROJECT AND OPERATIONAL DELIVERY
   • Specify the different activities for project management. As you mature your product practices, project management becomes a facilitator and collaborator.
4. PRODUCTS WITH AGILE DELIVERY
   • Identify key differences in funding. Delivering products instead of projects requires a change in the focus of your funding.

Step 1.1

Clarify How You Want to Talk About Projects and Products

Activities

• 1.1.1 Define “product” and “project” in your context
• 1.1.2 Brainstorm potential changes in the role of projects as you become Agile and product-centric

This step involves the following participants:

• Product owners
• Product managers
• Development team leads
• Portfolio managers
• Business analysts

Outcomes of this step

• An understanding of how the role can change through the evolution from project to more product-centric practices

Definition of terms

Project “A temporary endeavor undertaken to create a unique product, service, or result. The temporary nature of projects indicates a beginning and an end to the project work or a phase of the project work. Projects can stand alone or be part of a program or portfolio.” (PMBOK, PMI)

Product “A tangible solution, tool, or service (physical or digital) that enables the long-term and evolving delivery of value to customers and stakeholders based on business and user requirements.” (Deliver on Your Digital Product Vision, Info-Tech Research Group)

Info-Tech InsightLet these definitions be a guide, not necessarily to be taken verbatim. You need to define these terms in your context based on your particular needs and objectives. The only caveat is to be consistent with your usage of these terms in your organization.

1.1.1 Define “product” and “project” in your context

Output: Your enterprise/organizational definition of products and projects

Participants: Executives, Product/project managers, Applications teams

1. Discuss what “product” and “project” mean in your organization.
2. Create common, enterprise-wide definitions for “product” and “project.”

Agile and product management does not mean projects go away

Projects Within Products

Regardless of whether you recognize yourself as a “product-based” or “project-based” shop, the same basic principles should apply.

You go through a period or periods of project-like development to build or implement a version of an application or product.

You also have parallel services along with your project development that encompass the more product-based view. These may range from basic support and maintenance to full-fledged strategy teams or services like sales and marketing.

Info-Tech Note

As your product transformation continues, projects can become optional and needed only as part of your organization’s overall delivery processes

Identify the differences between a project-centric and a product-centric organization

Info-Tech Insight

Product delivery requires significant shifts in the way you complete development and implementation work and deliver value to your users. Make the changes that support improving end-user value and enterprise alignment.

1.1.2 Brainstorm potential changes in the role of projects as you become Agile and product-centric

5-10 minutes

Output: Increased appreciation of the relationship between project and product delivery

Participants: Executives, Product/project managers, Applications teams

• Discuss as a group:
  • What stands out in the evolution from project to product?
  • What concerns do you have with the change?
  • What will remain the same?
  • Which changes feel the most impactful?
  

Step 1.2

Align Project Management and Agility

Activities

• 1.2.1 Explore gaps in Agile/product-centric delivery of projects

This step involves the following participants:

• Executives
• Product/Project managers
• Applications teams

Outcomes of this step

• A clearer view of how agility can be introduced into projects.

Challenges with the project management role in Agile and product-centric organizations

Many project managers feel left out in the cold. That should not be the case!

In product-centric, Agile teams, many roles that a project manager previously performed are now taken care of to different degrees by the product owner, delivery team, and process manager.

The overall change alters the role of project management from one that orchestrates all activities to one that supports, monitors, and escalates.

Product Owner

• Defines the “what” and heavily involved in the “when” and the “why”
• Accountable for delivery of value

Delivery team members

• Define the “how”
• Accountable for building and delivering high-quality deliverables
• Can include roles like user experience, interaction design, business analysis, architecture

Process Manager

• Facilitates the other teams to ensure valuable delivery
• Can potentially, in a Scrum environment, play the scrum master role, which involves leading scrums, retrospectives, and sprint reviews and working to resolve team issues and impediments
• Evolves into more of a facilitator and communicator role

1.2.1 Explore gaps in Agile/ product-centric delivery of projects

5-10 minutes

Output: An assessment of what is in the way to effectively deliver on Agile and product-focused projects

Participants: Executives, Product/project managers, Applications teams

• Discuss as a group:
  • What project management activities do you see in Agile/product roles?
  • What gaps do you see?
  • How can project management help Agile/product teams be successful?

Step 1.3

Specify the Different Activities for Project Management

Activities

• 1.3.1 Articulate the changes in a project manager’s role

This step involves the following participants:

• Executives
• Product/Project managers
• Applications teams

Outcomes of this step

• An understanding of the role of project management in an Agile and product context

Kicking off the project

Product-centric delivery still requires key activities to successfully deliver value. Where project managers get their information from does change.

Project Charter Project managers should still define a charter and capture the vision and scope. The vision and high-level scope is primarily defined by the product owner. Key Stakeholders and Communication Clearly defining stakeholders and communication needs is still important. However, they are defined based on significant input and cues by the product owner. Standardizing on Tools and Processes To ensure consistency across projects, project managers will want to align tools to how the team manages their backlog and workflow. This will smooth communication about status with stakeholders.

Info-Tech Insight

1. Product management plays a similar role to the one that was traditionally filled by the project sponsor except for a personal accountability to the product beyond the life of the project.
2. When fully transitioned to product-centric delivery, these activities could be replaced by a product canvas. See Deliver on Your Digital Product Vision for more information.

During the project: Three key activities

The role of project management evolves from a position of ownership to a position of communication, collaboration, and coordination.

Support Communicate Agile/product team needs to leadership Liaise and co-ordinate for non-Agile/product-focused parts of the organization Coach members of the team Monitoring Regular status updates to PMO still required Metrics aligned with Agile/product practices Leverage similar tooling and approaches to what is done locally on Agile/product teams (if possible) Escalation Still a key escalation point for roadblocks that go outside the product teams Collaborate closely with Agile/product team leadership and scrum masters (if applicable)

1.3.1: Articulate the changes in a project manager’s role

5-10 minutes

Output: Current understanding of the role of project management in Agile/product delivery

Participants: Executives, Product/project managers, Applications teams

Why is this important?

Project managers still have a role to play in Agile projects and products. Agreeing to what they should be doing is critical to successfully moving to a product-centric approach to delivery.

• Review how Info-Tech views the role of project management at project initiation and during the project.
• Review the state of your Agile and product transformation, paying special attention to who performs which roles.
• Discuss as a group:
  • What are the current activities of project managers in your organization?
  • Based on how you see delivery practices evolving, what do you see as the new role of project managers when it comes to Agile-centric and product-centric delivery.

Step 1.4

Identify Key Differences in Funding of Products Instead of Projects

Activities

• 1.4.1 Discuss traditional versus product-centric funding methods

This step involves the following participants:

• Executives
• Product owners
• Product managers
• Project managers
• Delivery managers

Outcomes of this step

• Identified differences in funding of products instead of projects

Planning and budgeting for products and families

Reward for delivering outcomes, not features

Autonomy Fund what delivers value Fund long-lived delivery of value through products (not projects). Give autonomy to the team to decide exactly what to build.

Flexibility Allocate iteratively Allocate to a pool based on higher-level business case. Provide funds in smaller amounts to different product teams and initiatives based on need.

Accountability Measure and adjust Product teams define metrics that contribute to given outcomes. Track progress and allocate more (or less) funds as appropriate.

Info-Tech Insight Changes to funding require changes to product and Agile practices to ensure product ownership and accountability.

(Adapted from Bain & Company)

Budgeting approaches must evolve as you mature your product operating environment

Info-Tech Insight

As you evolve your approach to product delivery, you will be decoupling the expected benefits, forecast, and budget. Managing them independently will improve your ability adapt to change and drive the right outcomes!

1.4.1 Discuss traditional versus product-centric funding methods

Output: Understanding of funding principles and challenges

Participants: Executives, Product owners, Product managers, Project managers, Delivery managers

1. Discuss how projects are currently funded.
2. Review how the Agile/product funding models differ from how you currently operate.
3. What changes do you need to consider to support a product delivery model?
4. For each change, identify the key stakeholders and list at least one action to take.

Case Study

Global Digital Financial Services Company This financial services company looked to drive better results by adopting more product-centric practices. Its projects exhibited: High complexity/strong dependencies between components High implementation effort High clarification/reconciliation (more than two departments involved) Multiple methodologies (Agile/Waterfall/Hybrid) The team recognized they could not get rid of projects entirely, but getting to a level where there was a coordinated delivery between projects and products being implemented is important. Results Moving several initiatives to more product-centric practices allowed for: Delivery within current assigned capacity Limited need for coordination across departments Lower complexity A unified Agile approach to delivery Through balancing the needs of projects and products, there were three key insights about the project management’s role: The role of project management changes depending on the context of the work. There is no one-size-fits-all definition. Project management played a much bigger role when work spanned multiple products and business units. Project management was used as a key coordinator when delivery became complicated and multilayered.

Where Do I Go Next?

Bibliography

Cobb, Chuck. “Are there Project Managers in Agile?” High Impact Project Management, n.d. Web.

Cohn, Mike. “What Is a Product?” Mountain Goat Software, 6 Sept. 2016. Web.

Cobb, Chuck. “Agile Project Manager Job Description.” High Impact Project Management, n.d. Web.

“How do you define a product?” Scrum.org, 4 April 2017. Web.

Johnson, Darren, et al. “How to Plan and Budget for Agile at Scale.” Bain & Company, 8 Oct. 2019. Web.

“Product Definition.” SlideShare, uploaded by Mark Curphey, 25 Feb. 2007. Web.

Project Management Institute. A Guide to the Project Management Body of Knowledge (PMBOK Guide). 7th ed., Project Management Institute, 2021.

Schuurman, Robbin. “Scrum Master vs Project Manager – An Overview of the Differences.” Scrum.org, 11 Feb 2020. Web.

Schuurman, Robbin. “Product Owner vs Project Manager.” Scrum.org, 12 March 2020. Web.

Vlaanderen, Kevin. “Towards Agile Product and Portfolio Management.” Academia.edu, 2010. Web.

“What is a Developer in Scrum?” Scrum.org, n.d. Web.

“What is a Scrum Master?” Scrum.org, n.d. Web.

“What is a Product Owner?” Scrum.org, n.d. Web.

Identify and Manage Strategic Risk Impacts on Your Organization

The world is in a perpetual state of change. Organizations need to build adaptive resiliency into their strategic plans to adjust to ever-changing market dynamics.

Analyst perspective

Organizations need to build flexible resiliency into their strategic plans to be able to adjust to ever-changing market dynamics.

Like most people, organizations are poor at assessing the likelihood of risk. If the past few years have taught us anything, it is that the probability of a risk occurring is far more flexible in the formula Risk = Likelihood * Impact than we ever thought possible. The impacts of these risks have been catastrophic, and organizations need to be more adaptive in managing them to strengthen their strategic plans.

Frank Sewell,
Research Director, Vendor Management
Info-Tech Research Group

Executive Summary

Your Challenge

Moreso than any other time, our world is changing. As a result, organizations – and their vendors – need to be able to adapt their strategic plans to accommodate risk on an unprecedented level.

A new global change will impact your organizational strategy at any given time. So, make sure your plans are flexible enough to manage the inevitable consequences.

Common Obstacles

Identifying and managing a vendor’s potential strategic impact on your organization requires multiple people in the organization across several functions. Those people all need coaching on the potential changes in the market and how these changes affect strategic plans.

Organizational leadership is often taken unaware during crises, and their plans lack the flexibility needed to adjust to significant market upheavals.

Info-Tech’s Approach

Vendor management practices educate organizations on the different potential risks to vendors in your market and suggest creative and alternative ways to avoid and help manage them.

Prioritize and classify your vendors with quantifiable, standardized rankings.

Prioritize focus on your high-risk vendors.

Standardize your processes for identifying and monitoring vendor risks to manage potential impacts on your strategic plan with our Strategic Impacts Tool.

Info-Tech Insight

Organizations must evolve their strategic risk assessments to be more adaptive to respond to global changes in the market. Ongoing monitoring of the market and the vendors tied to company strategies is imperative to achieving success.

Info-Tech’s multi-blueprint series on vendor risk assessment

There are many individual components of vendor risk beyond cybersecurity.

This series will focus on the individual components of vendor risk and how vendor management practices can facilitate organizations’ understanding of those risks.

Out of Scope:

This series will not tackle risk governance, determining overall risk tolerance and appetite, or quantifying inherent risk.

Strategic risk impacts

Potential losses to the organization due to risks to the strategic plan

• In this blueprint, we’ll explore strategic risks (risks to the Strategic Plans of the organization) and their impacts.
• Identify potentially disruptive events to assess the overall impact on organizations and implement adaptive measures to correct strategic plans.

The world is constantly changing

The IT market is constantly reacting to global influences. By anticipating changes, leaders can set expectations and work with their vendors to accommodate them.

When the unexpected happens, being able to adapt quickly to new priorities ensures continued long-term business success.

Below are some things no one expected to happen in the last few years:

62%

of IT professionals are more concerned about being a victim of ransomware than they were a year ago.

82%

of Microsoft’s non-essential employees shifted to working from home in 2020, joining the 18% already remote.

89%

of organizations invested in web conferencing technology to facilitate collaboration.

Source: Info-Tech Tech Trends Survey 2022

Strategic risks on a global scale

Odds are at least one of these is currently affecting your strategic plans

• Vendor Acquisitions
• Global Pandemic
• Global Shortages
• Gas Prices
• Poor Vendor Performance
• Travel Bans
• War
• Natural Disasters
• Supply Chain Disruptions
• Security Incidents

Make sure you have the right people at the table to identify and plan to manage impacts.

Identify & manage strategic risks

Global Pandemic

Very few people could have predicted that a global pandemic would interrupt business on the scale experienced today. Organizations should look at their lessons learned and incorporate adaptable preparations into their strategic planning moving forward.

Vendor Acquisitions

The IT market is an ever-shifting environment. Larger companies often gobble up smaller ones to control their sectors. Incorporating plans to manage those shifts in ownership will be key to many strategic plans that depend on niche vendor solutions for success. Be sure to monitor the potentially affected markets on an ongoing cadence.

Global Shortages

Organizations need to accept that shortages will recur periodically and that preparing for them will significantly increase the success potential of long-term strategic plans. Understand what your business needs to stock for project needs and where those supplies are located, and plan how to rapidly access and distribute them as required if supply chain disruptions occur.

What to look for in vendors

Identify strategic risk impacts

• A vendor acquires many smaller, seemingly irrelevant IT products. Suddenly their revenue model includes aggressive license compliance audits.
  • Ensure that your installed software meets license compliance requirements with good asset management practices.
  • Monitor the market for such acquisitions or news of audits hitting companies.
• A vendor changes their primary business model from storage and hardware to becoming a self-proclaimed “professional services guru,” relying almost entirely on their name recognition to build their marketing.
  • Be wary of self-proclaimed experts and review their successes and failures with other organizations before adopting them into your business strategy.
  • Review the backgrounds their “experts” have and make sure they have the industry and technical skill sets to perform the services to the required level.

Not preparing for your growth can delay your goals

Why can’t I get a new laptop?

For example:

• An IT professional services organization plans to take advantage of the growing work-from-home trend to expand its staff by 30% over the coming year.
• Logically, this should include a review of the necessary tasks involved, including onboarding.
  • Suppose the company does not order enough equipment in preparation to cover the new staff plus routine replacement. In that case, this will delay the output of the new team members immeasurably as they wait for their company equipment and will delay existing staff whose equipment breaks, preventing them from getting back to work efficiently.

Sometimes an organization has the right mindset to take advantage of the changes in the market but can fail to plan for the particulars.

When your strategic plan changes, you need to revisit all the steps in the processes to ensure a successful outcome.

Strategic risks

Poor or uninformed business decisions can lead to organizational strategic failures

• Supply chain disruptions and global shortages
  • Geopolitical disruptions and natural disasters have caused unprecedented interruptions to business. Incorporate forecasting of product and ongoing business continuity planning into your strategic plans to adapt as events unfold.
• Poor vendor performance
  • Consider the impact of a vendor that fails to perform midway through the implementation. Organizations need to be able to manage the impact of replacing that vendor and cutting their losses rather than continuing to throw good money away after bad performance.
• Vendor acquisitions
  • A lot of acquisition is going on in the market today. Large companies are buying competitors and either imposing new terms on customers or removing the competing products from the market. Prepare options for any strategy tied to a niche product.

It is important to identify potential risks to strategic plans to manage the risk and be agile enough in planning to adapt to the changing environments.

Info-Tech Insight
Few organizations are good at identifying risks to their strategic plan. As a result, almost none realistically plan to monitor, manage, and adapt their strategies to those risks.

Prepare your strategic risk management for success

Due diligence will enable successful outcomes

1. Obtain top-level buy-in; it is critical to success.
2. Build enterprise risk management (ERM) through incremental improvement.
3. Focus initial efforts on the “big wins” to prove the process works.
4. Use existing resources.
5. Build on any risk management activities that already exist in the organization.
6. Socialize ERM throughout the organization to gain additional buy‑in.
7. Normalize the process long term with ongoing updates and continuing education for the organization.

(Adapted from COSO)

How to assess strategic risk

1. Review Organizational Strategy
   Understand the organizational strategy to prepare for the “What If” game exercise.
2. Identify & Understand Potential Strategic Risks
   Play the “What If” game with the right people at the table.
3. Create a Risk Profile Packet for Leadership
   Pull all the information together in a presentation document.
4. Validate the Risks
   Work with leadership to ensure that the proposed risks are in line with their thoughts.
5. Plan to Manage the Risks
   Lower the overall risk potential by putting mitigations in place.
6. Communicate the Plan
   It is important not only to have a plan but also to socialize it in the organization for awareness.
7. Enact the Plan
   Once the plan is finalized and socialized, put it in place with continued monitoring for success.
   

Insight summary

Insight 1

Organizations build portions of their strategies around chosen vendors and should protect those plans against the risks of unforeseen acquisitions in the market.
Is your vendor solvent? Does it have enough staff to accommodate your needs? Has its long-term planning been affected by changes in the market? Is it unique in its space?

Insight 2

Organizations’ strategic plans need to be adaptable to avoid vendors’ negative actions causing an expedited shift in priorities.
For example, Philip's recall of ventilators impacted its products and the availability of its competitor’s products as demand overwhelmed the market.

Insight 3

Organizations need to become better at risk assessment and actively manage the identified risks to their strategic plans.
Few organizations are good at identifying risks to their strategic plan. As a result, almost none realistically plan to monitor, manage, and adapt their strategies to those risks.

Strategic risk impacts are often unanticipated, causing unforeseen downstream effects. Anticipating the potential changes in the global IT market and continuously monitoring vendors’ risk levels can help organizations modify their strategic alignment with the new norms.

Identifying strategic risk

Who should be included in the discussion

• While it is true that executive-level leadership defines the strategy for an organization, it is vital for those making decisions to make informed decisions.
• Getting input from operational experts at your organization will enhance the long-term potential for success of your strategies.
• Involving those who directly manage vendors and understand the market will aid operational experts in determining the forward path for relationships with your current vendors and identifying new emerging potential strategic partners.

Review your strategic plans for new risks and evolving likelihood on a regular basis.

Keep in mind Risk = Likelihood x Impact (R=L*I).

Impact (I) tends to remain the same, while Likelihood (L) is a very flexible variable.

See the blueprint Build an IT Risk Management Program

Managing strategic risk impacts

What can we realistically do about the risks?

• Review business continuity plans and disaster recovery testing.
• Institute proper contract lifecycle management.
• Re-evaluate corporate policies frequently.
• Develop IT governance and change control.
• Ensure strategic alignment in contracts.
• Introduce continual risk assessment to monitor the relevant vendor markets.
  • Regularly review your strategic plans for new risks and evolving likelihood.
  • Risk = Likelihood x Impact (R=L*I)
    • Impact (I) tends to remain the same and be well understood, while Likelihood (L) turns out to be highly variable.
• Be adaptable and allow for innovations that arise from the current needs.
  • Capture lessons learned from prior incidents to improve over time, and adjust your strategy based on the lessons.

Organizations need to be reviewing their strategic risk plans considering the likelihood of incidents in the global market.

Pandemics, extreme weather, and wars that affect global supply chains are a current reality, not unlikely scenarios.

Ongoing Improvement

Incorporating lessons learned

• Over time, despite everyone’s best observations and plans, incidents will catch us off guard.
• When it happens, follow your incident response plans and act accordingly.
• An essential step is to document what worked and what did not – collectively known as the “lessons learned.”
• Use the lessons learned document to devise, incorporate, and enact a better risk management process.

Sometimes disasters occur despite our best plans to manage them.

When this happens, it is important to document the lessons learned and improve our plans going forward.

The “what if” game

1-3 hours

Vendor management professionals are in an excellent position to help senior leadership identify and pull together resources across the organization to determine potential risks. By playing the "what if" game and asking probing questions to draw out – or eliminate – possible adverse outcomes, everyone involved adds their insight into parts of the organization to gather a comprehensive picture of potential impacts.

1. Break into smaller groups (or if too small, continue as a single group).
2. Use the Strategic Risk Impact Tool to prompt discussion on potential risks. Keep this discussion flowing organically to explore all potentials but manage the overall process to keep the discussion pertinent and on track.
3. Collect the outputs and ask the subject matter experts (SMEs) for management options for each one in order to present a comprehensive risk strategy. You will use this to educate senior leadership so that they can make an informed decision to accept or reject the solution.

Download the Strategic Risk Impact Tool

Case Study

Airline Industry Strategic Adaptation

Industry: Airline

Impact categories: Pandemic, Lockdowns, Travel Bans, Increased Fuel Prices

• In 2019 the airline industry yielded record profits of $35.5 billion.
• In 2020 the pandemic devastated the industry with losses around $371 billion.
• The industry leaders engaged experts to conduct a study on how the pandemic impacted them and propose measures to ensure the survival of their industry in the future after the pandemic.
• They determined that “[p]recise decision-making based on data analytics is essential and crucial for an effective Covid-19 airline recovery plan.”

Results

The pandemic prompted systemic change to the overall strategic planning of the airline industry.

Summary

Be vigilant and adaptable to change

• Organizations need to learn how to assess the likelihood of potential risks in the changing global world.
• Those organizations that incorporate adaptive risk management processes can prepare their strategic plans for greater success.
• Bring the right people to the table to outline potential risks in the market.
• Socialize the risk management process throughout the organization to heighten awareness and enable employees to help protect the strategic plan.
• Incorporate lessons learned from incidents into your risk management process to build better plans for future issues.

Organizations must evolve their strategic risk assessments to be more adaptive to respond to global changes in the market.

Ongoing monitoring of the market and the vendors tied to company strategies is imperative to achieving success.

Related Info-Tech Research

Identify and Manage Financial Risk Impacts on Your Organization

• Vendor management practices educate organizations on the different potential financial impacts that vendors may incur and suggest systems to help manage them.
• Prioritize and classify your vendors with quantifiable, standardized rankings.
• Prioritize focus on your high-risk vendors.
• Standardize your processes for identifying and monitoring vendor risks to manage financial impacts with our Financial Risk Impact Tool.

Identify and Reduce Agile Contract Risk

• Customer maturity levels with Agile are low, with 67% of organizations using Agile for less than five years.
• Customer competency levels with Agile are also low, with 84% of organizations stating they are below a high level of competency.
• Contract disputes are the number one or two types of disputes faced by organizations across all industries.

Build an IT Risk Management Program

• Transform your ad hoc IT risk management processes into a formalized, ongoing program, and increase risk management success.
• Take a proactive stance against IT threats and vulnerabilities by identifying and assessing IT’s greatest risks before they occur.
• Involve key stakeholders including the business senior management team to gain buy-in and to focus on IT risks most critical to the organization.

Bibliography

Olaganathan, Rajee. “Impact of COVID-19 on airline industry and strategic plan for its recovery with special reference to data analytics technology.” Global Journal of Engineering and Technology Advances, vol 7, no 1, 2021, pp. 033-046.

Tonello, Matteo. “Strategic Risk Management: A Primer for Directors.” Harvard Law School Forum on Corporate Governance, 23 Aug. 2012.

Frigo, Mark L., and Richard J. Anderson. “Embracing Enterprise Risk Management: Practical Approaches for Getting Started.” COSO, 2011.

Research Contributors and Experts

• Frank Sewell
  Research Director, Info-Tech Research Group
• Steven Jeffery
  Principal Research Director, Info-Tech Research Group
• Scott Bickley
  Practice Lead, Info-Tech Research Group
• Donna Glidden
  Research Director, Info-Tech Research Group
• Phil Bode
  Principal Research Director, Info-Tech Research Group
• David Espinosa
  Senior Director, Executive Services, Info-Tech Research Group
• Rick Pittman
  Vice President, Research, Info-Tech Research Group
• Patrick Philpot
  CISSP
• Gaylon Stockman
  Vice President, Information Security
• Jennifer Smith
  Senior Director